| m9f8v3xdj4.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b | 104.26.8.177 | | 8.9 kB |
URL m9f8v3xdj4.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b IP104.26.8.177:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5374) Hash18fbd8dc11f7dccb0e663720b2c95561 78c494783eb04ac7bdfb9f64b3df8a87f0210b9a 18b4aaf5b1fe1c66b61bce789783d368f6aa8b5e53e381c7defbf8b2d527ec0e
GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: m9f8v3xdj4.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7xwyjtnyn4.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BVBWoct5ngaBh1KyclB4MfVSHuTZw0V7znTgh725lZvr%2FtRa6UlQsCZSRfhRIbafLa%2FiFwfCsDkIzO6UVEeZTQOn6snrA6fFmgNeR70zkIYVgSg%2FYNTVCGONczjEFAK2GC5ZKhFs3d9JZ1pZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f800e3a56be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7xwyjtnyn4.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest | 139.45.197.251 | | 0 B |
URL ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7xwyjtnyn4.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7xwyjtnyn4.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://7xwyjtnyn4.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://7xwyjtnyn4.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:15 GMT
content-length: 0
x-trace-id: b64168310d25a33b63dbf5f643666fa4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://7xwyjtnyn4.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js | 104.26.8.177 | 200 OK | 10 kB |
URL GET HTTP/2facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js IP104.26.8.177:443
Requested byhttps://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b CertificateIssuerGoogle Trust Services LLC Subjectfacevideosc.com FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (26779), with no line terminators Hashf0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e
GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m9f8v3xdj4.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ZPm5J5Yso%2FUsT89OXXdDp74yqKSJCJRKy1BbMs3LRQdohKmXhlwaScY9bXdQy7E%2FtqDC9tImr3N9p5w9vg5oYqZWBpce1ccZSW35UPziqSxvsoWgxsyISGB6Eh6l6ORfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f80efb556be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| d3utd4dabk.facevideosc.com/favicon.ico | 104.26.8.177 | | 0 B |
URL d3utd4dabk.facevideosc.com/favicon.ico IP104.26.8.177:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: d3utd4dabk.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d3utd4dabk.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rnseRWpPZsT%2F6510BoN%2FvI32cwa0mUOtbPAY6UNA%2BSXPDjLknPKi%2FHkY0y2DDufBXcd%2FLSS1Lt3LICYuocAZu3dignjZGpa5p6gFNde54UiXpCoeRolsGVioelaqwBr2DukYyfHqng5evcF5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f826a0b56be-OSL
X-Firefox-Spdy: h2
|
|
| ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=d3utd4dabk.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest | 139.45.197.251 | | 0 B |
URL ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=d3utd4dabk.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=d3utd4dabk.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://d3utd4dabk.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://d3utd4dabk.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:15 GMT
content-length: 0
x-trace-id: ec5f1dbff7461a03e1cc4ce0fa3d261c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://d3utd4dabk.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| 943q8x0gm8.facevideosc.com/favicon.ico | 104.26.8.177 | | 0 B |
URL 943q8x0gm8.facevideosc.com/favicon.ico IP104.26.8.177:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 943q8x0gm8.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://943q8x0gm8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AjyL6ris2NtknJ27Blm1DhQQmMPv8bp3HR%2BlR4LaR0fxcPgdr88QAZZMelwBEhJSVg9dmpQSvKE8lN9PN1MVdVuWONne3RhyyKLiIXQXk22bvAit9RgEXIUUz3TwF8nWFTsWHwoYJrZ2BeJI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f83aba056be-OSL
X-Firefox-Spdy: h2
|
|
| ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=943q8x0gm8.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest | 139.45.197.251 | | 0 B |
URL ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=943q8x0gm8.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=943q8x0gm8.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://943q8x0gm8.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://943q8x0gm8.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:15 GMT
