Report - 7xwyjtnyn4.facevideosc.com/error_407.php?cnv

Report Overview

Submitted URL
7xwyjtnyn4.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
IP
104.26.8.177
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 12:37:39
Access
public
Website Title
Play
Final URL
ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b#
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-25	512 B	1.2 kB	35.244.181.201
ddtvskish.com	unknown	2023-06-19	2023-06-19	2024-02-27	6.4 kB	6.2 kB	139.45.197.251
d3utd4dabk.facevideosc.com	unknown	unknown	No data	No data	1.0 kB	15 kB	104.26.8.177
8a66irut80.facevideosc.com	unknown	unknown	No data	No data	1.6 kB	18 kB	104.26.8.177
ni9miyqqow.facevideosc.com	unknown	unknown	No data	No data	1.1 kB	22 kB	104.26.8.177
phc0tywd68.facevideosc.com	unknown	unknown	No data	No data	1.1 kB	29 kB	104.26.8.177
mn0lds1te8.facevideosc.com	unknown	unknown	No data	No data	579 B	11 kB	104.26.8.177
7qo7rv4ns0.facevideosc.com	unknown	unknown	No data	No data	579 B	7.1 kB	104.26.8.177
m9f8v3xdj4.facevideosc.com	unknown	unknown	No data	No data	579 B	9.5 kB	104.26.8.177
943q8x0gm8.facevideosc.com	unknown	unknown	No data	No data	1.6 kB	44 kB	104.26.8.177
6tw8sn8i7k.facevideosc.com	unknown	unknown	No data	No data	1.0 kB	12 kB	104.26.8.177
facevideosc.com	unknown	2022-05-16	2022-05-17	2024-02-23	4.2 kB	152 kB	104.26.8.177
kccnd6wm68.facevideosc.com	unknown	unknown	No data	No data	1.0 kB	5.9 kB	104.26.8.177
48ykdiguy8.facevideosc.com	unknown	unknown	No data	No data	1.0 kB	5.3 kB	104.26.8.177
ftsv01a3uo.facevideosc.com	unknown	unknown	No data	No data	2.1 kB	32 kB	104.26.8.177
c9a22wip9s.facevideosc.com	unknown	unknown	No data	No data	1.1 kB	12 kB	104.26.8.177

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	ddtvskish.com	Sinkholed
2024-04-26	medium	ddtvskish.com	Sinkholed
2024-04-26	medium	ddtvskish.com	Sinkholed
2024-04-26	medium	ddtvskish.com	Sinkholed
2024-04-26	medium	ddtvskish.com	Sinkholed
2024-04-26	medium	ddtvskish.com	Sinkholed
2024-04-26	medium	ddtvskish.com	Sinkholed
2024-04-26	medium	ddtvskish.com	Sinkholed
2024-04-26	medium	ddtvskish.com	Sinkholed
2024-04-26	medium	ddtvskish.com	Sinkholed
2024-04-26	medium	ddtvskish.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	unknown	65 B	2023-05-12	2024-04-29
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-05-12 19:26:17 Last Seen2024-04-29 17:25:48 Times Seen88 Hash c7a09cac843b8fa4e57b09b4e0535590 17a79ba2b5995b546184b4b71897d4da56542355 fadcda44c9e4915e600886e274040bb21efc11b3974ac625abc54398f6496659 Loading...

	unknown	665 B	2024-01-22	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-22 14:29:14 Last Seen2024-04-27 12:56:02 Times Seen14 Hash 5aec88c33fbcadbbf41ead4c1fdb184b 618b57b9f0d92508b4ed0eb9affd756752f81c2e 4c60323dee1127fd7e5be7371e90dc0de030306d1486d027fdca47b2bad1723f Loading...

	unknown	444 B	2023-03-07	2024-05-05
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:01 Last Seen2024-05-05 14:52:48 Times Seen497 Hash a5964115c589e6ac706966bdd17b4318 574e85a6842075c22750856eb7c06da299389ceb 8f979b26375828fea21e1a76ea1b844f171a0da1348ad25631a92dd98bfb3945 Loading...

	unknown	6.0 kB	2024-02-06	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-06 10:56:41 Last Seen2024-04-27 12:56:02 Times Seen7 Hash c59e426d39db92e0feb51c279132f8b3 f2a048f84b4953a22087ec6657d14cc78aac22f3 49101e61fd641f26f11b279a46a78fbc5ff56cd7ffc1ec0dff3ce0ced57380ed Loading...

	unknown	220 B	2024-04-26	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 14:37:45 Last Seen2024-04-27 12:56:02 Times Seen2 Hash 50faa31c0873b42d6420e37d8684ecd3 b5fbf481a617b424ef3adf6c5cf77fc7edee0a58 f56595f4b8d6d9ef2e2f2b39c89b8f84e69fbf31c03b329d8d67f128bfd35a77 Loading...

	ftsv01a3uo.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-05-06
Pretty URL ftsv01a3uo.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.26.8.177 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-06 16:12:58 Times Seen43716 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js	27 kB	2023-07-31	2024-05-05
Pretty URL facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js IP 104.26.8.177 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-31 22:15:24 Last Seen2024-05-05 14:52:48 Times Seen2960 Hash f0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e Loading...

