Report - img.4img.top/%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html

Report Overview

Submitted URL
img.4img.top/%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
IP
172.67.146.175
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-09 19:32:48
Access
public
Website Title
Contact & Abuse -VIDEOS@AV4.us
Final URL
data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
mcpuwpsh.com	unknown	2022-08-12	2022-08-12	2024-05-08	489 B	2.4 kB	94.130.197.240
www.w3schools.com	17487	2000-03-21	2014-02-05	2024-05-08	1.2 kB	17 kB	192.229.133.221
e9b729472c.39268ea911.com	unknown	unknown	No data	No data	2.7 kB	849 kB	45.133.44.52
mc.webvisor.org	17571	2009-08-25	2017-08-16	2024-05-08	5.6 kB	7.4 kB	87.250.250.119
js.2mp4.xyz	unknown	2020-06-14	2024-03-24	2024-03-26	832 B	33 kB	188.114.97.1
page.phic4.top	unknown	2024-03-07	2024-03-28	2024-04-16	798 B	42 kB	104.21.73.126
nereserv.com	40015	2020-12-21	2020-12-21	2024-05-08	1.2 kB	640 B	168.119.25.102
e859321004.6423f6c6c4.com	unknown	unknown	No data	No data	10 kB	949 B	157.90.84.246
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-08	1.2 kB	228 kB	151.101.193.229
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-09	1.7 kB	126 kB	172.217.21.170
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	1.2 kB	214 kB	142.250.74.168
o.pki.goog	unknown	2016-06-13	2024-04-24	2024-05-09	650 B	1.4 kB	142.250.74.131
e275260174.05ae41c3fc.com	unknown	unknown	No data	No data	831 B	320 B	45.133.44.53
css.4jpg.top	unknown	2024-03-07	2024-03-18	2024-04-18	1.4 kB	25 kB	172.67.211.235
storage.multstorage.com	unknown	2023-09-22	2023-09-22	2024-05-08	527 B	1.1 kB	104.21.30.242
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-08	1.0 kB	2.8 kB	54.230.218.11
jsjs.4jpg.top	unknown	2024-03-07	2024-03-08	2024-03-10	1.6 kB	34 kB	104.21.77.220
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22	2024-05-08	528 B	387 B	157.90.84.242
accounts.google.com	81	1997-09-15	2016-03-20	2024-05-08	1.8 kB	8.2 kB	74.125.131.84
p.a64x.com	unknown	2023-07-27	2023-07-27	2024-05-08	1.5 kB	701 B	172.67.185.171
notification.tubecup.net	8210	2008-09-26	2019-08-30	2024-05-08	788 B	311 B	78.47.199.206
data.jpg4.monster	unknown	unknown	No data	No data	635 B	11 kB	188.114.97.1
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-09	1.2 kB	15 kB	104.17.25.14
js.capndr.com	316718	2021-08-30	2021-08-30	2024-05-08	404 B	374 B	45.133.44.52
cacrz.4jpg.top	unknown	2024-03-07	2024-04-16	2024-04-16	385 B	9.5 kB	188.114.97.1
js.wpshsdk.com	12130	2021-06-04	2021-06-04	2024-05-08	412 B	15 kB	45.133.44.53
av.av4us.top	unknown	2023-01-18	2024-03-25	2024-03-27	396 B	7.6 kB	172.67.200.220
static.bookmsg.com	47495	2020-09-15	2020-11-24	2024-05-08	1.1 kB	2.2 kB	45.133.44.25
imdn.pics	unknown	2023-09-14	2023-09-14	2024-05-08	850 B	14 kB	45.133.44.24
comments.4jpg.top	unknown	2024-03-07	2024-03-24	2024-03-27	826 B	1.6 kB	172.67.211.235

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	39268ea911.com	Sinkholed
2024-05-09	medium	39268ea911.com	Sinkholed
2024-05-09	medium	39268ea911.com	Sinkholed
2024-05-09	medium	39268ea911.com	Sinkholed
2024-05-09	medium	39268ea911.com	Sinkholed
2024-05-09	medium	39268ea911.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (33)

	URL	Size	First Seen	Last Seen
	unknown	59 B	2024-05-04	2024-05-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 22:45:05 Last Seen2024-05-20 11:10:42 Times Seen777 Hash e4b182d46ed8deb89f173af96cc87d63 f284888aa3aa2b4797067f887af101642af71549 4c957fa6a4bdaddeee58bcbd3b6ef6b0482f94bfa6516f8167b77eb340d87e03 Loading...

	js.2mp4.xyz/?vidjs=51uad-5vq	73 kB	2024-05-05	2024-05-20
Pretty URL js.2mp4.xyz/?vidjs=51uad-5vq IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 15:51:09 Last Seen2024-05-20 11:10:43 Times Seen1214 Hash 43c2c8713d395513c4e66f9cde2b2e18 91f1d97a80a45df119062303003f7adaff9560a4 fd2a053201de2cea9f9808e7697513c0093f4be4324654d70752d8edf1986fbf Loading...

	page.phic4.top/myda.php	0 B	2023-03-07	2024-05-20
Pretty URL page.phic4.top/myda.php IP 104.21.73.126 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 13:26:01 Times Seen37875242 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	e9b729472c.39268ea911.com/94a773ec0ce10439eaff9dd642e1fefb.js	470 kB	2024-04-16	2024-05-20
Pretty URL e9b729472c.39268ea911.com/94a773ec0ce10439eaff9dd642e1fefb.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 15:37:10 Last Seen2024-05-20 09:32:15 Times Seen1388 Hash 2902e331e5e735ad63e7510dfc434c5b 8f276d26159f74561fb370144b8cafba8bcc8bd3 26106440376cfc59241a9ef152d26483d436f1c155744bda92a41d3906e60ba2 Loading...

	e9b729472c.39268ea911.com/939b87343a3eb6ec5a1c3e8c8c6f7c47.js	169 kB	2024-04-25	2024-05-16
Pretty URL e9b729472c.39268ea911.com/939b87343a3eb6ec5a1c3e8c8c6f7c47.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 17:48:27 Last Seen2024-05-16 08:49:21 Times Seen1042 Hash e164f0fc509991890121aa763019689d 16f901a89a57f87c90d6cea80cff9f8bd32756dc fdd439b2c8d28676c5e03847afc19252a3d6d88a670ba48db4ac020866c6b6ec Loading...

	unknown	928 B	2024-05-01	2024-05-20
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-05-01 15:32:20 Last Seen2024-05-20 11:10:42 Times Seen851 Hash bc4e9fa733d0d8b1e826ef07b5b5ce94 4a4b5f2528b1111e57c70d0179ebd0bd965ff5c0 e749dc69a8b89f85192c029ad8a67787a835c5870d856488bc19aad24bb2eecf Loading...

	jsjs.4jpg.top/index.php?js=av4&advertisement&	177 kB	2024-05-09	2024-05-11
Pretty URL jsjs.4jpg.top/index.php?js=av4&advertisement& IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 21:32:55 Last Seen2024-05-11 15:14:42 Times Seen16 Hash 30caa5a77bcc929b9518895ade436f65 5904347af19263901ade79e121f79bf9657b9c1b 037aa026208d61253b29fc63642a5977e362f19e1cb6383298e9058749a9a888 Loading...

	data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html	12 B	2023-03-07	2024-05-20
Pretty URL data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:07:12 Last Seen2024-05-20 11:10:42 Times Seen1085 Hash b4b936eab4235f662d4eb756534d69d7 4ee18cb14eaf40e117a19a7f86dcefe6291bc0cf f7650ed40588ee2d1128869afc47866ee4eb09d4860ce1c3e07c9860b7242d33 Loading...

	cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js	180 kB	2024-05-03	2024-05-17
Pretty URL cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 02:10:59 Last Seen2024-05-17 00:37:01 Times Seen567 Hash f464862da342972da1aeb10293884c42 b3d6f54ddddc9326f62f9377859aa63dcabf302f 0a7deca67d228c7a139745aa9ba04f6df79401def99dc3e4f8e7dd162dd94085 Loading...

	data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html	367 B	2024-04-16	2024-05-20
Pretty URL data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 15:37:11 Last Seen2024-05-20 01:51:29 Times Seen893 Hash d801c0d74f3fd7389687f269cff282de 754d8810d288e79df3e3f8bb9d152f3b922075ac b0110b88c9b19a36d9a31c41d165662fb6f35ac6f390348786382f9b56cfc4b5 Loading...

	unknown	246 B	2024-05-04	2024-05-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 22:45:05 Last Seen2024-05-20 11:10:42 Times Seen777 Hash f1d25e07562d2bd77b2055da6067d927 04b6a0647a5a27eea8ee5af3cb6f367fc38f55c1 b270f3abf011073fd37403696d17226e284cdf6d5652fb953a4057be3ceac403 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-05-20
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-20 13:23:45 Times Seen115395 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	e9b729472c.39268ea911.com/34d6dd2e1c7f31ddf3a9042ff9eeb58b.js	109 kB	2024-05-08	2024-05-14
Pretty URL e9b729472c.39268ea911.com/34d6dd2e1c7f31ddf3a9042ff9eeb58b.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 14:11:42 Last Seen2024-05-14 14:15:38 Times Seen387 Hash 392da8c33f7fec0078e15e7cb7dec615 9a58299ea074848763f9b3e0d0b3ed82ed92614a e4dd634416e83566cd4235d596b6292bdcca640a6fb47da3b9330a3113e35c47 Loading...

	data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html	0 B	2023-03-07	2024-05-20
Pretty URL data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 13:26:01 Times Seen37875242 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js	11 kB	2023-03-07	2024-05-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:01 Last Seen2024-05-20 11:10:43 Times Seen4502 Hash ea77f824de2ef57acb12e7cb6596365e 10bad0dbdf30a0471c2c786b349daeb1dd19180e 2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c Loading...

	unknown	69 B	2024-05-04	2024-05-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 22:45:05 Last Seen2024-05-20 11:10:42 Times Seen777 Hash b9f832047715f01438c3556824a9aa11 174108d5d6cf22d1b907fb0958e29bba7d91576b eb83f6f5d35599bc9dd1268d123d878d528d8289754e9a80c8cdcf62158b57ab Loading...

	data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html	14 B	2023-03-07	2024-05-20
Pretty URL data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:07:12 Last Seen2024-05-20 11:10:42 Times Seen1085 Hash 13b29d7aeaa1d827a9a3feeb39148a43 da2040ef13a2d1ce62b0eef9c6ced0fe14f66b28 d2d18329527d4d7d4acda028f92281274ac2a08bd840af1c0480620582f98338 Loading...

	unknown	905 B	2024-05-01	2024-05-20
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-05-01 15:32:20 Last Seen2024-05-20 11:10:42 Times Seen851 Hash 01234a83d86ce3ced95c8e422408e8eb 073c0e5f0dc3b8a570ff767e5d41efa816faf0e6 049fb929bd512023b8f548d69ec8246b11c927f644a2f247fe44bb6b7487a919 Loading...

	unknown	72 B	2024-05-04	2024-05-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 22:45:05 Last Seen2024-05-20 11:10:42 Times Seen777 Hash c7a29ea0dfdff174648e9beb3ecec7f3 d0972bc8bd8fc4d4cad30e3142cc0140caa89cac 469a4a22e000da2392229fea77db04fa8b63cac64cf65597e4798e61f7e16c80 Loading...

	www.googletagmanager.com/gtag/js?id=UA-620120-3	195 kB	2024-05-09	2024-05-09
Pretty URL www.googletagmanager.com/gtag/js?id=UA-620120-3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 09:04:24 Last Seen2024-05-09 21:32:56 Times Seen18 Hash f3b281a37d6b0c93b7dbf8d49b54fbe3 461d3c4fe28b23d5e5b9db2d0080625b9c69909d da10b8683771fbf19920e643b6b4527a5484d1f595d510a435c699ec1d3c8f3f Loading...