content-length: 0
x-trace-id: d7aa569159b7c555df602184aa42d614
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://943q8x0gm8.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| 8a66irut80.facevideosc.com/favicon.ico | 104.26.8.177 | | 0 B |
URL 8a66irut80.facevideosc.com/favicon.ico IP104.26.8.177:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 8a66irut80.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8a66irut80.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x16UKPUslbRCnBj%2BPiullTnrTHoF99D%2B%2Bw2sqXtr7XGmvVVZ7KlpG3LrO9RWr2juyFlTuOaSGv9v3%2Bumowaps26VHfBFaq%2BG8wCZilhse5lJHhKSQLEnsgRvWddNq9blB7HFwHiU2ItEwxRe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f84dd4356be-OSL
X-Firefox-Spdy: h2
|
|
| facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js | 104.26.8.177 | 200 OK | 47 kB |
URL GET HTTP/2facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js IP104.26.8.177:443
Requested byhttps://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b CertificateIssuerGoogle Trust Services LLC Subjectfacevideosc.com FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (26779), with no line terminators Hashf0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e
GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://943q8x0gm8.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hklpL5rPf2dhFkZoZyBEIRlvUMpSCGAul2jH5TNAufD0PWHCB0ciOOhdSuv5KPTaekWi7i98SFwJpP3YaEZxjIjeB0MCOsE9D2waj3tdz5aqtY5UBojaL%2FZP7ashEbSS7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f83dbd956be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=8a66irut80.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest | 139.45.197.251 | | 0 B |
URL ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=8a66irut80.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=8a66irut80.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://8a66irut80.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://8a66irut80.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:15 GMT
content-length: 0
x-trace-id: e03f6376b806e507a1f11f383edc07e0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://8a66irut80.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ni9miyqqow.facevideosc.com/favicon.ico | 104.26.8.177 | | 0 B |
URL ni9miyqqow.facevideosc.com/favicon.ico IP104.26.8.177:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ni9miyqqow.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ni9miyqqow.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8ObsOPeL%2BAbbZXs8ssmKv1GUhoSzYwP8L1kPLyRhAEc3%2BXOpH8La5%2B18gankLjj37k8qZJxaeaYDXsoNASe7xCQr0qPjyzZljfQXikNCUgMff6JSVomJwigz8gBYbvw79zsL1KYgS5VhNrx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f863f9d56be-OSL
X-Firefox-Spdy: h2
|
|
| ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=ni9miyqqow.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest | 139.45.197.251 | | 0 B |
URL ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=ni9miyqqow.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=ni9miyqqow.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ni9miyqqow.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://ni9miyqqow.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:15 GMT
content-length: 0
x-trace-id: f5b2c06787802dfa4576631ea8ea8b34
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ni9miyqqow.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| c9a22wip9s.facevideosc.com/favicon.ico | 104.26.8.177 | | 0 B |
URL c9a22wip9s.facevideosc.com/favicon.ico IP104.26.8.177:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: c9a22wip9s.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c9a22wip9s.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XD7XfFo27AsViUUBufuA%2BxRNdkp4Es6FCFHW%2Bv20ugl0WkD3lZo8WmpG7aD32p7NbWLSBDIn4Vi1ptH0h%2FJla8S0rpuGLq2oQQbS%2B08m339JnWFwsWZFxf7fVV9Fx6zAW28mbezTX7YWdRKf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f87fa9f56be-OSL
X-Firefox-Spdy: h2
|
|
| ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=c9a22wip9s.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest | 139.45.197.251 | | 0 B |