	unknown	365 B	2024-04-26	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 14:37:46 Last Seen2024-04-27 12:56:02 Times Seen2 Hash 42b46f103b2168bbf2c9808712d11006 bc1150deb9bcfaa696604f1ef93df6c0d5537983 6d93ef906b0e2d1d00fd18ba16c97746ff02c922180515c635d02e62b79b3d5d Loading...

	unknown	951 B	2024-02-06	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-06 10:56:41 Last Seen2024-04-27 12:56:02 Times Seen7 Hash c7db607af188ac4d2d3fbc95ea8b69ef 40bc879bd158e1b61f99aae4f0aa97408fb1e45c 40b053920bc6be3a2370abcb7e773bd21c881bf4b29d97fb11d508d488175c9d Loading...

HTTP Transactions (47)

URL IP Response Size

m9f8v3xdj4.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b

104.26.8.177

8.9 kB

URL
m9f8v3xdj4.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5374)
Size
8.9 kB (8918 bytes)
Hash
18fbd8dc11f7dccb0e663720b2c95561
78c494783eb04ac7bdfb9f64b3df8a87f0210b9a
18b4aaf5b1fe1c66b61bce789783d368f6aa8b5e53e381c7defbf8b2d527ec0e

HTTP Headers

GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: m9f8v3xdj4.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7xwyjtnyn4.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BVBWoct5ngaBh1KyclB4MfVSHuTZw0V7znTgh725lZvr%2FtRa6UlQsCZSRfhRIbafLa%2FiFwfCsDkIzO6UVEeZTQOn6snrA6fFmgNeR70zkIYVgSg%2FYNTVCGONczjEFAK2GC5ZKhFs3d9JZ1pZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f800e3a56be-OSL
content-encoding: br
X-Firefox-Spdy: h2

ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7xwyjtnyn4.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest

139.45.197.251

0 B

URL
ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7xwyjtnyn4.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7xwyjtnyn4.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://7xwyjtnyn4.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://7xwyjtnyn4.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:15 GMT
content-length: 0
x-trace-id: b64168310d25a33b63dbf5f643666fa4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://7xwyjtnyn4.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js

104.26.8.177

200 OK

10 kB

URL GET HTTP/2
facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js
IP
104.26.8.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Certificate
IssuerGoogle Trust Services LLC
Subjectfacevideosc.com
FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC
ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (26779), with no line terminators
Size
10 kB (10310 bytes)
Hash
f0a5429c5a76186434f263b62b3d2ef0
704d593487b8e6e35ff26d7b61e215eb52eb3593
243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e

HTTP Headers

GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m9f8v3xdj4.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ZPm5J5Yso%2FUsT89OXXdDp74yqKSJCJRKy1BbMs3LRQdohKmXhlwaScY9bXdQy7E%2FtqDC9tImr3N9p5w9vg5oYqZWBpce1ccZSW35UPziqSxvsoWgxsyISGB6Eh6l6ORfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f80efb556be-OSL
content-encoding: br
X-Firefox-Spdy: h2

d3utd4dabk.facevideosc.com/favicon.ico

104.26.8.177

0 B

URL
d3utd4dabk.facevideosc.com/favicon.ico
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: d3utd4dabk.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d3utd4dabk.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rnseRWpPZsT%2F6510BoN%2FvI32cwa0mUOtbPAY6UNA%2BSXPDjLknPKi%2FHkY0y2DDufBXcd%2FLSS1Lt3LICYuocAZu3dignjZGpa5p6gFNde54UiXpCoeRolsGVioelaqwBr2DukYyfHqng5evcF5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f826a0b56be-OSL
X-Firefox-Spdy: h2

ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=d3utd4dabk.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest

139.45.197.251

0 B

URL
ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=d3utd4dabk.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=d3utd4dabk.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://d3utd4dabk.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://d3utd4dabk.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:15 GMT
content-length: 0
x-trace-id: ec5f1dbff7461a03e1cc4ce0fa3d261c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://d3utd4dabk.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

943q8x0gm8.facevideosc.com/favicon.ico

104.26.8.177

0 B

URL
943q8x0gm8.facevideosc.com/favicon.ico
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 943q8x0gm8.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://943q8x0gm8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AjyL6ris2NtknJ27Blm1DhQQmMPv8bp3HR%2BlR4LaR0fxcPgdr88QAZZMelwBEhJSVg9dmpQSvKE8lN9PN1MVdVuWONne3RhyyKLiIXQXk22bvAit9RgEXIUUz3TwF8nWFTsWHwoYJrZ2BeJI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f83aba056be-OSL
X-Firefox-Spdy: h2

ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=943q8x0gm8.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest

139.45.197.251

0 B

URL
ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=943q8x0gm8.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=943q8x0gm8.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://943q8x0gm8.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://943q8x0gm8.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:15 GMT
content-length: 0
x-trace-id: d7aa569159b7c555df602184aa42d614
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://943q8x0gm8.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