	css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2	86 kB	2024-05-09	2024-05-10
Pretty URL css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2 IP 172.67.211.235 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-09 08:42:51 Last Seen2024-05-10 02:43:19 Times Seen4 Hash b186c0c4ef84c2c3f2e4f2afd5e97145 9eabe45dc2b312f0ea66ae2e29b9320d81cb6202 d1a7a473bd6aa0bf1fe68cb9a52f80c8fb4c34d2f5fbc7b9c8cf61bbd2f75557 Loading...

	jsjs.4jpg.top/index.php?js=very	82 B	2024-04-16	2024-05-20
Pretty URL jsjs.4jpg.top/index.php?js=very IP 104.21.77.220 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 15:37:11 Last Seen2024-05-20 11:10:43 Times Seen2677 Hash 77542f8a3ada1bb8b45eb9139c5e69ef 08556fa802dce18bec90fc57d62c7caaa4dbbdd0 4a12c40c3eb9ed0e055519dbd5be4cb7e88ee707739484aa38e3e3284c0bdc46 Loading...

	data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html	190 B	2024-04-16	2024-05-20
Pretty URL data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 15:37:11 Last Seen2024-05-20 01:51:29 Times Seen889 Hash 518bc46e071f4383f0e91ae7bf8398a8 136e44c1e6643e961cf51a9267aef6253cc21827 6943aabcd64f39927bc5e8c4d8c66250aeae593b1724eda9ac8dccaea638e8e4 Loading...

	storage.multstorage.com/log/count.html	718 B	2023-09-18	2024-05-20
Pretty URL storage.multstorage.com/log/count.html IP 104.21.30.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-18 17:19:52 Last Seen2024-05-20 13:02:27 Times Seen5660 Hash 1f697a0f2411e463adbc1211493fe5a6 93c154152bda427938543b8efbd8d3b594abbac7 08a5735f5232b651af89f552e8d0fb7b21d6605fba48f335318699d80d12703e Loading...

	unknown	401 B	2024-05-04	2024-05-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 22:45:05 Last Seen2024-05-20 11:10:42 Times Seen777 Hash 15f92ca46c20b71e4ac83e0951409c56 6c5588ef4c50167ff6ac4cdb52ebec06d8445a92 eec1398f03ab6786d9b23ee9d2209731c81e3cd57ea30a4fd5cafa873da424d4 Loading...

	e9b729472c.39268ea911.com/8d49d19b7765f1a8c2fc9471c8f12409.js	101 kB	2024-05-06	2024-05-16
Pretty URL e9b729472c.39268ea911.com/8d49d19b7765f1a8c2fc9471c8f12409.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-06 11:08:30 Last Seen2024-05-16 07:55:12 Times Seen535 Hash 0cbfae16446f6ff17f3f18758b41e37c fdcba827008b6f52caa67735b295f7fab6f26a04 4f5cece30fb18d801a39950fe09419aa3280c654a323e72733b3204ad11a7a33 Loading...

	js.wpshsdk.com/npc/sdk/push.m.js?v=1	34 kB	2024-04-27	2024-05-20
Pretty URL js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 13:51:21 Last Seen2024-05-20 13:02:28 Times Seen1229 Hash a069fdae233705c69db53cdddf953015 2dcfb71c08faa8c09be0196751a3b7f08afbb2e0 8358b4d2ef244f2c763073105b21a552b4589aafcf9b46e128820b35a34f7d9a Loading...

		Size	First Seen	Last Seen
	#1 Write - edc24b7d2fc7536422daee6621435edf	55 B	2024-04-16	2024-05-20
Pretty Observations First Seen2024-04-16 15:37:12 Last Seen2024-05-20 11:10:42 Times Seen1084 Hash edc24b7d2fc7536422daee6621435edf 71fd4875b509449d820e6a3dd7d83e5f6c31fac8 ec599569faa2feb73e0954dcb1f0f7ac5ba6d49ad50d17d3932506608b86a2fc Loading...

	#2 Write - 5a29898793b9b3ba17ab073d341adeba	2.1 kB	2024-04-24	2024-05-20
Pretty Observations First Seen2024-04-24 15:06:47 Last Seen2024-05-20 11:10:42 Times Seen1009 Hash 5a29898793b9b3ba17ab073d341adeba f03628f77ea336b46875ae407ec1a163fcc9fdf4 2fe92a86c380f24be6917f4679f05a4b5d4a84cb42d273279237f55461103123 Loading...

	#3 Write - 8da66cae5fc09ad0ad54710cd4960dbd	88 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 12:02:01 Last Seen2024-05-20 11:10:42 Times Seen1087 Hash 8da66cae5fc09ad0ad54710cd4960dbd 01ef404d9c252491d6f0cd6900cce145d4b76db1 90b1ab53462f9b18c6a0d06704f07055e834c86239bdc87a3708514e9a6b6762 Loading...

	#4 Write - b699f16254cb4306104bd474da89ad1c	222 B	2024-04-16	2024-05-20
Pretty Observations First Seen2024-04-16 15:37:12 Last Seen2024-05-20 11:10:42 Times Seen1084 Hash b699f16254cb4306104bd474da89ad1c 5d2222549c6eeb6082284ac34ef643cbba7f8ac6 eeab9062b520cd46fccf6bfff51b3b0317a68bcee0081345e148192eba4d680a Loading...

	#5 Write - 4b4b5c916fca1f879ae406eafa073906	30 B	2024-04-16	2024-05-20
Pretty Observations First Seen2024-04-16 15:37:12 Last Seen2024-05-20 11:10:42 Times Seen1077 Hash 4b4b5c916fca1f879ae406eafa073906 b188d4ad342b5264c33cf9c6f655aa95118fb6d0 7b5253c47ccce336175a06c9279a4527663c82e012d9b6627083c6503d1cefb4 Loading...

	#6 Write - 2badd01f80cd03eb7ffce90487ab3f71	43 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 12:07:12 Last Seen2024-05-20 11:10:42 Times Seen1085 Hash 2badd01f80cd03eb7ffce90487ab3f71 1d0af7cc184466c7d86216085ea60242daeb1eb4 e8f6c4dca8b7093bad96494bef55525265ce366c13dc6f76d9358cca8ee182d4 Loading...

HTTP Transactions (66)

URL IP Response Size

www.w3schools.com/w3css/4/w3.css

192.229.133.221

200 OK

5.3 kB

URL GET HTTP/2
www.w3schools.com/w3css/4/w3.css
IP
192.229.133.221:443
ASN
#15133 EDGECAST

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerDigiCert Inc
Subject*.w3schools.com
Fingerprint20:AF:FF:E1:FC:DB:58:C8:05:B7:D2:97:1F:8F:A1:C6:AD:ED:59:3A
ValidityWed, 03 Apr 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
Unicode text, UTF-8 (with BOM) text
Size
5.3 kB (5256 bytes)
Hash
ba0537e9574725096af97c27d7e54f76
bd46b47d74d344f435b5805114559d45979762d5
4a7611bc677873a0f87fe21727bc3a2a43f57a5ded3b10ce33a0f371a2e6030f

HTTP Headers

GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 883
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Thu, 09 May 2024 19:32:20 GMT
etag: "0ed8b040a1da1:0+gzip"
last-modified: Wed, 08 May 2024 12:05:22 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5256
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

172.217.21.170

200 OK

30 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
172.217.21.170:443
ASN
#15169 GOOGLE

Requested by
https://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:40:41 GMT
expires: Sat, 03 May 2025 00:40:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 586300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
bfc9ea9322691e4815e1067e92c6e6a1
d748ede44b20a8094fc37bdf1dc745a520d933be
0c5fb7dc3baa0ddb999c8ea9432ed8536995f4f576470d9e2f529708f572675a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 09 May 2024 19:32:21 GMT
Last-Modified: Thu, 09 May 2024 18:54:53 GMT
Server: ECAcc (ska/F756)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tYd0efktCVrPia2_0dM-5C4sGyn0smqsAsgMo03XgMfQDoY4GscQpQ==
Age: 2248

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
bfc9ea9322691e4815e1067e92c6e6a1
d748ede44b20a8094fc37bdf1dc745a520d933be
0c5fb7dc3baa0ddb999c8ea9432ed8536995f4f576470d9e2f529708f572675a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 09 May 2024 19:32:21 GMT
Last-Modified: Thu, 09 May 2024 18:05:37 GMT
Server: ECAcc (ska/F6A0)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Thc-ua3H2LQ5DukR-tKHHqAPBfA6VPoGt4WeaQKoabq-rlhJwmnGzA==
Age: 5204

jsjs.4jpg.top/index.php?js=very

104.21.77.220

200 OK

544 B

URL GET HTTP/3
jsjs.4jpg.top/index.php?js=very
IP
104.21.77.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services LLC
Subject4jpg.top
Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02
ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT

File type
ASCII text, with no line terminators
Size
544 B (544 bytes)
Hash
77542f8a3ada1bb8b45eb9139c5e69ef
08556fa802dce18bec90fc57d62c7caaa4dbbdd0
4a12c40c3eb9ed0e055519dbd5be4cb7e88ee707739484aa38e3e3284c0bdc46

HTTP Headers

GET /index.php?js=very HTTP/1.1
Host: jsjs.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:21 GMT
content-type: text/html; charset=UTF-8
imghost: 17296161209-h-jsjs4jpgtopmh--NO-rm162158222116/index.php?js=very
56nloadrate: 1.43
cache-control: max-age=360000, private
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wwskV8qAHDFSEJZk60FDfmytGr9mo1dvlA5PJNLvI%2BM23SaaAubHvCtK2MirS%2BgS%2FjFxbZe%2B3FiaEjFpO0uG9N%2F1h%2BbZG90C0kDF9NT9B1x8Q9Fvzz%2BB6sgTb2ZA60t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d6f0fdf1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
bfc9ea9322691e4815e1067e92c6e6a1
d748ede44b20a8094fc37bdf1dc745a520d933be
0c5fb7dc3baa0ddb999c8ea9432ed8536995f4f576470d9e2f529708f572675a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 09 May 2024 19:32:21 GMT
Last-Modified: Thu, 09 May 2024 18:29:44 GMT
Server: ECAcc (amb/6AA6)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: A7ObjMzBsIZ0KYQuZpQXyKDSPn8QG4_4qLaYh2zwT7ZO6Alj3ej2gw==
Age: 3757

cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js

104.17.25.14

200 OK

4.0 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (10613)
Size
4.0 kB (3953 bytes)
Hash
ea77f824de2ef57acb12e7cb6596365e
10bad0dbdf30a0471c2c786b349daeb1dd19180e
2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c

HTTP Headers

GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 789235
expires: Tue, 29 Apr 2025 19:32:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7do3tpnUv9oVbO1RSKpAtVX6ct6CmmhPwcRhVPU8%2F0vk7IFu6MOXO2ujH7vOaAlEq%2Bu3Lo%2FguiRk9MU6zJd71%2FrZkobrTD4TfdEAIVAsk4c1YjTk8UEF5QaShGMijXT2cfqxlAvQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88141d74adf20b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

151.101.193.229

200 OK

75 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (563)
Size
75 kB (75372 bytes)
Hash
6e03b01f1b5a43c6aed614fc777eba49
5bcda76ab147e4e722143d58035368a889519fbd
6e0dd9005b931440353e4bdb651477d168f8a7081c1834042468de9febd97342

HTTP Headers

GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.325.0
x-jsd-version-type: version
etag: W/"2c0ab-W82narFH5OciFD1YA1NoqIlRn70"
content-encoding: br
accept-ranges: bytes
date: Thu, 09 May 2024 19:32:21 GMT
age: 16112
x-served-by: cache-fra-eddf8230153-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 75372
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-620120-3