URL ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=c9a22wip9s.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=c9a22wip9s.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c9a22wip9s.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://c9a22wip9s.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:16 GMT
content-length: 0
x-trace-id: 880f57a8fb7de559ab588c072c62d3cb
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://c9a22wip9s.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| kccnd6wm68.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 104.26.8.177 | | 4.4 kB |
URL kccnd6wm68.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP104.26.8.177:0
File typegzip compressed data, from Unix Hashab24451c4b654ab7a5964c5f5cb799b7 dc675c3592a837f762468a2d86491e124947e255 d62954135016327a0d6d632ab125fd89ac02429630ba82b5e6c5ee92d6552bf0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: kccnd6wm68.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kccnd6wm68.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y07zK81DIHc3%2FJ2YJtxrFn2DaRlJ1KhGY712lva8JWNiFy83dHC8FmyRE6MB5SgCi5%2FaLhyQ0FHjxIVQojg84SJV0yvJr1%2BSpIriHypg%2BF3pW%2F4aegC0CudXl%2Bp06vdr%2BeAIDAYZ%2FrDWT5mP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f896da556be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 12:37:16 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 8a66irut80.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b | 104.26.8.177 | | 7.0 kB |
URL 8a66irut80.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b IP104.26.8.177:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5374) Hash810681de42a944042f8204da7b4b72ed f80ee4b5744080433d41909cee15801ce961f193 884b4ddb1331bb2cc5d64595be74b7537b7d0beea4d59afb3c52e560606e83ab
GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: 8a66irut80.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://943q8x0gm8.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2B%2FREC%2F9awlnAQlnO72tgRDFKiJqFbojfX4Cz4vmI%2B11F2EbVI9xtFaa28jMQcimQOpPtLovU61TDu7xXU9yJPFb4ouJELomtkHw%2FSpqXFFno6zOWAZ5mrWg6hB3sgYNO0NYlqhNYnzLwCmN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f842c7056be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ni9miyqqow.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b | 104.26.8.177 | | 21 kB |
URL ni9miyqqow.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b IP104.26.8.177:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5374) Hashb852bfde637944fbf7bd11c605091351 bdc3654d8f05967ecc1a6a0ed8e7403cf6c22f60 913a5212da643419ca56276cf4e587f6d0655a95fcbba2503e6dbec05af9b9eb
GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: ni9miyqqow.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8a66irut80.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=szYVZc22iejNhXEemzLkLXaIaT5RLcVh1rJ8QagoriJgs9zxemSaiA%2BbQ58%2BEYFa53BooW6dtENPoSHQlrVrFUTVlDm7XGO1Bux5vQ8Dz0%2FcF08G3yQVK7mIZ05kd5qS%2Bc0EhB4zwdsjOsK1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f858e6b56be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 943q8x0gm8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b | 104.26.8.177 | | 31 kB |
URL 943q8x0gm8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b IP104.26.8.177:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5374) Hashf2ede6fc7ee179fba6f5fb1c9e98f005 6cca5988121d80b959326cc72a2db41cf710512f 4416eb8eebfb7359278ebf74ac28a9f56f5118ec60c5d7dc3c64f27eb264aecd
GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: 943q8x0gm8.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d3utd4dabk.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vC6EjMXGHwNk5tnkP1ibwJonzj0CRAR8MQWlqhoLL7fgeCLwzXjA9tR5qgzm1uDBPeXlIf1pvrrIm84gaRdZLR%2B0tEUa6nNBtnMEYIess%2FVWyFisPddhwWHaT69VaiZB%2FKpAoO8Hb32XXfZA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f830af056be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| kccnd6wm68.facevideosc.com/favicon.ico | 104.26.8.177 | | 0 B |
URL kccnd6wm68.facevideosc.com/favicon.ico IP104.26.8.177:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: kccnd6wm68.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kccnd6wm68.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6Twt3XQlWReenTLUT05zQbDEROulwZjavK2seJNabqXg2uRQmapCQbOd9BJu5u9L3LlAvSRp1K2d%2BoltH1tPW4ULHC9er65KZdaDl3s%2BiqWw68rE5GCRLrb1ZzkqF2ryedTp7YoEjY4v5k0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f89adfd56be-OSL
X-Firefox-Spdy: h2
|
|