8a66irut80.facevideosc.com/favicon.ico

104.26.8.177

0 B

URL
8a66irut80.facevideosc.com/favicon.ico
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 8a66irut80.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8a66irut80.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x16UKPUslbRCnBj%2BPiullTnrTHoF99D%2B%2Bw2sqXtr7XGmvVVZ7KlpG3LrO9RWr2juyFlTuOaSGv9v3%2Bumowaps26VHfBFaq%2BG8wCZilhse5lJHhKSQLEnsgRvWddNq9blB7HFwHiU2ItEwxRe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f84dd4356be-OSL
X-Firefox-Spdy: h2

facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js

104.26.8.177

200 OK

47 kB

URL GET HTTP/2
facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js
IP
104.26.8.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Certificate
IssuerGoogle Trust Services LLC
Subjectfacevideosc.com
FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC
ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (26779), with no line terminators
Size
47 kB (46948 bytes)
Hash
f0a5429c5a76186434f263b62b3d2ef0
704d593487b8e6e35ff26d7b61e215eb52eb3593
243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e

HTTP Headers

GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://943q8x0gm8.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hklpL5rPf2dhFkZoZyBEIRlvUMpSCGAul2jH5TNAufD0PWHCB0ciOOhdSuv5KPTaekWi7i98SFwJpP3YaEZxjIjeB0MCOsE9D2waj3tdz5aqtY5UBojaL%2FZP7ashEbSS7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f83dbd956be-OSL
content-encoding: br
X-Firefox-Spdy: h2

ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=8a66irut80.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest

139.45.197.251

0 B

URL
ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=8a66irut80.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=8a66irut80.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://8a66irut80.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://8a66irut80.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:15 GMT
content-length: 0
x-trace-id: e03f6376b806e507a1f11f383edc07e0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://8a66irut80.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ni9miyqqow.facevideosc.com/favicon.ico

104.26.8.177

0 B

URL
ni9miyqqow.facevideosc.com/favicon.ico
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ni9miyqqow.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ni9miyqqow.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8ObsOPeL%2BAbbZXs8ssmKv1GUhoSzYwP8L1kPLyRhAEc3%2BXOpH8La5%2B18gankLjj37k8qZJxaeaYDXsoNASe7xCQr0qPjyzZljfQXikNCUgMff6JSVomJwigz8gBYbvw79zsL1KYgS5VhNrx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f863f9d56be-OSL
X-Firefox-Spdy: h2

ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=ni9miyqqow.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest

139.45.197.251

0 B

URL
ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=ni9miyqqow.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=ni9miyqqow.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ni9miyqqow.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://ni9miyqqow.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:15 GMT
content-length: 0
x-trace-id: f5b2c06787802dfa4576631ea8ea8b34
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ni9miyqqow.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

c9a22wip9s.facevideosc.com/favicon.ico

104.26.8.177

0 B

URL
c9a22wip9s.facevideosc.com/favicon.ico
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: c9a22wip9s.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c9a22wip9s.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XD7XfFo27AsViUUBufuA%2BxRNdkp4Es6FCFHW%2Bv20ugl0WkD3lZo8WmpG7aD32p7NbWLSBDIn4Vi1ptH0h%2FJla8S0rpuGLq2oQQbS%2B08m339JnWFwsWZFxf7fVV9Fx6zAW28mbezTX7YWdRKf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f87fa9f56be-OSL
X-Firefox-Spdy: h2

ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=c9a22wip9s.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest

139.45.197.251

0 B

URL
ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=c9a22wip9s.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=c9a22wip9s.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c9a22wip9s.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://c9a22wip9s.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:16 GMT
content-length: 0
x-trace-id: 880f57a8fb7de559ab588c072c62d3cb
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://c9a22wip9s.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

kccnd6wm68.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.26.8.177

4.4 kB

URL
kccnd6wm68.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
4.4 kB (4389 bytes)
Hash
ab24451c4b654ab7a5964c5f5cb799b7
dc675c3592a837f762468a2d86491e124947e255
d62954135016327a0d6d632ab125fd89ac02429630ba82b5e6c5ee92d6552bf0

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: kccnd6wm68.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kccnd6wm68.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y07zK81DIHc3%2FJ2YJtxrFn2DaRlJ1KhGY712lva8JWNiFy83dHC8FmyRE6MB5SgCi5%2FaLhyQ0FHjxIVQojg84SJV0yvJr1%2BSpIriHypg%2BF3pW%2F4aegC0CudXl%2Bp06vdr%2BeAIDAYZ%2FrDWT5mP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f896da556be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 12:37:16 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

8a66irut80.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b

104.26.8.177

7.0 kB

URL
8a66irut80.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5374)
Size
7.0 kB (7045 bytes)
Hash
810681de42a944042f8204da7b4b72ed
f80ee4b5744080433d41909cee15801ce961f193
884b4ddb1331bb2cc5d64595be74b7537b7d0beea4d59afb3c52e560606e83ab