142.250.74.168

200 OK

71 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-620120-3
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
71 kB (70791 bytes)
Hash
084a3149dc86bba45fadedc15d17db4a
845d92d3406d31ab4f7a4dd701af09968f1dfeb4
1ae3ba68c0e11f326a6e9d98172a6ad4ea4a6d306bbdbeba1d65a25e8351856b

HTTP Headers

GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 19:32:21 GMT
expires: Thu, 09 May 2024 19:32:21 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 May 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70791
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

e9b729472c.39268ea911.com/34d6dd2e1c7f31ddf3a9042ff9eeb58b.js

45.133.44.52

200 OK

36 kB

URL GET HTTP/2
e9b729472c.39268ea911.com/34d6dd2e1c7f31ddf3a9042ff9eeb58b.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjecte9b729472c.39268ea911.com
FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8
ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT

File type
gzip compressed data, from Unix
Size
36 kB (36171 bytes)
Hash
bb5625300bc629e96f6394d7d2b3a1e9
c313c97ee1da266ee0291c09a0ce018cdf916a7b
14293703fea05434a766d019057452a840c311065e100904117ef2bfe7b93537

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /34d6dd2e1c7f31ddf3a9042ff9eeb58b.js HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://img.4img.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:21 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 08 May 2024 10:50:20 GMT
etag: W/"663b58ec-1ab25"
content-encoding: gzip
expires: Thu, 09 May 2024 19:37:21 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

mc.webvisor.org/watch/48140495?wmode=7&page-url=https%3A%2F%2Fimg.4img.top%2F%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A118575885404%3Ahid%3A907241329%3Az%3A0%3Ai%3A20240509193222%3Aet%3A1715283142%3Ac%3A1%3Arn%3A274297499%3Arqn%3A1%3Au%3A171528314223579748%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C58%2C340%2C2%2C93%2C0%2C%2C730%2C9%2C1238%2C%2C%2C1245%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283140178%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283142%3At%3A%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E5%AE%9D%E5%B3%B6%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E5%B7%A8%E4%B9%B3%E6%8A%95%E7%A8%BF%E7%94%BB%E5%83%8F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1)

87.250.250.119

448 B

URL
mc.webvisor.org/watch/48140495?wmode=7&page-url=https%3A%2F%2Fimg.4img.top%2F%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A118575885404%3Ahid%3A907241329%3Az%3A0%3Ai%3A20240509193222%3Aet%3A1715283142%3Ac%3A1%3Arn%3A274297499%3Arqn%3A1%3Au%3A171528314223579748%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C58%2C340%2C2%2C93%2C0%2C%2C730%2C9%2C1238%2C%2C%2C1245%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283140178%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283142%3At%3A%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E5%AE%9D%E5%B3%B6%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E5%B7%A8%E4%B9%B3%E6%8A%95%E7%A8%BF%E7%94%BB%E5%83%8F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1)
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

File type
JSON text data
Size
448 B (448 bytes)
Hash
c13e2ff00f870b7a5ad31c129ad17f8c
d2212d928ed921c448544cec4b9699b7da9b3b52
10fcaa0f34585bd84b7426e8db6653a2f4a1c9c940ae20b6f565aa6c743be7a0

HTTP Headers

GET /watch/48140495?wmode=7&page-url=https%3A%2F%2Fimg.4img.top%2F%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A118575885404%3Ahid%3A907241329%3Az%3A0%3Ai%3A20240509193222%3Aet%3A1715283142%3Ac%3A1%3Arn%3A274297499%3Arqn%3A1%3Au%3A171528314223579748%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C58%2C340%2C2%2C93%2C0%2C%2C730%2C9%2C1238%2C%2C%2C1245%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283140178%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283142%3At%3A%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E5%AE%9D%E5%B3%B6%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E5%B7%A8%E4%B9%B3%E6%8A%95%E7%A8%BF%E7%94%BB%E5%83%8F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://img.4img.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: /watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fimg.4img.top%2F%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A118575885404%3Ahid%3A907241329%3Az%3A0%3Ai%3A20240509193222%3Aet%3A1715283142%3Ac%3A1%3Arn%3A274297499%3Arqn%3A1%3Au%3A171528314223579748%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C58%2C340%2C2%2C93%2C0%2C%2C730%2C9%2C1238%2C%2C%2C1245%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283140178%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283142%3At%3A%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E5%AE%9D%E5%B3%B6%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E5%B7%A8%E4%B9%B3%E6%8A%95%E7%A8%BF%E7%94%BB%E5%83%8F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283441412%29fip%281%29ti%281%29&redirnss=1
date: Thu, 09 May 2024 19:32:22 GMT
access-control-allow-origin: https://img.4img.top
set-cookie: yabs-sid=822722741715283142; Path=/; SameSite=None; Secure
i=4s0usya9IGVe4aup0Ou6h7UHJTELAWREJ5BwaKKBjRAr1XTaRYr+2+4hEBaLrs1WcAnjpAl+3avTG/TIjJ6sUYRBWq8=; Expires=Sun, 07-May-2034 19:32:19 GMT; Domain=.webvisor.org; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=952192421715283142; Expires=Sun, 07-May-2034 19:32:19 GMT; Domain=.webvisor.org; Path=/; Secure; SameSite=None
yuidss=952192421715283142; Expires=Fri, 09-May-2025 19:32:22 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
ymex=1746819142.yrts.1715283142#1746819142.yrtsi.1715283142; Expires=Fri, 09-May-2025 19:32:22 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 09-May-2024 19:32:22 GMT
last-modified: Thu, 09-May-2024 19:32:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

www.w3schools.com/w3css/4/w3.css

192.229.133.221

200 OK

5.3 kB

URL GET HTTP/2
www.w3schools.com/w3css/4/w3.css
IP
192.229.133.221:443
ASN
#15133 EDGECAST

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerDigiCert Inc
Subject*.w3schools.com
Fingerprint20:AF:FF:E1:FC:DB:58:C8:05:B7:D2:97:1F:8F:A1:C6:AD:ED:59:3A
ValidityWed, 03 Apr 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
Unicode text, UTF-8 (with BOM) text
Size
5.3 kB (5256 bytes)
Hash
ba0537e9574725096af97c27d7e54f76
bd46b47d74d344f435b5805114559d45979762d5
4a7611bc677873a0f87fe21727bc3a2a43f57a5ded3b10ce33a0f371a2e6030f

HTTP Headers

GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 885
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Thu, 09 May 2024 19:32:22 GMT
etag: "0ed8b040a1da1:0+gzip"
last-modified: Wed, 08 May 2024 12:05:22 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5256
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

172.217.21.170

200 OK

30 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
172.217.21.170:443
ASN
#15169 GOOGLE

Requested by
https://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:40:41 GMT
expires: Sat, 03 May 2025 00:40:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 586301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js

104.17.25.14

200 OK

4.0 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (10613)
Size
4.0 kB (3953 bytes)
Hash
ea77f824de2ef57acb12e7cb6596365e
10bad0dbdf30a0471c2c786b349daeb1dd19180e
2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c

HTTP Headers

GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 789237
expires: Tue, 29 Apr 2025 19:32:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2BBl3ySmnPjOnAkIzDoqRlMznbds%2BTKnXobl7qgjWpvseaZdWSWM49XSCoP4bdnpI%2BPz014nSD5oKWrX4xEJfDzmInV1dhTnTVoCEgFZP4aUbkOWxncdJWXHmvqCh137yXkIOoLv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88141d7cae3db4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-620120-3

142.250.74.168

200 OK

71 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-620120-3
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
71 kB (70809 bytes)
Hash
c6a64ff1bc4fff8e4daa30ee01e581c2
c6dedee84e06ad56e858865c4f1c5495e03b43b5
da8a93ebd216b9702ba2dbda9a5380b0c3895a2e5acd56bae107b05a36802e50

HTTP Headers

GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 19:32:23 GMT
expires: Thu, 09 May 2024 19:32:23 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 May 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70809
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

151.101.193.229

200 OK

75 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (563)
Size
75 kB (75372 bytes)
Hash
6e03b01f1b5a43c6aed614fc777eba49
5bcda76ab147e4e722143d58035368a889519fbd
6e0dd9005b931440353e4bdb651477d168f8a7081c1834042468de9febd97342

HTTP Headers

GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.325.0
x-jsd-version-type: version
etag: W/"2c0ab-W82narFH5OciFD1YA1NoqIlRn70"
content-encoding: br
accept-ranges: bytes
date: Thu, 09 May 2024 19:32:23 GMT
age: 16114
x-served-by: cache-fra-eddf8230153-FRA, cache-hel1410030-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 75372
X-Firefox-Spdy: h2

js.2mp4.xyz/AV4.us.jpg

188.114.97.1

200 OK

8.7 kB

URL GET HTTP/2
js.2mp4.xyz/AV4.us.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services LLC
Subject2mp4.xyz
FingerprintED:E7:E0:E1:A9:53:73:B5:DC:2D:51:FA:D6:F6:F6:7B:04:99:02:28
ValidityThu, 02 May 2024 12:01:28 GMT - Wed, 31 Jul 2024 12:01:27 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3
Size
8.7 kB (8741 bytes)
Hash
edfe007a6e5b3d268b2528f564b60b43
1644c8ef97c871079e07e5079d613af5cb94052f
bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390

HTTP Headers

GET /AV4.us.jpg HTTP/1.1
Host: js.2mp4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:23 GMT
content-type: image/jpeg
content-length: 8741
etag: "2225-614075c7eff6b"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=360000
cf-cache-status: HIT
age: 60786
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9IPuvRADzn5ER2ypSfiQvliNCL3CTMOxFJAOm1kb3iBrIUM9SSzxy3303zQrKmkSQtKRC%2Fwte%2BEc3JXjwUFNTnTH94N1gZ3aM4iGFqQjEXvZmbRh2z9ikFunsADSGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88141d7fecd20b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js

104.17.25.14

200 OK

4.0 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (10613)
Size
4.0 kB (3953 bytes)
Hash
ea77f824de2ef57acb12e7cb6596365e
10bad0dbdf30a0471c2c786b349daeb1dd19180e
2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c

HTTP Headers

GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 789237
expires: Tue, 29 Apr 2025 19:32:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lWwXyjS8sR6BnP9LezoE%2BIg6tTV0j70ys6k6qDaobfuROPqnZR8jux%2BkRdbIJvlhYge%2FXGsLD0O4SKRDTfW5tQ3wd654layU1devWyC6%2BL3BM1tE3xjCBoJ4C79O3C35ZZLDBJe0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88141d813ec556a2-OSL
alt-svc: h3=":443"; ma=86400

jsjs.4jpg.top/index.php?js=very

172.67.211.235

200 OK

30 kB

URL GET HTTP/3
jsjs.4jpg.top/index.php?js=very
IP
172.67.211.235:443
ASN
#13335 CLOUDFLARENET

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services LLC
Subject4jpg.top
Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02
ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT

File type
ASCII text, with no line terminators
Size
30 kB (30472 bytes)
Hash
77542f8a3ada1bb8b45eb9139c5e69ef
08556fa802dce18bec90fc57d62c7caaa4dbbdd0
4a12c40c3eb9ed0e055519dbd5be4cb7e88ee707739484aa38e3e3284c0bdc46

HTTP Headers

GET /index.php?js=very HTTP/1.1
Host: jsjs.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:23 GMT
content-type: text/html; charset=UTF-8
imghost: 17296161209-h-jsjs4jpgtopmh--NO-rm162158222116/index.php?js=very
56nloadrate: 1.403125
cache-control: max-age=360000, private
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBBAERo6q0yvvdrMjrwkImYrTENrZRhfwCCL5KtoatifMhKDDn4th0uj9w1%2Fwt0wCDWfnHdEKNw3T4EkHsvxQUxn3SrSU%2FUdAnCmJx65CjYRamrV5ZSomRoYJgqvcZLj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d7f8f4f569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