| 943q8x0gm8.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 104.26.8.177 | | 11 kB |
URL 943q8x0gm8.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP104.26.8.177:0
File typegzip compressed data, from Unix Hash02999e86e80a9e3a97ef01106dbef40e 5dd414e3a5f9d1ba86f776152c6ab621a254c13d 05df60ed655df1cae6863d0b37da1126ab26e58b8dbaa530ed06fd2d153719dd
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: 943q8x0gm8.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://943q8x0gm8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ysbhcR2tPxv7LmRoxgmC%2B02XMjdhnLAfilngs4uHUERybaBy97FPA9TB5Z7gO4TJ5MZXULRKrcfLpbYRS1hM%2FJeCVpjMoNJjt182RQOKe4WASXQAWgSQyxk5%2FonWe1%2FnTSMvOWHAWiE7l6xz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f838b8d56be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 12:37:15 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js | 104.26.8.177 | 200 OK | 19 kB |
URL GET HTTP/2facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js IP104.26.8.177:443
Requested byhttps://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b CertificateIssuerGoogle Trust Services LLC Subjectfacevideosc.com FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (26779), with no line terminators Hashf0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e
GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ni9miyqqow.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HZMlwFnAcdD7XHugRyID%2BCV8dxxs7r4JDEO63Mx7koF8A35f%2BTaivCoL0Tn7JpbZapqFy%2FVNZzOL8iN03XlO2VFmiICs0nOtY7epw9eAD1MQ%2Fi%2FvC0F3FZnSZyxZ%2FxX7Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f867ffa56be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 8a66irut80.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 104.26.8.177 | | 9.1 kB |
URL 8a66irut80.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP104.26.8.177:0
File typegzip compressed data, from Unix Hash7f0c6830254cacb4715f227049387dc3 e2dded77a24d654fd90467d3eeec8a37e9a1e607 85a72503b1482f6df39c4cbacfd85b36e21cc93a4c04d5ea5cc382d843b2361f
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: 8a66irut80.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8a66irut80.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m77N%2BD3fUtOt2NnbAUSwDmLx2OEpGwEMJQTUjkexLb8oFHH9K%2FJoXntg93yBMsGfHl8pZWtMGLA9sz3VSaXnipRpj46p1d2lskDo7UR%2BownZqzokV%2BTvLmtdpv%2F%2FRyFLZNFu4k77RH%2BCDbnG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f84ad0656be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 12:37:15 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js | 104.26.8.177 | 200 OK | 10 kB |
URL GET HTTP/2facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js IP104.26.8.177:443
Requested byhttps://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b CertificateIssuerGoogle Trust Services LLC Subjectfacevideosc.com FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (26779), with no line terminators Hashf0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e
GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kccnd6wm68.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82374
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TDaiO48JMeSKXF7odbUhXrtK5r7xQuyurAZK9l0FyTvDquPvppRoeYKWoJyQG6f6QCJCI8eEhLmNLe1x%2B22cFQjHddNCPj9%2BLjpMZkZSnI7qyce7VBIAc%2ByZtivtrp6VsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f89fe9456be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| phc0tywd68.facevideosc.com/favicon.ico | 104.26.8.177 | | 0 B |
URL phc0tywd68.facevideosc.com/favicon.ico IP104.26.8.177:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: phc0tywd68.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://phc0tywd68.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Yb51WZtpc43SjVHv4aK1rFQK%2F4OQWNZbv9ksAWSUxPFe2lDYv46IvK6Zs7hMyASSmVIwmbSlH18Unvsh%2FIQ5%2FRtMc39JUERAr5A9IdFrkZaO%2BYwXtrzJgcCKgZN8Xbjne93%2Bw%2FRD0n0JchK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f8b289456be-OSL
X-Firefox-Spdy: h2
|
|
| ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=phc0tywd68.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest | 139.45.197.251 | | 0 B |
URL ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=phc0tywd68.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=phc0tywd68.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://phc0tywd68.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://phc0tywd68.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:16 GMT