HTTP Headers

GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: 8a66irut80.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://943q8x0gm8.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2B%2FREC%2F9awlnAQlnO72tgRDFKiJqFbojfX4Cz4vmI%2B11F2EbVI9xtFaa28jMQcimQOpPtLovU61TDu7xXU9yJPFb4ouJELomtkHw%2FSpqXFFno6zOWAZ5mrWg6hB3sgYNO0NYlqhNYnzLwCmN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f842c7056be-OSL
content-encoding: br
X-Firefox-Spdy: h2

ni9miyqqow.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b

104.26.8.177

21 kB

URL
ni9miyqqow.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5374)
Size
21 kB (20735 bytes)
Hash
b852bfde637944fbf7bd11c605091351
bdc3654d8f05967ecc1a6a0ed8e7403cf6c22f60
913a5212da643419ca56276cf4e587f6d0655a95fcbba2503e6dbec05af9b9eb

HTTP Headers

GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: ni9miyqqow.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8a66irut80.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=szYVZc22iejNhXEemzLkLXaIaT5RLcVh1rJ8QagoriJgs9zxemSaiA%2BbQ58%2BEYFa53BooW6dtENPoSHQlrVrFUTVlDm7XGO1Bux5vQ8Dz0%2FcF08G3yQVK7mIZ05kd5qS%2Bc0EhB4zwdsjOsK1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f858e6b56be-OSL
content-encoding: br
X-Firefox-Spdy: h2

943q8x0gm8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b

104.26.8.177

31 kB

URL
943q8x0gm8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5374)
Size
31 kB (31270 bytes)
Hash
f2ede6fc7ee179fba6f5fb1c9e98f005
6cca5988121d80b959326cc72a2db41cf710512f
4416eb8eebfb7359278ebf74ac28a9f56f5118ec60c5d7dc3c64f27eb264aecd

HTTP Headers

GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: 943q8x0gm8.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d3utd4dabk.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vC6EjMXGHwNk5tnkP1ibwJonzj0CRAR8MQWlqhoLL7fgeCLwzXjA9tR5qgzm1uDBPeXlIf1pvrrIm84gaRdZLR%2B0tEUa6nNBtnMEYIess%2FVWyFisPddhwWHaT69VaiZB%2FKpAoO8Hb32XXfZA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f830af056be-OSL
content-encoding: br
X-Firefox-Spdy: h2

kccnd6wm68.facevideosc.com/favicon.ico

104.26.8.177

0 B

URL
kccnd6wm68.facevideosc.com/favicon.ico
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: kccnd6wm68.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kccnd6wm68.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6Twt3XQlWReenTLUT05zQbDEROulwZjavK2seJNabqXg2uRQmapCQbOd9BJu5u9L3LlAvSRp1K2d%2BoltH1tPW4ULHC9er65KZdaDl3s%2BiqWw68rE5GCRLrb1ZzkqF2ryedTp7YoEjY4v5k0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f89adfd56be-OSL
X-Firefox-Spdy: h2

943q8x0gm8.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.26.8.177

11 kB

URL
943q8x0gm8.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
11 kB (11103 bytes)
Hash
02999e86e80a9e3a97ef01106dbef40e
5dd414e3a5f9d1ba86f776152c6ab621a254c13d
05df60ed655df1cae6863d0b37da1126ab26e58b8dbaa530ed06fd2d153719dd

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: 943q8x0gm8.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://943q8x0gm8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ysbhcR2tPxv7LmRoxgmC%2B02XMjdhnLAfilngs4uHUERybaBy97FPA9TB5Z7gO4TJ5MZXULRKrcfLpbYRS1hM%2FJeCVpjMoNJjt182RQOKe4WASXQAWgSQyxk5%2FonWe1%2FnTSMvOWHAWiE7l6xz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f838b8d56be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 12:37:15 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js

104.26.8.177

200 OK

19 kB

URL GET HTTP/2
facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js
IP
104.26.8.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Certificate
IssuerGoogle Trust Services LLC
Subjectfacevideosc.com
FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC
ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (26779), with no line terminators
Size
19 kB (19331 bytes)
Hash
f0a5429c5a76186434f263b62b3d2ef0
704d593487b8e6e35ff26d7b61e215eb52eb3593
243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e

HTTP Headers

GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ni9miyqqow.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HZMlwFnAcdD7XHugRyID%2BCV8dxxs7r4JDEO63Mx7koF8A35f%2BTaivCoL0Tn7JpbZapqFy%2FVNZzOL8iN03XlO2VFmiICs0nOtY7epw9eAD1MQ%2Fi%2FvC0F3FZnSZyxZ%2FxX7Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f867ffa56be-OSL
content-encoding: br
X-Firefox-Spdy: h2

8a66irut80.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.26.8.177

9.1 kB

URL
8a66irut80.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
9.1 kB (9079 bytes)
Hash
7f0c6830254cacb4715f227049387dc3
e2dded77a24d654fd90467d3eeec8a37e9a1e607
85a72503b1482f6df39c4cbacfd85b36e21cc93a4c04d5ea5cc382d843b2361f