151.101.193.229

200 OK

75 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (563)
Size
75 kB (75372 bytes)
Hash
6e03b01f1b5a43c6aed614fc777eba49
5bcda76ab147e4e722143d58035368a889519fbd
6e0dd9005b931440353e4bdb651477d168f8a7081c1834042468de9febd97342

HTTP Headers

GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 75372
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.325.0
x-jsd-version-type: version
etag: W/"2c0ab-W82narFH5OciFD1YA1NoqIlRn70"
content-encoding: br
accept-ranges: bytes
date: Thu, 09 May 2024 19:32:23 GMT
age: 16114
x-served-by: cache-fra-eddf8230153-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

www.googletagmanager.com/gtag/js?id=UA-620120-3

142.250.74.168

200 OK

71 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-620120-3
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
71 kB (70790 bytes)
Hash
f3b281a37d6b0c93b7dbf8d49b54fbe3
461d3c4fe28b23d5e5b9db2d0080625b9c69909d
da10b8683771fbf19920e643b6b4527a5484d1f595d510a435c699ec1d3c8f3f

HTTP Headers

GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 19:32:23 GMT
expires: Thu, 09 May 2024 19:32:23 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 May 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70790
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

e9b729472c.39268ea911.com/34d6dd2e1c7f31ddf3a9042ff9eeb58b.js

45.133.44.53

200 OK

66 kB

URL GET HTTP/2
e9b729472c.39268ea911.com/34d6dd2e1c7f31ddf3a9042ff9eeb58b.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjecte9b729472c.39268ea911.com
FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8
ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
66 kB (66067 bytes)
Hash
3fe2950761b3cbf88532a49e6e8f857d
b52a343a7a76eabe3abeab12bba0e14283a1a873
b7b293b5c9cb1f519330742be6d8da733fa7b6e3dea61aa0fb3b9827b4e591f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /34d6dd2e1c7f31ddf3a9042ff9eeb58b.js HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 08 May 2024 10:50:20 GMT
etag: W/"663b58ec-1ab25"
content-encoding: gzip
expires: Thu, 09 May 2024 19:37:24 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

js.capndr.com/advertising.js

45.133.44.52

200 OK

0 B

URL GET HTTP/2
js.capndr.com/advertising.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06
ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Thu, 09 May 2024 19:37:24 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

cacrz.4jpg.top/AV4.us.jpg

188.114.97.1

200 OK

8.7 kB

URL GET HTTP/2
cacrz.4jpg.top/AV4.us.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services LLC
Subject4jpg.top
Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02
ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3
Size
8.7 kB (8741 bytes)
Hash
edfe007a6e5b3d268b2528f564b60b43
1644c8ef97c871079e07e5079d613af5cb94052f
bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390

HTTP Headers

GET /AV4.us.jpg HTTP/1.1
Host: cacrz.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: image/jpeg
content-length: 8741
etag: "2225-5499bcea176c0"
access-control-allow-origin: *
access-control-allow-headers: Cake
ahost: RZ
cache-control: public, max-age=3600000
cf-cache-status: HIT
age: 789259
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KjgUUqHIpbkaMN26FvjluSOSeiphYOb5Omrku29jctlihMLwNeFZdBviP7YQsmjoSQ3sdp0D3to0lFe4uNDWpMh9%2B9Fvh8xmg2VGaYw1Q2wKWtSjTLqP%2BKDqpodkDM5vtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88141d859d6d56c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mc.webvisor.org/watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1514973805510%3Ahid%3A995904042%3Az%3A0%3Ai%3A20240509193224%3Aet%3A1715283144%3Ac%3A1%3Arn%3A1016910035%3Arqn%3A2%3Au%3A1715283144792198659%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A866%3Ads%3A0%2C0%2C441%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283143102%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283144%3At%3AContact%20%26%20Abuse%20-VIDEOS%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283441412%29fip%281%29ti%281%29&redirnss=1

93.158.134.119

200 OK

448 B

URL GET HTTP/2
mc.webvisor.org/watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1514973805510%3Ahid%3A995904042%3Az%3A0%3Ai%3A20240509193224%3Aet%3A1715283144%3Ac%3A1%3Arn%3A1016910035%3Arqn%3A2%3Au%3A1715283144792198659%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A866%3Ads%3A0%2C0%2C441%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283143102%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283144%3At%3AContact%20%26%20Abuse%20-VIDEOS%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283441412%29fip%281%29ti%281%29&redirnss=1
IP
93.158.134.119:443
ASN
#13238 YANDEX LLC

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type
JSON text data
Size
448 B (448 bytes)
Hash
69810bb365fa98bffb72fd41ceaf4177
23c502d9e2130dfbc2be2c699eaa1c4b846857da
de0236aa6cca4620fd78703fdd59323b5aefc51dd4514ac35613582a27e34feb

HTTP Headers

GET /watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1514973805510%3Ahid%3A995904042%3Az%3A0%3Ai%3A20240509193224%3Aet%3A1715283144%3Ac%3A1%3Arn%3A1016910035%3Arqn%3A2%3Au%3A1715283144792198659%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A866%3Ads%3A0%2C0%2C441%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283143102%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283144%3At%3AContact%20%26%20Abuse%20-VIDEOS%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283441412%29fip%281%29ti%281%29&redirnss=1 HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://data.jpg4.monster
Referer: https://data.jpg4.monster/
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=708882881715283144; i=zjYE53E95tjF9agFmM076qxCngBgpepaNG2Z3f+hX5IA+3H9/o+uFdALTPojQ4gRbwIGheChldb9aEAbEqnX4CD4qJ4=; yandexuid=4687782831715283144; yuidss=4687782831715283144; ymex=1746819144.yrts.1715283144#1746819144.yrtsi.1715283144
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 448
date: Thu, 09 May 2024 19:32:24 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://data.jpg4.monster
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 09-May-2024 19:32:24 GMT
last-modified: Thu, 09-May-2024 19:32:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.webvisor.org/watch/48140495?wmode=7&page-url=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1514973805510%3Ahid%3A995904042%3Az%3A0%3Ai%3A20240509193224%3Aet%3A1715283144%3Ac%3A1%3Arn%3A1016910035%3Arqn%3A2%3Au%3A1715283144792198659%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A866%3Ads%3A0%2C0%2C441%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283143102%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283144%3At%3AContact%20%26%20Abuse%20-VIDEOS%40AV4.us&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1)

93.158.134.119

302 Found

0 B

URL GET HTTP/2
mc.webvisor.org/watch/48140495?wmode=7&page-url=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1514973805510%3Ahid%3A995904042%3Az%3A0%3Ai%3A20240509193224%3Aet%3A1715283144%3Ac%3A1%3Arn%3A1016910035%3Arqn%3A2%3Au%3A1715283144792198659%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A866%3Ads%3A0%2C0%2C441%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283143102%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283144%3At%3AContact%20%26%20Abuse%20-VIDEOS%40AV4.us&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1)
IP
93.158.134.119:443
ASN
#13238 YANDEX LLC

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11
ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch/48140495?wmode=7&page-url=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1514973805510%3Ahid%3A995904042%3Az%3A0%3Ai%3A20240509193224%3Aet%3A1715283144%3Ac%3A1%3Arn%3A1016910035%3Arqn%3A2%3Au%3A1715283144792198659%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A866%3Ads%3A0%2C0%2C441%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283143102%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283144%3At%3AContact%20%26%20Abuse%20-VIDEOS%40AV4.us&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://data.jpg4.monster/
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: /watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1514973805510%3Ahid%3A995904042%3Az%3A0%3Ai%3A20240509193224%3Aet%3A1715283144%3Ac%3A1%3Arn%3A1016910035%3Arqn%3A2%3Au%3A1715283144792198659%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A866%3Ads%3A0%2C0%2C441%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283143102%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283144%3At%3AContact%20%26%20Abuse%20-VIDEOS%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283441412%29fip%281%29ti%281%29&redirnss=1
date: Thu, 09 May 2024 19:32:24 GMT
access-control-allow-origin: https://data.jpg4.monster
set-cookie: yabs-sid=708882881715283144; Path=/; SameSite=None; Secure
i=zjYE53E95tjF9agFmM076qxCngBgpepaNG2Z3f+hX5IA+3H9/o+uFdALTPojQ4gRbwIGheChldb9aEAbEqnX4CD4qJ4=; Expires=Sun, 07-May-2034 19:32:23 GMT; Domain=.webvisor.org; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4687782831715283144; Expires=Sun, 07-May-2034 19:32:23 GMT; Domain=.webvisor.org; Path=/; Secure; SameSite=None
yuidss=4687782831715283144; Expires=Fri, 09-May-2025 19:32:24 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
ymex=1746819144.yrts.1715283144#1746819144.yrtsi.1715283144; Expires=Fri, 09-May-2025 19:32:24 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 09-May-2024 19:32:24 GMT
last-modified: Thu, 09-May-2024 19:32:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

page.phic4.top/myda.php

104.21.73.126

200 OK

504 B

URL GET HTTP/2
page.phic4.top/myda.php
IP
104.21.73.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjectphic4.top
Fingerprint97:7B:53:56:9D:D4:88:D2:B6:C7:77:A9:FB:30:54:BA:5F:88:E8:B2
ValidityThu, 14 Mar 2024 14:09:59 GMT - Wed, 12 Jun 2024 14:09:58 GMT

File type
data
Size
504 B (504 bytes)
Hash
119af5345ace28d0b134ff0fbd54db2e
c0d85f863d3011577d8bbded07cb91e951b40c1a
9df63d2baa22910e4bb560a131b0253812ef595efb6696a8253a9fa6f11658da

HTTP Headers

GET /myda.php HTTP/1.1
Host: page.phic4.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: text/html; charset=utf-8
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3870
last-modified: Thu, 09 May 2024 18:27:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TiDdkNL6Nif2vVYFx9A6fbYs7HW5%2F%2FRs7s0lBsHv0HkXWn0WDkekc9%2BKbkYejCxT3CB2UTm1lJ6qE2%2B9%2FCySHqAZC992Wxw21AbtdAJc%2FA68y6vZ7PTxdiFtL3D%2FhxxdfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d829919b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=23782

157.90.84.242

204 No Content

0 B

URL OPTIONS HTTP/1.1
fp.metricswpsh.com/fp?tag_id=23782
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=23782 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://data.jpg4.monster/
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Thu, 09 May 2024 19:32:25 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://data.jpg4.monster
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

e275260174.05ae41c3fc.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTk0MTI1NzcyNTYwNDc3ODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMi4wIiwidGFnX2lkIjoyMzc4Miwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjU0LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOjB9

45.133.44.53

200 OK

0 B

URL GET HTTP/2
e275260174.05ae41c3fc.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTk0MTI1NzcyNTYwNDc3ODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMi4wIiwidGFnX2lkIjoyMzc4Miwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjU0LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOjB9
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjecte275260174.05ae41c3fc.com
Fingerprint91:7A:C9:0C:9C:3B:D5:9C:7E:DC:91:F5:95:96:9C:15:4F:61:37:FE
ValidityMon, 06 May 2024 02:50:55 GMT - Sun, 04 Aug 2024 02:50:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTk0MTI1NzcyNTYwNDc3ODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMi4wIiwidGFnX2lkIjoyMzc4Miwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjU0LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: e275260174.05ae41c3fc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:25 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

js.wpshsdk.com/npc/sdk/push.m.js?v=1

45.133.44.53

200 OK

15 kB

URL GET HTTP/2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjectjs.wpshsdk.com
Fingerprint7C:0A:CB:08:AD:6F:60:55:9E:07:7C:F7:07:AC:DD:CF:DF:AB:01:FD
ValidityWed, 20 Mar 2024 05:01:38 GMT - Tue, 18 Jun 2024 05:01:37 GMT