content-length: 0
x-trace-id: f2fab0964cf5cd1d73977520af5282da
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://phc0tywd68.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| c9a22wip9s.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b | 104.26.8.177 | | 10 kB |
URL c9a22wip9s.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b IP104.26.8.177:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5374) Hash8804c6bb59a457fb32f934323bcc06b6 36c4e12a8caa02a926d3e0dd665b5ad8df87338b 9ebf443676cb56c2567331646b6c41846a4278ff51a5f58da9004c1e27a17001
GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: c9a22wip9s.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ni9miyqqow.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qzHFukuo2AkTLB09JE4oNi29qHQOWYhXAKDSKKyQDiyOkfFSMshgpMNGGmSZSB1wEIRYUXa2cIvvNTsuiAZ8fpxbqFIukukh4LX10Gutelzpk3Yp5KFgD3akwwYxMdB2wFyLTX%2Frg4RbbuGC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f86f8e956be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js | 104.26.8.177 | 200 OK | 10 kB |
URL GET HTTP/2facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js IP104.26.8.177:443
Requested byhttps://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b CertificateIssuerGoogle Trust Services LLC Subjectfacevideosc.com FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (26779), with no line terminators Hashf0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e
GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5ogrqr0hao.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82374
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nly0UlfXMdHuBLy%2F1Evv%2FAToyEe3owm%2FLoUapGQUX5nc3kVKANEZkeIlPRDGIqBvZiYU1YAtVAqplIRkgXoOXp21RYMg1XwlGpJfCDUaC1Zmr5JK82f%2BzOn9eUmiKq%2BDrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f8caab556be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7qo7rv4ns0.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest | 139.45.197.251 | | 0 B |
URL ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7qo7rv4ns0.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7qo7rv4ns0.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://7qo7rv4ns0.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://7qo7rv4ns0.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:17 GMT
content-length: 0
x-trace-id: 3af117a8bb9be52b2f2e74d7468abc4a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://7qo7rv4ns0.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| 48ykdiguy8.facevideosc.com/favicon.ico | 104.26.8.177 | | 0 B |
URL 48ykdiguy8.facevideosc.com/favicon.ico IP104.26.8.177:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 48ykdiguy8.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://48ykdiguy8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:17 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ex31MdYyB%2FwaXc2YqMTLBPby2eLWZOTlgy6r5dP6Z6rxkUp1fCDVlbkSSQWdg5%2BsDGOrI8FkwI4M84Z2NiLUCrPX8d6jnTIr0NbR%2BNoL8Klz46jVR2%2FG4ZzdWRcYLVtd2m1srhxORweNPcZh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f8f1e0956be-OSL
X-Firefox-Spdy: h2
|
|
| facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js | 104.26.8.177 | 200 OK | 10 kB |
URL GET HTTP/2facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js IP104.26.8.177:443
Requested byhttps://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b CertificateIssuerGoogle Trust Services LLC Subjectfacevideosc.com FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (26779), with no line terminators Hashf0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e
GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7qo7rv4ns0.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82375
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=khgQuq1HSDioPPr3BlrLA1RhXFT2Q2YgTiqtlLMWDvYLiZuNfnaSMb5%2Fnf43UNZtvewmJMvFzDZeB1CUxQyDc8YEv70u3ZiiyHQm5eTrHZ8ViqsM4wN%2BGx0JDIoFqnOdNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f8dfca456be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mn0lds1te8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b | 104.26.8.177 | | 10 kB |
URL mn0lds1te8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b IP104.26.8.177:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5374) Hashbaeab445a0fe825303e8773e81888056 3654ca2c407d452fafe4f8526124ed9ff0847273 9b301ecc38a2fcd20c8e00dc65b995e23e1d50d966d219b54aee2a0123e54a63
GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: mn0lds1te8.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://48ykdiguy8.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M8g9l3tfveIPUZw8KYxJeq4SN1Lyhp2Sr3D3AKf9e9gcPivcTrAbDtF9%2F15o2xLmkkfy1Ow16dBLdvWqu%2BpZOUj4zCodjazhi5lyr8QHKgRdrdzWbEfORpTYRgLRnkswCDnaM0RvSwqmErp%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f8fbed156be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=mn0lds1te8.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest | 139.45.197.251 | | 0 B |
URL ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=mn0lds1te8.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=mn0lds1te8.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mn0lds1te8.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://mn0lds1te8.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:17 GMT
content-length: 0
x-trace-id: bf452b3f2c91dffd0766a817687f1395
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://mn0lds1te8.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| 48ykdiguy8.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 104.26.8.177 | | 3.9 kB |
URL 48ykdiguy8.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP104.26.8.177:0
File typeJavaScript source, ASCII text, with very long lines (12331) Hash88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: 48ykdiguy8.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://48ykdiguy8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:17 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUTfIu4h9zcMTJfuBgEzVzDyffrcfvheX2jN2d8Ic384ff%2BkUIgVPw1Y7%2Fyo2D2Buh53q%2BEYtBLWpJtxAhFQB8wdRgNQeXWchTdYCYr4cs5tDoj3WIAWI5Y9lTFeZUYQ2lWypa3VjNvbsPwd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f8f0ded56be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 12:37:17 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| phc0tywd68.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b | 104.26.8.177 | | 27 kB |
URL phc0tywd68.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b IP104.26.8.177:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5374) Hash382f8fb376113eea690f86caa18e5d4d c3809d4b07ff0c3403062676597c2e924a3c8058 0cc305ccaab4b56e9d08302166e82d2ac8404f1e62af39080068d9948a756465
GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: phc0tywd68.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kccnd6wm68.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=27cSzN9uG%2BWV7JI9LngtUxuvTeeP3O4OhJvXDYc1hk6XOOT10hCZEfwXHvVDzfqVL4tgvLQdYnxwtne2Ry6YVSIBHS%2F3nxDa6g4lk31A%2BdjX6dBEeJtTRV1MLFeu4kKRbG0Stk9ziA%2FT2Ob9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f8a8f5156be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js | 104.26.8.177 | 200 OK | 10 kB |
URL GET HTTP/2facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js IP104.26.8.177:443
Requested byhttps://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b CertificateIssuerGoogle Trust Services LLC Subjectfacevideosc.com FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (26779), with no line terminators Hashf0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e
GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d3utd4dabk.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BLzXqHK%2Bljm565xQTz6k%2BQe2IogaX%2FrVO28lNLeP8KbKyHOFYggHcVuvavs3FJOaHZvBH11NmqkA6oJvTIlY%2BmfALSG28zgD96VzpgUHRaP9mblDmRLQ%2BU2SE2CWvEMWPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f828a2b56be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 6tw8sn8i7k.facevideosc.com/favicon.ico | 104.26.8.177 | | 0 B |
URL 6tw8sn8i7k.facevideosc.com/favicon.ico IP104.26.8.177:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 6tw8sn8i7k.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6tw8sn8i7k.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:18 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VEDyLRTXLIjdMSgeaoGhfW4GjRrERFUcDpGj%2FiUpuO%2BADzsLRICkHTyMy0W%2BmsHa%2FDd3EFTcfgjjzmfsXrrdVKKPKk1EB2o%2FX%2FFD0Ixlv%2B4rR4Jh7Xn75SdwNPNOrUQOZgy6U92CP7Trv3h3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f949e4c56be-OSL
X-Firefox-Spdy: h2
|
|
| ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6tw8sn8i7k.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest | 139.45.197.251 | | 0 B |