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: 8a66irut80.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8a66irut80.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m77N%2BD3fUtOt2NnbAUSwDmLx2OEpGwEMJQTUjkexLb8oFHH9K%2FJoXntg93yBMsGfHl8pZWtMGLA9sz3VSaXnipRpj46p1d2lskDo7UR%2BownZqzokV%2BTvLmtdpv%2F%2FRyFLZNFu4k77RH%2BCDbnG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f84ad0656be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 12:37:15 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js

104.26.8.177

200 OK

10 kB

URL GET HTTP/2
facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js
IP
104.26.8.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Certificate
IssuerGoogle Trust Services LLC
Subjectfacevideosc.com
FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC
ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (26779), with no line terminators
Size
10 kB (10310 bytes)
Hash
f0a5429c5a76186434f263b62b3d2ef0
704d593487b8e6e35ff26d7b61e215eb52eb3593
243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e

HTTP Headers

GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kccnd6wm68.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82374
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TDaiO48JMeSKXF7odbUhXrtK5r7xQuyurAZK9l0FyTvDquPvppRoeYKWoJyQG6f6QCJCI8eEhLmNLe1x%2B22cFQjHddNCPj9%2BLjpMZkZSnI7qyce7VBIAc%2ByZtivtrp6VsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f89fe9456be-OSL
content-encoding: br
X-Firefox-Spdy: h2

phc0tywd68.facevideosc.com/favicon.ico

104.26.8.177

0 B

URL
phc0tywd68.facevideosc.com/favicon.ico
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: phc0tywd68.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://phc0tywd68.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Yb51WZtpc43SjVHv4aK1rFQK%2F4OQWNZbv9ksAWSUxPFe2lDYv46IvK6Zs7hMyASSmVIwmbSlH18Unvsh%2FIQ5%2FRtMc39JUERAr5A9IdFrkZaO%2BYwXtrzJgcCKgZN8Xbjne93%2Bw%2FRD0n0JchK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f8b289456be-OSL
X-Firefox-Spdy: h2

ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=phc0tywd68.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest

139.45.197.251

0 B

URL
ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=phc0tywd68.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=phc0tywd68.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://phc0tywd68.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://phc0tywd68.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:16 GMT
content-length: 0
x-trace-id: f2fab0964cf5cd1d73977520af5282da
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://phc0tywd68.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

c9a22wip9s.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b

104.26.8.177

10 kB

URL
c9a22wip9s.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5374)
Size
10 kB (10428 bytes)
Hash
8804c6bb59a457fb32f934323bcc06b6
36c4e12a8caa02a926d3e0dd665b5ad8df87338b
9ebf443676cb56c2567331646b6c41846a4278ff51a5f58da9004c1e27a17001

HTTP Headers

GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: c9a22wip9s.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ni9miyqqow.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qzHFukuo2AkTLB09JE4oNi29qHQOWYhXAKDSKKyQDiyOkfFSMshgpMNGGmSZSB1wEIRYUXa2cIvvNTsuiAZ8fpxbqFIukukh4LX10Gutelzpk3Yp5KFgD3akwwYxMdB2wFyLTX%2Frg4RbbuGC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f86f8e956be-OSL
content-encoding: br
X-Firefox-Spdy: h2

facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js

104.26.8.177

200 OK

10 kB

URL GET HTTP/2
facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js
IP
104.26.8.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Certificate
IssuerGoogle Trust Services LLC
Subjectfacevideosc.com
FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC
ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (26779), with no line terminators
Size
10 kB (10310 bytes)
Hash
f0a5429c5a76186434f263b62b3d2ef0
704d593487b8e6e35ff26d7b61e215eb52eb3593
243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e

HTTP Headers

GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5ogrqr0hao.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82374
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nly0UlfXMdHuBLy%2F1Evv%2FAToyEe3owm%2FLoUapGQUX5nc3kVKANEZkeIlPRDGIqBvZiYU1YAtVAqplIRkgXoOXp21RYMg1XwlGpJfCDUaC1Zmr5JK82f%2BzOn9eUmiKq%2BDrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f8caab556be-OSL
content-encoding: br
X-Firefox-Spdy: h2

ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7qo7rv4ns0.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest

139.45.197.251

0 B

URL
ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7qo7rv4ns0.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7qo7rv4ns0.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://7qo7rv4ns0.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://7qo7rv4ns0.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:17 GMT
content-length: 0
x-trace-id: 3af117a8bb9be52b2f2e74d7468abc4a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://7qo7rv4ns0.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

48ykdiguy8.facevideosc.com/favicon.ico

104.26.8.177

0 B

URL
48ykdiguy8.facevideosc.com/favicon.ico
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 48ykdiguy8.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://48ykdiguy8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:17 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ex31MdYyB%2FwaXc2YqMTLBPby2eLWZOTlgy6r5dP6Z6rxkUp1fCDVlbkSSQWdg5%2BsDGOrI8FkwI4M84Z2NiLUCrPX8d6jnTIr0NbR%2BNoL8Klz46jVR2%2FG4ZzdWRcYLVtd2m1srhxORweNPcZh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f8f1e0956be-OSL
X-Firefox-Spdy: h2

facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js

104.26.8.177

200 OK

10 kB

URL GET HTTP/2
facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js
IP
104.26.8.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Certificate
IssuerGoogle Trust Services LLC
Subjectfacevideosc.com
FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC
ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (26779), with no line terminators
Size
10 kB (10310 bytes)
Hash
f0a5429c5a76186434f263b62b3d2ef0
704d593487b8e6e35ff26d7b61e215eb52eb3593
243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e