File type
gzip compressed data, from Unix
Size
15 kB (15039 bytes)
Hash
a4f864aa27b65e50df8eab4a4c3ebac0
1233ce002948d44e8e0727b02be5e598898a8bc4
fac9352c851236a0d94b13edf7d129a9dc586b51bcd7268860a6fea890845430

HTTP Headers

GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Sat, 27 Apr 2024 11:13:42 GMT
etag: W/"662cdde6-845a"
content-encoding: gzip
expires: Thu, 09 May 2024 19:37:24 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

172.217.21.170

200 OK

30 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
172.217.21.170:443
ASN
#15169 GOOGLE

Requested by
https://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:40:41 GMT
expires: Sat, 03 May 2025 00:40:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 586304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2

172.67.211.235

200 OK

15 kB

URL GET HTTP/3
css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2
IP
172.67.211.235:443
ASN
#13335 CLOUDFLARENET

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services LLC
Subject4jpg.top
Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02
ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size
15 kB (14759 bytes)
Hash
0456d22f98d39a5028be86c6174e351c
64be9d29d1000d3a3b52162cabe27670d13cd125
40a127642cbca7fd5676489345663f1b1a7f8b7190ac0a1ebf49227c734d215c

HTTP Headers

GET /tagjpa.php?noself=1&url=av.av4us.top/tags/2 HTTP/1.1
Host: css.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: text/html; charset=UTF-8
8tagproxuri: /tagjpa.php?noself=1&url=av.av4us.top/tags/2
x-frame-options: ALLOWALL
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=72000
594tagproxuri: /tagjpa.php?noself=1&url=av.av4us.top/tags/2
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: HIT
age: 53365
last-modified: Thu, 09 May 2024 04:42:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EjfOf%2FFt%2FXoMPx12M1WgkRNWKNqYdbHyKfOJpCLUnx1XoaqQUQd%2FhCHGxCDGtJ8v5rXPWHUcjvLjoUCzvgdDR3zNCzFfG2EeQBVOjSmAtAJ%2BMig8lCmmzqaO4Mp0kd8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88141d878c03569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

av.av4us.top//js.2mp4.xyz/AV4.us.jpg

172.67.200.220

6.2 kB

URL GET
av.av4us.top//js.2mp4.xyz/AV4.us.jpg
IP
172.67.200.220:0
ASN
#13335 CLOUDFLARENET

Requested by
https://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2
Certificate
IssuerGoogle Trust Services LLC
Subjectav4us.top
Fingerprint88:5B:37:05:BC:F6:BA:AD:74:15:38:DB:11:3A:C8:B5:01:AE:9A:47
ValidityMon, 06 May 2024 11:10:43 GMT - Sun, 04 Aug 2024 11:10:42 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1299), with CRLF, LF line terminators
Size
6.2 kB (6246 bytes)
Hash
8341e5b845ad799be65e82884c4008f0
ce6ec5fcd534ad91b3f4a4cfc0e6633b9382ee07
a800fdc8418e559c59c1b77b2afe5e9c12e0509191c1d8b9c81a065a241198a0

HTTP Headers

GET //js.2mp4.xyz/AV4.us.jpg HTTP/1.1
Host: av.av4us.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:25 GMT
content-type: text/html; charset=UTF-8
pdojs-line8: host-av.av4us.top127.0.0.1-myhost-av.av4us.top127.0.0.1//js.2mp4.xyz/AV4.us.jpg
phost: av.av4us.top
pdojs-line1052: notjp--myhost-av.av4us.top-filteron-
line2128: notjp--myhost-av.av4us.top-filteron-//js.2mp4.xyz/AV4.us.jpg
line2131: notjp--myhost-av.av4us.top-filteron-
line2428: notjp-//js.2mp4.xyz/AV4.us.jpg-myhost-av.av4us.top-filteron-
cache-control: public, max-age=88451
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
x-proxy-cache-re-la: EXPIRED
xkey-re-re-la: av.//js.2mp4.xyz/AV4.us.jpg-A-av.av4us.top-av.av4us.top-myzone---yes
x-proxy-cache-hd-la: HIT
xkey-hd-la: av.//js.2mp4.xyz/AV4.us.jpg-A-av.av4us.top--my_zone
cf-cache-status: HIT
age: 75944
last-modified: Wed, 08 May 2024 22:26:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=swxyA4PuGnGrO0qGjHv9qLR0Bw%2FNaU8rOLs7ItT0ZA92iqKpG0kzSo6F5F4E6AkZKDC%2BXJhArQhQXMZAPgfP5PrVnqqUbWPnYEe0YAAjcfqUhsMCbYiAwbNPRgSxKJk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d88cdda56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

nereserv.com/in/dip?site=native-push&wl=1&event_id=a263c7d6-edaa-4cf7-8486-2c2a8d47985d&subid=809032184&sid=3937968599&spot_id=17050&created_at=2024-05-09&timezone=0&ver=8.159.0&is_native=1

168.119.25.102

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?site=native-push&wl=1&event_id=a263c7d6-edaa-4cf7-8486-2c2a8d47985d&subid=809032184&sid=3937968599&spot_id=17050&created_at=2024-05-09&timezone=0&ver=8.159.0&is_native=1
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=a263c7d6-edaa-4cf7-8486-2c2a8d47985d&subid=809032184&sid=3937968599&spot_id=17050&created_at=2024-05-09&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 09 May 2024 19:32:25 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

e859321004.6423f6c6c4.com/in/multy

157.90.84.246

200 OK

0 B

URL POST HTTP/2
e859321004.6423f6c6c4.com/in/multy
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subject6423f6c6c4.com
Fingerprint2F:36:6C:E2:70:8D:26:9A:96:36:8B:43:26:81:52:60:C6:18:7B:31
ValiditySun, 05 May 2024 14:01:56 GMT - Sat, 03 Aug 2024 14:01:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: e859321004.6423f6c6c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://data.jpg4.monster/
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.20.1
date: Thu, 09 May 2024 19:32:25 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9a42e37278e1480da7ec417eb8b7285e
2ebb273a9d30622c0371647e60d4323937a9d5bc
0c3686dcbc184d61e8fd14b50520a7d83880a655fa38a7f14443a275130a446e

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 May 2024 19:32:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

storage.multstorage.com/log/count.html

104.21.30.242

200 OK

464 B

URL GET HTTP/2
storage.multstorage.com/log/count.html
IP
104.21.30.242:443
ASN
#13335 CLOUDFLARENET

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmultstorage.com
Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A
ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT

File type
HTML document, ASCII text, with very long lines (700)
Size
464 B (464 bytes)
Hash
b728ca9cd183d1b7c3f72116b19b22a3
c1fd73f6b02cf00b8bc60b09cc99495e8494b739
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: bf89a58de3f68a0e2608cb9defb27fd4
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ztiXOtXkLl9RsPRdlYrzstmT1MP4e0e8AMZh7lwziZT36uFxwqK3MeB6neLZxFfYLhzh4agRZg6ijlUye4TL4q4XIrBJ5H5I8rn4Zc4U9vqtZZMRQASI8B6us3bT76VCLP1up5YzQEyMUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d87ad02b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

172.217.21.170

200 OK

30 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
172.217.21.170:443
ASN
#15169 GOOGLE

Requested by
https://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:40:41 GMT
expires: Sat, 03 May 2025 00:40:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 586304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzOBO6tgQGfr_QJqwinVkQJIXnr0kaH3P6ZXWKAoCY38COFjQkXA1bnFR7L73ZvCRO_npmZJQ

74.125.131.84

302 Found

429 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzOBO6tgQGfr_QJqwinVkQJIXnr0kaH3P6ZXWKAoCY38COFjQkXA1bnFR7L73ZvCRO_npmZJQ
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type
HTML document, ASCII text, with very long lines (406)
Size
429 B (429 bytes)
Hash
4cd25a88b53ffc2bac73bb9b84c2f5a0
981dbaf73cd216ac9fd4390c7361ca691079b79e
fd3b88c73f48ec8557b4ae5dd722e8d62f237d5b46e66037fd602d57c1ffbd82

HTTP Headers

GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzOBO6tgQGfr_QJqwinVkQJIXnr0kaH3P6ZXWKAoCY38COFjQkXA1bnFR7L73ZvCRO_npmZJQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:1AwdliAY0MuBpQAJB5Y5ZNOdmJ9_QQ:8U9c61E5HBPW2Tkw;Path=/;Expires=Sat, 09-May-2026 19:32:25 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 May 2024 19:32:25 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwTSS8jucpEQKpZ2y8lUQHT8Gphhn_UY-fjq3Wlx91ArkHAU31-_i-0WiFPR_jrOc-vGyH_Tg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1811735968%3A1715283145593400&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-bhq8ZvEHjx4gQR6PaslneA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 429
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
295c1ab534489dc31c4940823ae306a6
f64846d666665600e9b3191323707b0312ea2103
f71d58c2003e0da135fb8f57ef576b17eebe7916ced184c7bf99f603049eaddb

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 May 2024 19:32:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

nereserv.com/in/dip?event_id=03966878-2ab9-4e69-bdfa-bb7b6ff7555b&subid=114096166&spot_id=81665&created_at=2024-05-09&timezone=0&ver=1.141.0

168.119.25.102

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?event_id=03966878-2ab9-4e69-bdfa-bb7b6ff7555b&subid=114096166&spot_id=81665&created_at=2024-05-09&timezone=0&ver=1.141.0
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?event_id=03966878-2ab9-4e69-bdfa-bb7b6ff7555b&subid=114096166&spot_id=81665&created_at=2024-05-09&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 09 May 2024 19:32:25 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

js.2mp4.xyz/?vidjs=51uad-5vq

188.114.97.1

22 kB

URL GET
js.2mp4.xyz/?vidjs=51uad-5vq
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services LLC
Subject2mp4.xyz
FingerprintED:E7:E0:E1:A9:53:73:B5:DC:2D:51:FA:D6:F6:F6:7B:04:99:02:28
ValidityThu, 02 May 2024 12:01:28 GMT - Wed, 31 Jul 2024 12:01:27 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (752), with CRLF line terminators
Size
22 kB (22498 bytes)
Hash
43c2c8713d395513c4e66f9cde2b2e18
91f1d97a80a45df119062303003f7adaff9560a4
fd2a053201de2cea9f9808e7697513c0093f4be4324654d70752d8edf1986fbf

HTTP Headers

GET /?vidjs=51uad-5vq HTTP/1.1
Host: js.2mp4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:25 GMT
content-type: text/html; charset=UTF-8
pdo-line12: host-js.2mp4.xyz96.161.209-myhost-158.222.66/?vidjs=51uad-5vq
phost: 
pdo-line55: host-js.2mp4.xyz96.161.209-myhost-158.222.66/?vidjs=51uad-5vq
cache-control: public, max-age=86400
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: HIT
age: 21728
last-modified: Thu, 09 May 2024 13:30:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bhT81iSz2ollUUhAOHw%2BsKtaR13%2BugPMYCB6zhrH77ASqLycJIwBhAvYFIcBuZa0%2F0d0c7k9INokpfVFE9UCpTxEjBwrXUuE4JdoT02ivhZvm91IwArv8401TQ%2B9IA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d899d26b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