URL ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6tw8sn8i7k.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6tw8sn8i7k.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://6tw8sn8i7k.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://6tw8sn8i7k.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:18 GMT
content-length: 0
x-trace-id: 231c4c8094aad73c00dc01a09188588a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://6tw8sn8i7k.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| 6tw8sn8i7k.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 104.26.8.177 | | 10 kB |
URL 6tw8sn8i7k.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP104.26.8.177:0
File typegzip compressed data, from Unix Hash934a5b9c5b461c2ea7804ab5c6c3e16d 3e1d2a9bcafae8530a96626b631485363b97b9c3 634efedb1ca0589fbdf1afb8489879e782095b6132b79f19f77715a8722cae5b
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: 6tw8sn8i7k.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6tw8sn8i7k.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:18 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pr%2FnBYhtlfpiZ5Sf%2FFJICqPM%2BBnsZppuyrmBCfSTfLP8%2BI%2B%2BwoMmQxVDqcquj9X2U%2FS2wY2bANyKvgUqDModOVnGqzjmSTU0kQTH%2BexjYbhvyizl%2FiY%2FXU8anSpdmG3HK%2BKiZ0hpOx1sUTi5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f947e2556be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 12:37:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 7qo7rv4ns0.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b | 104.26.8.177 | | 6.5 kB |
URL 7qo7rv4ns0.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b IP104.26.8.177:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5374) Hash1e2963d6027cef4e489ecd0b0caa2a6d 507021caf42e8f534fcb0548cceb51d811f04763 b60060e210b24d115cb7cb2b1b5a95607998b9baac6e0dd75f19bcd5487455fa
GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: 7qo7rv4ns0.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5ogrqr0hao.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYOBFAAPzu%2Fqe5RvLxlyEnO9Vwt%2FZ6YOz33M5jKTGOnXLnt76gfIqG8V9wntlDns5vwL0WKUWLZNu8DHfgdf%2BbqmpvlBDF3lQoXrwb4OpHdpJofaGSAidvJVF0ZN4Kxw5%2B8p7l0t5Qro6VUA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f8d3b8d56be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js | 104.26.8.177 | 200 OK | 29 kB |
URL GET HTTP/2facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js IP104.26.8.177:443
Requested byhttps://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b CertificateIssuerGoogle Trust Services LLC Subjectfacevideosc.com FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (26779), with no line terminators Hashf0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e
GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mn0lds1te8.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82375
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4OxviI2t6Hl4EvwjfpmE2gkwXlAP3epcWHTiThQHcaKTWqsf0fuSQCuMamC5kq8Zz0lyb%2FRp5upwPS5yodTkbm7P%2BmoqmU%2Fe2VF7xNGiafmCWE3OOaFA7HWFYQikrP2hHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f90981a56be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| d3utd4dabk.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 104.26.8.177 | | 14 kB |
URL d3utd4dabk.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP104.26.8.177:0
File typegzip compressed data, from Unix Hash63b84c410d289e207babd22dcaa5ac17 75d4ea86af9d0722eaafa06e9352054cf6ca52cb 3ee82ae5261ce00fddbb16110bb30bc827b956fd11e15fc914d32605ae408bf6
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: d3utd4dabk.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d3utd4dabk.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wUOWtlpRi4KXlmdJFlRaV8OgzDljHpjHjnnd3MnefK5H3LK%2BlD8tT0Zw7FCHvEeZmkCpy8Ad1Ul707J5DRNCevMJm3LpnIu9dYQqW2L0cQ8%2BoJVYXJG9LWE4ZdwQKsB8o0OPZtqbSpGqEq0J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f8229a056be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 12:37:15 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=ZI4lA6OOs2trRfEOT831fEGAICa9ueCcym8040IWfAhjd55urAu4TxCm9mFZkuIeHI63HvOYKhNp2v6_Jt5NJqFnhK3H7LN49kMdW9MsCxvSsEjImHhG7QmVyC99fwOs
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
date: Fri, 26 Apr 2024 12:36:13 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 80