HTTP Headers

GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7qo7rv4ns0.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82375
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=khgQuq1HSDioPPr3BlrLA1RhXFT2Q2YgTiqtlLMWDvYLiZuNfnaSMb5%2Fnf43UNZtvewmJMvFzDZeB1CUxQyDc8YEv70u3ZiiyHQm5eTrHZ8ViqsM4wN%2BGx0JDIoFqnOdNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f8dfca456be-OSL
content-encoding: br
X-Firefox-Spdy: h2

mn0lds1te8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b

104.26.8.177

10 kB

URL
mn0lds1te8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5374)
Size
10 kB (10428 bytes)
Hash
baeab445a0fe825303e8773e81888056
3654ca2c407d452fafe4f8526124ed9ff0847273
9b301ecc38a2fcd20c8e00dc65b995e23e1d50d966d219b54aee2a0123e54a63

HTTP Headers

GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: mn0lds1te8.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://48ykdiguy8.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M8g9l3tfveIPUZw8KYxJeq4SN1Lyhp2Sr3D3AKf9e9gcPivcTrAbDtF9%2F15o2xLmkkfy1Ow16dBLdvWqu%2BpZOUj4zCodjazhi5lyr8QHKgRdrdzWbEfORpTYRgLRnkswCDnaM0RvSwqmErp%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f8fbed156be-OSL
content-encoding: br
X-Firefox-Spdy: h2

ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=mn0lds1te8.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest

139.45.197.251

0 B

URL
ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=mn0lds1te8.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=mn0lds1te8.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mn0lds1te8.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://mn0lds1te8.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:17 GMT
content-length: 0
x-trace-id: bf452b3f2c91dffd0766a817687f1395
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://mn0lds1te8.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

48ykdiguy8.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.26.8.177

3.9 kB

URL
48ykdiguy8.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
3.9 kB (3886 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: 48ykdiguy8.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://48ykdiguy8.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:17 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUTfIu4h9zcMTJfuBgEzVzDyffrcfvheX2jN2d8Ic384ff%2BkUIgVPw1Y7%2Fyo2D2Buh53q%2BEYtBLWpJtxAhFQB8wdRgNQeXWchTdYCYr4cs5tDoj3WIAWI5Y9lTFeZUYQ2lWypa3VjNvbsPwd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f8f0ded56be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 12:37:17 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

phc0tywd68.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b

104.26.8.177

27 kB

URL
phc0tywd68.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5374)
Size
27 kB (27280 bytes)
Hash
382f8fb376113eea690f86caa18e5d4d
c3809d4b07ff0c3403062676597c2e924a3c8058
0cc305ccaab4b56e9d08302166e82d2ac8404f1e62af39080068d9948a756465

HTTP Headers

GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: phc0tywd68.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kccnd6wm68.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=27cSzN9uG%2BWV7JI9LngtUxuvTeeP3O4OhJvXDYc1hk6XOOT10hCZEfwXHvVDzfqVL4tgvLQdYnxwtne2Ry6YVSIBHS%2F3nxDa6g4lk31A%2BdjX6dBEeJtTRV1MLFeu4kKRbG0Stk9ziA%2FT2Ob9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f8a8f5156be-OSL
content-encoding: br
X-Firefox-Spdy: h2

facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js

104.26.8.177

200 OK

10 kB

URL GET HTTP/2
facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js
IP
104.26.8.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Certificate
IssuerGoogle Trust Services LLC
Subjectfacevideosc.com
FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC
ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (26779), with no line terminators
Size
10 kB (10310 bytes)
Hash
f0a5429c5a76186434f263b62b3d2ef0
704d593487b8e6e35ff26d7b61e215eb52eb3593
243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e

HTTP Headers

GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d3utd4dabk.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BLzXqHK%2Bljm565xQTz6k%2BQe2IogaX%2FrVO28lNLeP8KbKyHOFYggHcVuvavs3FJOaHZvBH11NmqkA6oJvTIlY%2BmfALSG28zgD96VzpgUHRaP9mblDmRLQ%2BU2SE2CWvEMWPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f828a2b56be-OSL
content-encoding: br
X-Firefox-Spdy: h2

6tw8sn8i7k.facevideosc.com/favicon.ico

104.26.8.177

0 B

URL
6tw8sn8i7k.facevideosc.com/favicon.ico
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 6tw8sn8i7k.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6tw8sn8i7k.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:18 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VEDyLRTXLIjdMSgeaoGhfW4GjRrERFUcDpGj%2FiUpuO%2BADzsLRICkHTyMy0W%2BmsHa%2FDd3EFTcfgjjzmfsXrrdVKKPKk1EB2o%2FX%2FFD0Ixlv%2B4rR4Jh7Xn75SdwNPNOrUQOZgy6U92CP7Trv3h3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f949e4c56be-OSL
X-Firefox-Spdy: h2

ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6tw8sn8i7k.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest

139.45.197.251

0 B

URL
ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6tw8sn8i7k.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6tw8sn8i7k.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://6tw8sn8i7k.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://6tw8sn8i7k.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:18 GMT
content-length: 0
x-trace-id: 231c4c8094aad73c00dc01a09188588a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://6tw8sn8i7k.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

6tw8sn8i7k.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.26.8.177

10 kB

URL
6tw8sn8i7k.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
10 kB (10427 bytes)
Hash
934a5b9c5b461c2ea7804ab5c6c3e16d
3e1d2a9bcafae8530a96626b631485363b97b9c3
634efedb1ca0589fbdf1afb8489879e782095b6132b79f19f77715a8722cae5b

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: 6tw8sn8i7k.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6tw8sn8i7k.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:18 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pr%2FnBYhtlfpiZ5Sf%2FFJICqPM%2BBnsZppuyrmBCfSTfLP8%2BI%2B%2BwoMmQxVDqcquj9X2U%2FS2wY2bANyKvgUqDModOVnGqzjmSTU0kQTH%2BexjYbhvyizl%2FiY%2FXU8anSpdmG3HK%2BKiZ0hpOx1sUTi5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f947e2556be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 12:37:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

7qo7rv4ns0.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b

104.26.8.177

6.5 kB

URL
7qo7rv4ns0.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5374)
Size
6.5 kB (6542 bytes)
Hash
1e2963d6027cef4e489ecd0b0caa2a6d
507021caf42e8f534fcb0548cceb51d811f04763
b60060e210b24d115cb7cb2b1b5a95607998b9baac6e0dd75f19bcd5487455fa

HTTP Headers

GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: 7qo7rv4ns0.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5ogrqr0hao.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYOBFAAPzu%2Fqe5RvLxlyEnO9Vwt%2FZ6YOz33M5jKTGOnXLnt76gfIqG8V9wntlDns5vwL0WKUWLZNu8DHfgdf%2BbqmpvlBDF3lQoXrwb4OpHdpJofaGSAidvJVF0ZN4Kxw5%2B8p7l0t5Qro6VUA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f8d3b8d56be-OSL
content-encoding: br
X-Firefox-Spdy: h2

facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js

104.26.8.177

200 OK

29 kB

URL GET HTTP/2
facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js
IP
104.26.8.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Certificate
IssuerGoogle Trust Services LLC
Subjectfacevideosc.com
FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC
ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (26779), with no line terminators
Size
29 kB (28755 bytes)
Hash
f0a5429c5a76186434f263b62b3d2ef0
704d593487b8e6e35ff26d7b61e215eb52eb3593
243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e

HTTP Headers

GET /micro.tag.min.js?z=5137789&cdn=1&ymid=de40apmduocxosc76b&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mn0lds1te8.facevideosc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jul 2023 21:58:24 GMT
vary: Accept-Encoding
etag: W/"64c82e80-689b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 82375
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4OxviI2t6Hl4EvwjfpmE2gkwXlAP3epcWHTiThQHcaKTWqsf0fuSQCuMamC5kq8Zz0lyb%2FRp5upwPS5yodTkbm7P%2BmoqmU%2Fe2VF7xNGiafmCWE3OOaFA7HWFYQikrP2hHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f90981a56be-OSL
content-encoding: br
X-Firefox-Spdy: h2

d3utd4dabk.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.26.8.177

14 kB

URL
d3utd4dabk.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.26.8.177:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
14 kB (13521 bytes)
Hash
63b84c410d289e207babd22dcaa5ac17
75d4ea86af9d0722eaafa06e9352054cf6ca52cb
3ee82ae5261ce00fddbb16110bb30bc827b956fd11e15fc914d32605ae408bf6

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: d3utd4dabk.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d3utd4dabk.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:15 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wUOWtlpRi4KXlmdJFlRaV8OgzDljHpjHjnnd3MnefK5H3LK%2BlD8tT0Zw7FCHvEeZmkCpy8Ad1Ul707J5DRNCevMJm3LpnIu9dYQqW2L0cQ8%2BoJVYXJG9LWE4ZdwQKsB8o0OPZtqbSpGqEq0J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f8229a056be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 12:37:15 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=ZI4lA6OOs2trRfEOT831fEGAICa9ueCcym8040IWfAhjd55urAu4TxCm9mFZkuIeHI63HvOYKhNp2v6_Jt5NJqFnhK3H7LN49kMdW9MsCxvSsEjImHhG7QmVyC99fwOs
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
date: Fri, 26 Apr 2024 12:36:13 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 80
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=ftsv01a3uo.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest

139.45.197.251

200 OK

0 B

URL POST HTTP/2
ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=ftsv01a3uo.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Certificate
IssuerLet's Encrypt
Subjectddtvskish.com
Fingerprint26:7B:6C:6F:43:6B:10:53:DC:BC:41:BD:2B:08:06:62:17:34:72:22
ValidityThu, 11 Apr 2024 19:06:44 GMT - Wed, 10 Jul 2024 19:06:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=ftsv01a3uo.facevideosc.com&var=null&ymid=de40apmduocxosc76b&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ddtvskish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ftsv01a3uo.facevideosc.com
DNT: 1
Connection: keep-alive
Referer: https://ftsv01a3uo.facevideosc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 12:37:18 GMT
content-length: 0
x-trace-id: 525e92ebb60fa1938045bc6c578ee22b
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ftsv01a3uo.facevideosc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b

104.26.8.177

200 OK

17 kB

URL User Request GET HTTP/2
ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
IP
104.26.8.177:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectfacevideosc.com
FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC
ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT

File type

Size
17 kB (16824 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /error_407.php?cnv_id=de40apmduocxosc76b HTTP/1.1
Host: ftsv01a3uo.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6tw8sn8i7k.facevideosc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j2%2FlcsS9Wy9tdR7wGMfpl5zBjSq62xVIsSS5Z9JGM5MAD3JC%2BiVV5EGA5o%2BMLBQ566s%2B7BtQ%2FsT9cXjPntxnL0IpsvEs%2F5JB3rDt9Kh7NlP2A9TxX8KyP57p%2Bi0xCe%2B7SdGP1OZKP1TXoO1Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a69f95982656be-OSL
content-encoding: br
X-Firefox-Spdy: h2

ftsv01a3uo.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.26.8.177

200 OK

12 kB

URL GET HTTP/2
ftsv01a3uo.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.26.8.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Certificate
IssuerGoogle Trust Services LLC
Subjectfacevideosc.com
FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC
ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: ftsv01a3uo.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:18 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9YH9wmpLvrKhYOw6Er%2FlbOk3tpATokVLoaZtiVDqhL%2Bm3p6T8hUpCmjkzpvwshlsHSER9NfUX3pUm1F2QdepPP2NfvhCNwcjCxN7DDtQ5xH%2BqoguO7KK3tJ%2FJo6o5BlSREwhaytQ6Vo3xRI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f9618e856be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 12:37:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

ftsv01a3uo.facevideosc.com/favicon.ico

104.26.8.177

200 OK

0 B

URL GET HTTP/2
ftsv01a3uo.facevideosc.com/favicon.ico
IP
104.26.8.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Certificate
IssuerGoogle Trust Services LLC
Subjectfacevideosc.com
FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC
ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ftsv01a3uo.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:18 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 28 Jun 2022 23:55:56 GMT
etag: "62bb950c-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2BIflkVDqBCTfq1DHCCI%2F%2F04Gni4ybEblJs1lhDKb2nNgv84D69WzC0LGUw7fVFTegWiHpZEFoOBJG8u2hDjQkykZZZ9lzkP0PboEWkG8gnIBRjv2hHI1M%2FHurKKCKm6k7VK3EgKmyArYg%2FV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f96390656be-OSL
X-Firefox-Spdy: h2

ftsv01a3uo.facevideosc.com/sw-check-permissions-local-5137789.js?var=null&ymid=de40apmduocxosc76b

104.26.8.177

200 OK

543 B

URL GET HTTP/2
ftsv01a3uo.facevideosc.com/sw-check-permissions-local-5137789.js?var=null&ymid=de40apmduocxosc76b
IP
104.26.8.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Certificate
IssuerGoogle Trust Services LLC
Subjectfacevideosc.com
FingerprintF0:21:D8:A1:6B:1C:56:17:60:4E:A9:93:15:F4:FA:E1:1F:A0:FD:CC
ValidityThu, 11 Apr 2024 09:54:22 GMT - Wed, 10 Jul 2024 09:54:21 GMT

File type
ASCII text, with very long lines (607), with no line terminators
Size
543 B (543 bytes)
Hash
d71660548537fcfb3b4500533f39cc61
e30e9600147755e98b36fa5f15f11161e69c2451
1be091c5a86f4c3954bb738afc437ea3a76e236e0311c2a0bc9a1a9287d47579

HTTP Headers

GET /sw-check-permissions-local-5137789.js?var=null&ymid=de40apmduocxosc76b HTTP/1.1
Host: ftsv01a3uo.facevideosc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ftsv01a3uo.facevideosc.com/error_407.php?cnv_id=de40apmduocxosc76b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 12:37:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 28 Jun 2022 23:05:31 GMT
etag: W/"62bb893b-21f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C0BIzIZmJ9i9Kl0OlYQEFEEw%2FLAMBoR3WwATyA5FGw8pibImVwf4PWgQLOcSeEQTHMvZ6eCMsFA7UWbDh7nmM06S9iwSrLg%2FcOhCQIdwUHsJ4gZymms2jlvLJ1%2BdTsHs15jJ%2FTwzbHkY8keG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a69f96a9bf56be-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (47)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type