157.90.84.246

200 OK

0 B

URL GET HTTP/2
e859321004.6423f6c6c4.com/in/show/?tag_ab=a&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&refdom=data.jpg4.monster&auction_time=1715283145&subid=809032184&sid=3937968599&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=&user_fp=10525439425521361963&score=27.577392754711752&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&icons=ebnbURIQjlrZrBJRqc2kHn2U8T1WDVl5fPGUS2E2o5bxnJaYo-1jboox88bPs-IweSdcTDUD6fJib4RY2nQhNuEfvxOLcoVyo5pkMN37FZswIThSo_end1Vrh2vWe9aZrgFrIi3rI4PxaJQVX_4KI5zVJKmYS4x_R5Wemi8Gd3BDVBq48w&ext_cid=0&px_id=17050&min_cpm=0.04354565869303446&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=5611593267579448210&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01658531723191051&cpm=0&verify_hash=47fdee545a851d3ef77477c99e19e135&is_native=4&real_bid=0.00044402996859443494&original_bid_usd=0.0011658249999999999&original_bid=0.0011658249999999999&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0011658249999999999&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000001165825&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=a70638bf-1dc4-42d1-aa6a-dd8a6d8151df&prev_step_diff=771
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subject6423f6c6c4.com
Fingerprint2F:36:6C:E2:70:8D:26:9A:96:36:8B:43:26:81:52:60:C6:18:7B:31
ValiditySun, 05 May 2024 14:01:56 GMT - Sat, 03 Aug 2024 14:01:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=a&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&refdom=data.jpg4.monster&auction_time=1715283145&subid=809032184&sid=3937968599&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=&user_fp=10525439425521361963&score=27.577392754711752&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&icons=ebnbURIQjlrZrBJRqc2kHn2U8T1WDVl5fPGUS2E2o5bxnJaYo-1jboox88bPs-IweSdcTDUD6fJib4RY2nQhNuEfvxOLcoVyo5pkMN37FZswIThSo_end1Vrh2vWe9aZrgFrIi3rI4PxaJQVX_4KI5zVJKmYS4x_R5Wemi8Gd3BDVBq48w&ext_cid=0&px_id=17050&min_cpm=0.04354565869303446&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=5611593267579448210&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01658531723191051&cpm=0&verify_hash=47fdee545a851d3ef77477c99e19e135&is_native=4&real_bid=0.00044402996859443494&original_bid_usd=0.0011658249999999999&original_bid=0.0011658249999999999&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0011658249999999999&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000001165825&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=a70638bf-1dc4-42d1-aa6a-dd8a6d8151df&prev_step_diff=771 HTTP/1.1
Host: e859321004.6423f6c6c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 May 2024 19:32:25 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

page.phic4.top/myda.php

104.21.73.126

200 OK

41 kB

URL GET HTTP/2
page.phic4.top/myda.php
IP
104.21.73.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjectphic4.top
Fingerprint97:7B:53:56:9D:D4:88:D2:B6:C7:77:A9:FB:30:54:BA:5F:88:E8:B2
ValidityThu, 14 Mar 2024 14:09:59 GMT - Wed, 12 Jun 2024 14:09:58 GMT

File type
data
Size
41 kB (40601 bytes)
Hash
e145154e333b2b1a80da1de26056820c
5d7c97e4762dc0beae7be21345fdda2e652f32d6
8467448c611182413a40e88d77debc847e38c4ab291fee4cdcf82c94e0017f66

HTTP Headers

GET /myda.php HTTP/1.1
Host: page.phic4.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: text/html; charset=utf-8
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3870
last-modified: Thu, 09 May 2024 18:27:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Clrraia9vgKJKv%2BEE2a12jrttf39tQxWs4ejmYsWjsQal3Rg2RwOnxmCmzOISxlPZx5hHX5xoJSdz86SqZu7%2FN%2B6PMrRgvpuqTX0HZbTsVKVSIScXMSA%2F4Pzxb6NtP4%2FYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d828902b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

e859321004.6423f6c6c4.com/in/show/?tag_ab=a&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&refdom=data.jpg4.monster&auction_time=1715283145&subid=809032184&sid=3937968599&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=&user_fp=10525439425521361963&score=27.577392754711752&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DMwx-FALdnEwFvPglO59bGXjSdtZgpjiVIS00IKIYinhv5apCJuk0IdH3FrLj0zoPWVQplgGYMOauCOOz0mY2R7UAnTcIOH0VxIVoaPZEupLJIIkXKBPJOB7UApS4cUQqPJo3uQEJ8vAExP45b8uQB3MZ8IAMS7zpdPsJdg-L5Zt0xS5Z10hl6tVGOkNY-ulzNT-hwWEW1Sm7qaonKbxTIytdnJkBW7M8qZAzuNe8hd0fWc9bCm94ku3DVpEp-73WD5iHastAlmhKJXtj43DbP5jtQ38lYx0I7lb57RSixdPU11ppJw-ZpgoGF1p8snyu2OdG46uaalYXDppzKz9EtOBKynv_QOHXhLuulDcE5TzZbREJP6h600EKLof8fOZj3BiTnqSVsO3K_dQAscoxr_0eSS44iyUoGLDaP_lvGVUzgN1deeRiF82szEqB6KuFYMnALzDFG8mAUIo6Tmj3tPBsp1eS8aR46WyCkUHEbtodhm0VMCNP0bYCKF-e-N3PIcOPAbjRiDxdmHFM_dzvIUN8NhmCE4U-mEKdrSMlhcnyLf3F-S1EQFQmR2y5utLJzSeGe_SHxvsu0aPKKa1vdq93SfA2U6ANjwA3_Pv-uwqiijnNry5OOaWIeFu6K9VAv5LZEEtCivwtBft5hQ8DYC_NSjFXC557JAFO_tD2nwEEw5XF89xTie4RdxKbIGPDh4_OLG86V-G65CsdNajHtNHUC5T6JUvuLQPq0SfnCMty1gLaaiW4falaNuQqVb9411rld8Vvdjw6F2zW9zP73y95LpsaLm3wNavlp5DmwzGut67j8M45p4-tdwVxB14ZfKlsC3HqDqJocCjNTx3LV1dGhaOY2k5TBQHAUwXdfT8lgYkYaxYA0DlmtTxVyjRyYb8ycQQNaqXzKXlyTmBcEcA7HCIZhD2ggd9-GTrZ6EDozoRtyKowbTr1LG2t89JJWX7VTMry_YJHZtrBe7TR9HtxlOPLTEu3HNEiwAma_8DwW5bOYxfVpsjWm9DErUEIoBhWZfMAJE3Yd8LjKwAdDx3uxxgBF5Hh9NMuD3YqfUI20RgJuRgqZzW9uDhKMFNoeToSVSicVozQO5_lyYbGaXjjB6yXIUDGj9R1CWlueFOkJVWCJE4WTgP49Vw97dIzl88k81Dw6gfoXmLHq35ajXGzFUS9DMgnIhTo8YB6Pn1hQiAwvzoBkgxn0LGk-FubJN8zFf-tQkkBocB3gqNRjQzfxKrfo0q3zkwkMOrYGFqu8GeRsc41Dy_0uHWEYucs6DTkEVpz8UHaiCJsPeZp5vZt1NUndC5rYMEVCkV3J7_XC8Y7FoddfQ%26bid%3D0.02334804326239332&icons=ono2q21UEA7dj1wlaeBvoZLKWnEccU252A19dwVxmYSDnzM_gc4WwkYV9jdswqHCYXL8fA-ySUCDy7JmZEnNk-1R-nTneu45DKhFJk6kzl2kjagSsViS5Ts_3ci7AWCyMxWpiNyvkJWCyOpRPKA89_I0f5ex4Ltdl87CojRc-HnrTs3-oFSErgVl37_KNmS5_Njp7OddlfJw68AgoHtG3JHQAr4BkckvoZqByf76CIQ7gf74TGWTzfOY5ehj1X1n6QnyKPR3L4H1UZ4NsilRQCjRqyZVQCN8p_C2gri7j-VkMmaoTjaJAS_Xf1j4JTLJQQoi8dZQnmfYs7RW893bDKIQqBcPJNevqzBG9gWKWAMOBbzKwrgHbFk4THxAug03cgzpgQ87P134WgzX4-sYeebf-8mhxeQ6SAXjpWer5wvtFads5oaAvraylO4ekCGWTR29okjXLJdliqap75j-C7j5CIQIJWxDn2hMccLgkF-TTN5HW1_wRCWHsxnY49MzASdYdcm2itJmxwlJS7Q-MKaGwR8Hp27EmTsbIiczgopRCT4kH_uqbvE1-60sA1xJmbkJlLttj0So0clpOiSwrg-AgjKWHjGjJHGoec5MHYF1ddM35tQKhEhd4hci5CZvvf4fYLKOaYm0tMoEw6OzdOJjScbUcqtJAUphkvTJqDHTW9C8CEBGmOThQs14bWnOHXl2J9b-sehyQsCc7PJpLjlQ8-fE1d3ns82KFLxHgQtCJSFw06DL9RiFJUNnGv_Dn9peTyKEuk2b1XGaIGRR08qS4PsKS0EyqjuAX4u5E7_1DohCVS2dlO-G08RzpnaTFgoltnVnJl0hF-JvWreWnf60KaxOzFmOOql3Lr7txshp6Qf7R3eCf71KRs5-DkimA8FQyy6Pq6RrOBAfG4Um8Fm9LnUbpHqhmnnX74KPv9EabQ2VTNFZiaquH0jXnt4-sxreCOy1oG_6reCt-RXH9crg12NypEiXQ2H5wICb8hGCD409lU7mi-qA5_YKuesVpqtSorMuB0-fa__7E_Mm3_53BP8tPO4xKm2XKPIHG7tdFHzoI6LfFyMqGnaSP4DaQ9s_m1LMuBFt_Uhl3U1g606ovh9hOOD4ZeLcX6x0gOqEATxjyaZya1EJ7j8W2cJrfN1MHwbKnFUX_LRUGi2Of5kTrPD8wwl9DFp7PO3-2_nZ0Uo8Yls93oe0Ue9WsQ5JkrGRBqi-ZF9YFLeiqqjuVD1JT78fFh0rRV6xWo0slV_lvbFF_CFE-H097QyxUnxIujVlmDlHwrkoYl1LZZgOzXO0YO6Ju_8CWAnbcnpQzSdz1m3WNydsuB8jm7Q&ext_cid=224906&px_id=7317050&min_cpm=0.0010248536794133295&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=5611593267579448210&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03144383035898218&cpm=0.02334804326239332&verify_hash=efb917f40bb55c2544e46b6943ce0a82&is_native=1&real_bid=0.023014166506485034&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,5,33,98&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1715455945&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.04&cpa=cad85f50-5a33-467b-9165-572a515f7303&prev_step_diff=770