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=ftsv01a3uo.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=ftsv01a3uo.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest IP139.45.197.251:443
Requested byhttps://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b CertificateIssuerLet's Encrypt Subjectddtvskish.com Fingerprint26:7B:6C:6F:43:6B:10:53:DC:BC:41:BD:2B:08:06:62:17:34:72:22 ValidityThu, 11 Apr 2024 19:06:44 GMT - Wed, 10 Jul 2024 19:06:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=ftsv01a3uo.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ftsv01a3uo.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://ftsv01a3uo.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:18 GMT
content-length: 0
x-trace-id: 525e92ebb60fa1938045bc6c578ee22b
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ftsv01a3uo.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b | 104.26.8.177 | 200 OK | 17 kB |
URL User Request GET HTTP/2ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b IP104.26.8.177:443
CertificateIssuerGoogle Trust Services LLC Subjectfacevideosc.com FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: ftsv01a3uo.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6tw8sn8i7k.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j2%2FlcsS9Wy9tdR7wGMfpl5zBjSq62xVIsSS5Z9JGM5MAD3JC%2BiVV5EGA5o%2BMLBQ566s%2B7BtQ%2FsT9cXjPntxnL0IpsvEs%2F5JB3rDt9Kh7NlP2A9TxX8KyP57p%2Bi0xCe%2B7SdGP1OZKP1TXoO1Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f95982656be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ftsv01a3uo.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 104.26.8.177 | 200 OK | 12 kB |
URL GET HTTP/2ftsv01a3uo.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP104.26.8.177:443
Requested byhttps://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b CertificateIssuerGoogle Trust Services LLC Subjectfacevideosc.com FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (12331) Hash88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: ftsv01a3uo.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:18 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9YH9wmpLvrKhYOw6Er%2FlbOk3tpATokVLoaZtiVDqhL%2Bm3p6T8hUpCmjkzpvwshlsHSER9NfUX3pUm1F2QdepPP2NfvhCNwcjCxN7DDtQ5xH%2BqoguO7KK3tJ%2FJo6o5BlSREwhaytQ6Vo3xRI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f9618e856be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 12:37:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ftsv01a3uo.facevideosc.com/favicon.ico | 104.26.8.177 | 200 OK | 0 B |
URL GET HTTP/2ftsv01a3uo.facevideosc.com/favicon.ico IP104.26.8.177:443
Requested byhttps://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b CertificateIssuerGoogle Trust Services LLC Subjectfacevideosc.com FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ftsv01a3uo.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:18 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2BIflkVDqBCTfq1DHCCI%2F%2F04Gni4ybEblJs1lhDKb2nNgv84D69WzC0LGUw7fVFTegWiHpZEFoOBJG8u2hDjQkykZZZ9lzkP0PboEWkG8gnIBRjv2hHI1M%2FHurKKCKm6k7VK3EgKmyArYg%2FV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f96390656be-OSL
X-Firefox-Spdy: h2
|
|
| ftsv01a3uo.facevideosc.com/sw-check-permissions-local-5137789.js?var=null&ymid=de40apmduocxosc76b | 104.26.8.177 | 200 OK | 543 B |
URL GET HTTP/2ftsv01a3uo.facevideosc.com/sw-check-permissions-local-5137789.js?var=null&ymid=de40apmduocxosc76b IP104.26.8.177:443
Requested byhttps://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b CertificateIssuerGoogle Trust Services LLC Subjectfacevideosc.com FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT
File typeASCII text, with very long lines (607), with no line terminators Hashd71660548537fcfb3b4500533f39cc61 e30e9600147755e98b36fa5f15f11161e69c2451 1be091c5a86f4c3954bb738afc437ea3a76e236e0311c2a0bc9a1a9287d47579
GET /sw-check-permissions-local-5137789.js?var=null&ymid=de40apmduocxosc76b HTTP/1.1
Host: ftsv01a3uo.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 28 Jun 2022 23:05:31 GMT
etag: W/"62bb893b-21f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C0BIzIZmJ9i9Kl0OlYQEFEEw%2FLAMBoR3WwATyA5FGw8pibImVwf4PWgQLOcSeEQTHMvZ6eCMsFA7UWbDh7nmM06S9iwSrLg%2FcOhCQIdwUHsJ4gZymms2jlvLJ1%2BdTsHs15jJ%2FTwzbHkY8keG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f96a9bf56be-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|