157.90.84.246

200 OK

0 B

URL GET HTTP/2
e859321004.6423f6c6c4.com/in/show/?tag_ab=a&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&refdom=data.jpg4.monster&auction_time=1715283145&subid=809032184&sid=3937968599&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=&user_fp=10525439425521361963&score=27.577392754711752&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DMwx-FALdnEwFvPglO59bGXjSdtZgpjiVIS00IKIYinhv5apCJuk0IdH3FrLj0zoPWVQplgGYMOauCOOz0mY2R7UAnTcIOH0VxIVoaPZEupLJIIkXKBPJOB7UApS4cUQqPJo3uQEJ8vAExP45b8uQB3MZ8IAMS7zpdPsJdg-L5Zt0xS5Z10hl6tVGOkNY-ulzNT-hwWEW1Sm7qaonKbxTIytdnJkBW7M8qZAzuNe8hd0fWc9bCm94ku3DVpEp-73WD5iHastAlmhKJXtj43DbP5jtQ38lYx0I7lb57RSixdPU11ppJw-ZpgoGF1p8snyu2OdG46uaalYXDppzKz9EtOBKynv_QOHXhLuulDcE5TzZbREJP6h600EKLof8fOZj3BiTnqSVsO3K_dQAscoxr_0eSS44iyUoGLDaP_lvGVUzgN1deeRiF82szEqB6KuFYMnALzDFG8mAUIo6Tmj3tPBsp1eS8aR46WyCkUHEbtodhm0VMCNP0bYCKF-e-N3PIcOPAbjRiDxdmHFM_dzvIUN8NhmCE4U-mEKdrSMlhcnyLf3F-S1EQFQmR2y5utLJzSeGe_SHxvsu0aPKKa1vdq93SfA2U6ANjwA3_Pv-uwqiijnNry5OOaWIeFu6K9VAv5LZEEtCivwtBft5hQ8DYC_NSjFXC557JAFO_tD2nwEEw5XF89xTie4RdxKbIGPDh4_OLG86V-G65CsdNajHtNHUC5T6JUvuLQPq0SfnCMty1gLaaiW4falaNuQqVb9411rld8Vvdjw6F2zW9zP73y95LpsaLm3wNavlp5DmwzGut67j8M45p4-tdwVxB14ZfKlsC3HqDqJocCjNTx3LV1dGhaOY2k5TBQHAUwXdfT8lgYkYaxYA0DlmtTxVyjRyYb8ycQQNaqXzKXlyTmBcEcA7HCIZhD2ggd9-GTrZ6EDozoRtyKowbTr1LG2t89JJWX7VTMry_YJHZtrBe7TR9HtxlOPLTEu3HNEiwAma_8DwW5bOYxfVpsjWm9DErUEIoBhWZfMAJE3Yd8LjKwAdDx3uxxgBF5Hh9NMuD3YqfUI20RgJuRgqZzW9uDhKMFNoeToSVSicVozQO5_lyYbGaXjjB6yXIUDGj9R1CWlueFOkJVWCJE4WTgP49Vw97dIzl88k81Dw6gfoXmLHq35ajXGzFUS9DMgnIhTo8YB6Pn1hQiAwvzoBkgxn0LGk-FubJN8zFf-tQkkBocB3gqNRjQzfxKrfo0q3zkwkMOrYGFqu8GeRsc41Dy_0uHWEYucs6DTkEVpz8UHaiCJsPeZp5vZt1NUndC5rYMEVCkV3J7_XC8Y7FoddfQ%26bid%3D0.02334804326239332&icons=ono2q21UEA7dj1wlaeBvoZLKWnEccU252A19dwVxmYSDnzM_gc4WwkYV9jdswqHCYXL8fA-ySUCDy7JmZEnNk-1R-nTneu45DKhFJk6kzl2kjagSsViS5Ts_3ci7AWCyMxWpiNyvkJWCyOpRPKA89_I0f5ex4Ltdl87CojRc-HnrTs3-oFSErgVl37_KNmS5_Njp7OddlfJw68AgoHtG3JHQAr4BkckvoZqByf76CIQ7gf74TGWTzfOY5ehj1X1n6QnyKPR3L4H1UZ4NsilRQCjRqyZVQCN8p_C2gri7j-VkMmaoTjaJAS_Xf1j4JTLJQQoi8dZQnmfYs7RW893bDKIQqBcPJNevqzBG9gWKWAMOBbzKwrgHbFk4THxAug03cgzpgQ87P134WgzX4-sYeebf-8mhxeQ6SAXjpWer5wvtFads5oaAvraylO4ekCGWTR29okjXLJdliqap75j-C7j5CIQIJWxDn2hMccLgkF-TTN5HW1_wRCWHsxnY49MzASdYdcm2itJmxwlJS7Q-MKaGwR8Hp27EmTsbIiczgopRCT4kH_uqbvE1-60sA1xJmbkJlLttj0So0clpOiSwrg-AgjKWHjGjJHGoec5MHYF1ddM35tQKhEhd4hci5CZvvf4fYLKOaYm0tMoEw6OzdOJjScbUcqtJAUphkvTJqDHTW9C8CEBGmOThQs14bWnOHXl2J9b-sehyQsCc7PJpLjlQ8-fE1d3ns82KFLxHgQtCJSFw06DL9RiFJUNnGv_Dn9peTyKEuk2b1XGaIGRR08qS4PsKS0EyqjuAX4u5E7_1DohCVS2dlO-G08RzpnaTFgoltnVnJl0hF-JvWreWnf60KaxOzFmOOql3Lr7txshp6Qf7R3eCf71KRs5-DkimA8FQyy6Pq6RrOBAfG4Um8Fm9LnUbpHqhmnnX74KPv9EabQ2VTNFZiaquH0jXnt4-sxreCOy1oG_6reCt-RXH9crg12NypEiXQ2H5wICb8hGCD409lU7mi-qA5_YKuesVpqtSorMuB0-fa__7E_Mm3_53BP8tPO4xKm2XKPIHG7tdFHzoI6LfFyMqGnaSP4DaQ9s_m1LMuBFt_Uhl3U1g606ovh9hOOD4ZeLcX6x0gOqEATxjyaZya1EJ7j8W2cJrfN1MHwbKnFUX_LRUGi2Of5kTrPD8wwl9DFp7PO3-2_nZ0Uo8Yls93oe0Ue9WsQ5JkrGRBqi-ZF9YFLeiqqjuVD1JT78fFh0rRV6xWo0slV_lvbFF_CFE-H097QyxUnxIujVlmDlHwrkoYl1LZZgOzXO0YO6Ju_8CWAnbcnpQzSdz1m3WNydsuB8jm7Q&ext_cid=224906&px_id=7317050&min_cpm=0.0010248536794133295&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=5611593267579448210&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03144383035898218&cpm=0.02334804326239332&verify_hash=efb917f40bb55c2544e46b6943ce0a82&is_native=1&real_bid=0.023014166506485034&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,5,33,98&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1715455945&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.04&cpa=cad85f50-5a33-467b-9165-572a515f7303&prev_step_diff=770
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subject6423f6c6c4.com
Fingerprint2F:36:6C:E2:70:8D:26:9A:96:36:8B:43:26:81:52:60:C6:18:7B:31
ValiditySun, 05 May 2024 14:01:56 GMT - Sat, 03 Aug 2024 14:01:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=a&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&refdom=data.jpg4.monster&auction_time=1715283145&subid=809032184&sid=3937968599&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=&user_fp=10525439425521361963&score=27.577392754711752&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DMwx-FALdnEwFvPglO59bGXjSdtZgpjiVIS00IKIYinhv5apCJuk0IdH3FrLj0zoPWVQplgGYMOauCOOz0mY2R7UAnTcIOH0VxIVoaPZEupLJIIkXKBPJOB7UApS4cUQqPJo3uQEJ8vAExP45b8uQB3MZ8IAMS7zpdPsJdg-L5Zt0xS5Z10hl6tVGOkNY-ulzNT-hwWEW1Sm7qaonKbxTIytdnJkBW7M8qZAzuNe8hd0fWc9bCm94ku3DVpEp-73WD5iHastAlmhKJXtj43DbP5jtQ38lYx0I7lb57RSixdPU11ppJw-ZpgoGF1p8snyu2OdG46uaalYXDppzKz9EtOBKynv_QOHXhLuulDcE5TzZbREJP6h600EKLof8fOZj3BiTnqSVsO3K_dQAscoxr_0eSS44iyUoGLDaP_lvGVUzgN1deeRiF82szEqB6KuFYMnALzDFG8mAUIo6Tmj3tPBsp1eS8aR46WyCkUHEbtodhm0VMCNP0bYCKF-e-N3PIcOPAbjRiDxdmHFM_dzvIUN8NhmCE4U-mEKdrSMlhcnyLf3F-S1EQFQmR2y5utLJzSeGe_SHxvsu0aPKKa1vdq93SfA2U6ANjwA3_Pv-uwqiijnNry5OOaWIeFu6K9VAv5LZEEtCivwtBft5hQ8DYC_NSjFXC557JAFO_tD2nwEEw5XF89xTie4RdxKbIGPDh4_OLG86V-G65CsdNajHtNHUC5T6JUvuLQPq0SfnCMty1gLaaiW4falaNuQqVb9411rld8Vvdjw6F2zW9zP73y95LpsaLm3wNavlp5DmwzGut67j8M45p4-tdwVxB14ZfKlsC3HqDqJocCjNTx3LV1dGhaOY2k5TBQHAUwXdfT8lgYkYaxYA0DlmtTxVyjRyYb8ycQQNaqXzKXlyTmBcEcA7HCIZhD2ggd9-GTrZ6EDozoRtyKowbTr1LG2t89JJWX7VTMry_YJHZtrBe7TR9HtxlOPLTEu3HNEiwAma_8DwW5bOYxfVpsjWm9DErUEIoBhWZfMAJE3Yd8LjKwAdDx3uxxgBF5Hh9NMuD3YqfUI20RgJuRgqZzW9uDhKMFNoeToSVSicVozQO5_lyYbGaXjjB6yXIUDGj9R1CWlueFOkJVWCJE4WTgP49Vw97dIzl88k81Dw6gfoXmLHq35ajXGzFUS9DMgnIhTo8YB6Pn1hQiAwvzoBkgxn0LGk-FubJN8zFf-tQkkBocB3gqNRjQzfxKrfo0q3zkwkMOrYGFqu8GeRsc41Dy_0uHWEYucs6DTkEVpz8UHaiCJsPeZp5vZt1NUndC5rYMEVCkV3J7_XC8Y7FoddfQ%26bid%3D0.02334804326239332&icons=ono2q21UEA7dj1wlaeBvoZLKWnEccU252A19dwVxmYSDnzM_gc4WwkYV9jdswqHCYXL8fA-ySUCDy7JmZEnNk-1R-nTneu45DKhFJk6kzl2kjagSsViS5Ts_3ci7AWCyMxWpiNyvkJWCyOpRPKA89_I0f5ex4Ltdl87CojRc-HnrTs3-oFSErgVl37_KNmS5_Njp7OddlfJw68AgoHtG3JHQAr4BkckvoZqByf76CIQ7gf74TGWTzfOY5ehj1X1n6QnyKPR3L4H1UZ4NsilRQCjRqyZVQCN8p_C2gri7j-VkMmaoTjaJAS_Xf1j4JTLJQQoi8dZQnmfYs7RW893bDKIQqBcPJNevqzBG9gWKWAMOBbzKwrgHbFk4THxAug03cgzpgQ87P134WgzX4-sYeebf-8mhxeQ6SAXjpWer5wvtFads5oaAvraylO4ekCGWTR29okjXLJdliqap75j-C7j5CIQIJWxDn2hMccLgkF-TTN5HW1_wRCWHsxnY49MzASdYdcm2itJmxwlJS7Q-MKaGwR8Hp27EmTsbIiczgopRCT4kH_uqbvE1-60sA1xJmbkJlLttj0So0clpOiSwrg-AgjKWHjGjJHGoec5MHYF1ddM35tQKhEhd4hci5CZvvf4fYLKOaYm0tMoEw6OzdOJjScbUcqtJAUphkvTJqDHTW9C8CEBGmOThQs14bWnOHXl2J9b-sehyQsCc7PJpLjlQ8-fE1d3ns82KFLxHgQtCJSFw06DL9RiFJUNnGv_Dn9peTyKEuk2b1XGaIGRR08qS4PsKS0EyqjuAX4u5E7_1DohCVS2dlO-G08RzpnaTFgoltnVnJl0hF-JvWreWnf60KaxOzFmOOql3Lr7txshp6Qf7R3eCf71KRs5-DkimA8FQyy6Pq6RrOBAfG4Um8Fm9LnUbpHqhmnnX74KPv9EabQ2VTNFZiaquH0jXnt4-sxreCOy1oG_6reCt-RXH9crg12NypEiXQ2H5wICb8hGCD409lU7mi-qA5_YKuesVpqtSorMuB0-fa__7E_Mm3_53BP8tPO4xKm2XKPIHG7tdFHzoI6LfFyMqGnaSP4DaQ9s_m1LMuBFt_Uhl3U1g606ovh9hOOD4ZeLcX6x0gOqEATxjyaZya1EJ7j8W2cJrfN1MHwbKnFUX_LRUGi2Of5kTrPD8wwl9DFp7PO3-2_nZ0Uo8Yls93oe0Ue9WsQ5JkrGRBqi-ZF9YFLeiqqjuVD1JT78fFh0rRV6xWo0slV_lvbFF_CFE-H097QyxUnxIujVlmDlHwrkoYl1LZZgOzXO0YO6Ju_8CWAnbcnpQzSdz1m3WNydsuB8jm7Q&ext_cid=224906&px_id=7317050&min_cpm=0.0010248536794133295&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=5611593267579448210&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03144383035898218&cpm=0.02334804326239332&verify_hash=efb917f40bb55c2544e46b6943ce0a82&is_native=1&real_bid=0.023014166506485034&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,5,33,98&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1715455945&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.04&cpa=cad85f50-5a33-467b-9165-572a515f7303&prev_step_diff=770 HTTP/1.1
Host: e859321004.6423f6c6c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 May 2024 19:32:25 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwTSS8jucpEQKpZ2y8lUQHT8Gphhn_UY-fjq3Wlx91ArkHAU31-_i-0WiFPR_jrOc-vGyH_Tg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1811735968%3A1715283145593400&theme=mn&ddm=0

74.125.131.84

403 Forbidden

2.9 kB

URL GET HTTP/2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwTSS8jucpEQKpZ2y8lUQHT8Gphhn_UY-fjq3Wlx91ArkHAU31-_i-0WiFPR_jrOc-vGyH_Tg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1811735968%3A1715283145593400&theme=mn&ddm=0
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type
gzip compressed data, max compression
Size
2.9 kB (2882 bytes)
Hash
723639b6805acd278ad4e55196b8dbe1
200a230b86eeb305bde0f65256da54397891a7e4
e2973533efaa801585a38d80dcee90dbbfc1fe662b2c76c1a73526b3a12c3e52

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwTSS8jucpEQKpZ2y8lUQHT8Gphhn_UY-fjq3Wlx91ArkHAU31-_i-0WiFPR_jrOc-vGyH_Tg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1811735968%3A1715283145593400&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 May 2024 19:32:25 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-7TvlbLGvMJc4bf5ANq5hrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=574ebbde-47cf-4150-82f1-7103d585945f&prev_step_diff=771

45.133.44.25

200 OK

486 B

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=574ebbde-47cf-4150-82f1-7103d585945f&prev_step_diff=771
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=574ebbde-47cf-4150-82f1-7103d585945f&prev_step_diff=771 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:26 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Fri, 09 May 2025 19:32:26 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.25

200 OK

1.1 kB

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:26 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Fri, 09 May 2025 19:32:26 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.w3schools.com/w3css/4/w3.css

192.229.133.221

200 OK

5.3 kB

URL GET HTTP/2
www.w3schools.com/w3css/4/w3.css
IP
192.229.133.221:443
ASN
#15133 EDGECAST

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerDigiCert Inc
Subject*.w3schools.com
Fingerprint20:AF:FF:E1:FC:DB:58:C8:05:B7:D2:97:1F:8F:A1:C6:AD:ED:59:3A
ValidityWed, 03 Apr 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
Unicode text, UTF-8 (with BOM) text
Size
5.3 kB (5256 bytes)
Hash
ba0537e9574725096af97c27d7e54f76
bd46b47d74d344f435b5805114559d45979762d5
4a7611bc677873a0f87fe21727bc3a2a43f57a5ded3b10ce33a0f371a2e6030f

HTTP Headers

GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 889
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Thu, 09 May 2024 19:32:26 GMT
etag: "0ed8b040a1da1:0+gzip"
last-modified: Wed, 08 May 2024 12:05:22 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5256
X-Firefox-Spdy: h2

p.a64x.com/in/tip_shows/?katds_ep=dHLgRyDDJA_Aq-d_I5fMszatvA8V7a6irEAMBneaKukHilxbHR4ZWbcKYkSMSu3gLf14xfLNAGnW4ScCxm_MjbU-m1L4koDFxq50akAFeTxqgqBhLvNRQH7UfQWYXaPQdyoVWOwQhCI-lG8QuwHZSHweiizomqaH0jz-JlcdKqIW-VjP3rUfAayCGKbgtCdLSPW8vZAxjRAaQ4ndkJ8BW8715UconKTxJ_YMO2nGqVad0LafaNY8Uk8ATsJ5cRrPAPJX5l-vSvH4ww2MbobAJT9mzI9zf1SEwlVIQfG0iXlZCXny9_ChRrhl7zjElxUEZ4B_Cw3BDC-WuFNe5IhQ_DWMnh9627CnoOOQxNIN5R5fyHHQaWGWRbRx6OvBQvcyIHloJEjLq2m0I3fdxGOfU1ihXKZyZEi3HV_vpqek_X3mPCv-zhovMfdfrjBqLQg43yBHc41VXI6UmUWZPR3lzy24FvxqalRnJSNXBwOKqXnMNZgz72cI_piSptDa9aTTgd-Z4Lm3fGbOmOlCFMMQf0e8A90DpU6tuzocWHvSufiq_TK3s3mIBTW6Z3HriFw1rtTwFrfgmjI9Td1IU56ySPA0Ao0buHR3VoxIiLq_TqBpb8Ze8d-baoOPtk9zDFO87aK8nXDsNTpsnOkPcb5i4ghFrm7ZWcn7W_9iwPeYE101DBbNVsRQuYa2R52bVDjes5zWKp_AM-jMeySqgMPwwf-TEcI9MzGw8R49zpww-8FWs63nsXvxX1amIXYJIphnA-BBYJPFFVFvlVxuSCCk8Qni_dwMpgCcQyPNnb1DEy2bn7x-9n5jrNaq4ibV4yRiIIszAEx-cxJkDWPkDqLTuAK4LKrZIESwTzdOo7Jv4uBuxsfdbb9UTYxA8-Kdyg1YTw&bid=0.02334804326239332&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.04&cpa=e88ce319-12cf-4d36-b486-745297e1b58b&prev_step_diff=770

172.67.185.171

302 Found

0 B

URL GET HTTP/2
p.a64x.com/in/tip_shows/?katds_ep=dHLgRyDDJA_Aq-d_I5fMszatvA8V7a6irEAMBneaKukHilxbHR4ZWbcKYkSMSu3gLf14xfLNAGnW4ScCxm_MjbU-m1L4koDFxq50akAFeTxqgqBhLvNRQH7UfQWYXaPQdyoVWOwQhCI-lG8QuwHZSHweiizomqaH0jz-JlcdKqIW-VjP3rUfAayCGKbgtCdLSPW8vZAxjRAaQ4ndkJ8BW8715UconKTxJ_YMO2nGqVad0LafaNY8Uk8ATsJ5cRrPAPJX5l-vSvH4ww2MbobAJT9mzI9zf1SEwlVIQfG0iXlZCXny9_ChRrhl7zjElxUEZ4B_Cw3BDC-WuFNe5IhQ_DWMnh9627CnoOOQxNIN5R5fyHHQaWGWRbRx6OvBQvcyIHloJEjLq2m0I3fdxGOfU1ihXKZyZEi3HV_vpqek_X3mPCv-zhovMfdfrjBqLQg43yBHc41VXI6UmUWZPR3lzy24FvxqalRnJSNXBwOKqXnMNZgz72cI_piSptDa9aTTgd-Z4Lm3fGbOmOlCFMMQf0e8A90DpU6tuzocWHvSufiq_TK3s3mIBTW6Z3HriFw1rtTwFrfgmjI9Td1IU56ySPA0Ao0buHR3VoxIiLq_TqBpb8Ze8d-baoOPtk9zDFO87aK8nXDsNTpsnOkPcb5i4ghFrm7ZWcn7W_9iwPeYE101DBbNVsRQuYa2R52bVDjes5zWKp_AM-jMeySqgMPwwf-TEcI9MzGw8R49zpww-8FWs63nsXvxX1amIXYJIphnA-BBYJPFFVFvlVxuSCCk8Qni_dwMpgCcQyPNnb1DEy2bn7x-9n5jrNaq4ibV4yRiIIszAEx-cxJkDWPkDqLTuAK4LKrZIESwTzdOo7Jv4uBuxsfdbb9UTYxA8-Kdyg1YTw&bid=0.02334804326239332&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.04&cpa=e88ce319-12cf-4d36-b486-745297e1b58b&prev_step_diff=770
IP
172.67.185.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services LLC
Subjecta64x.com
Fingerprint86:FD:2B:DD:CC:BD:8D:ED:C0:8D:41:81:C1:48:2D:45:D6:4F:67:88
ValidityTue, 19 Mar 2024 14:58:28 GMT - Mon, 17 Jun 2024 14:58:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/tip_shows/?katds_ep=dHLgRyDDJA_Aq-d_I5fMszatvA8V7a6irEAMBneaKukHilxbHR4ZWbcKYkSMSu3gLf14xfLNAGnW4ScCxm_MjbU-m1L4koDFxq50akAFeTxqgqBhLvNRQH7UfQWYXaPQdyoVWOwQhCI-lG8QuwHZSHweiizomqaH0jz-JlcdKqIW-VjP3rUfAayCGKbgtCdLSPW8vZAxjRAaQ4ndkJ8BW8715UconKTxJ_YMO2nGqVad0LafaNY8Uk8ATsJ5cRrPAPJX5l-vSvH4ww2MbobAJT9mzI9zf1SEwlVIQfG0iXlZCXny9_ChRrhl7zjElxUEZ4B_Cw3BDC-WuFNe5IhQ_DWMnh9627CnoOOQxNIN5R5fyHHQaWGWRbRx6OvBQvcyIHloJEjLq2m0I3fdxGOfU1ihXKZyZEi3HV_vpqek_X3mPCv-zhovMfdfrjBqLQg43yBHc41VXI6UmUWZPR3lzy24FvxqalRnJSNXBwOKqXnMNZgz72cI_piSptDa9aTTgd-Z4Lm3fGbOmOlCFMMQf0e8A90DpU6tuzocWHvSufiq_TK3s3mIBTW6Z3HriFw1rtTwFrfgmjI9Td1IU56ySPA0Ao0buHR3VoxIiLq_TqBpb8Ze8d-baoOPtk9zDFO87aK8nXDsNTpsnOkPcb5i4ghFrm7ZWcn7W_9iwPeYE101DBbNVsRQuYa2R52bVDjes5zWKp_AM-jMeySqgMPwwf-TEcI9MzGw8R49zpww-8FWs63nsXvxX1amIXYJIphnA-BBYJPFFVFvlVxuSCCk8Qni_dwMpgCcQyPNnb1DEy2bn7x-9n5jrNaq4ibV4yRiIIszAEx-cxJkDWPkDqLTuAK4LKrZIESwTzdOo7Jv4uBuxsfdbb9UTYxA8-Kdyg1YTw&bid=0.02334804326239332&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.04&cpa=e88ce319-12cf-4d36-b486-745297e1b58b&prev_step_diff=770 HTTP/1.1
Host: p.a64x.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 09 May 2024 19:32:26 GMT
content-type: application/json
content-length: 0
location: https://imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MbPwF%2BDDWYn%2BjVUlQy3j%2FKe7t%2BbsH6SnBxPzCNqek1NcEg1LW7wTpVuwawubou6Ozq8DRNwlWNQt9pIDkqAQxNM288qTI6Xd82%2FaCoN2P13t6VEGLslT2ZK5OOpW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d8ebeedb511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

imdn.pics/m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg

45.133.44.24

200 OK

11 kB

URL GET HTTP/2
imdn.pics/m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjectimdn.pics
Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5
ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 360x240, components 3
Size
11 kB (11228 bytes)
Hash
7a0f4319e0c7d4e0ec42eae657ba39fd
e2940c23868c5975a1dc1a3c963609b34abbe6b5
6c0278ead1dce8c37b6b233d5251184cd820586eeb5d30db860c1c7315d5dba0

HTTP Headers

GET /m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:26 GMT
content-type: image/jpeg
content-length: 11228
server: nginx
last-modified: Tue, 09 Apr 2024 19:56:57 GMT
etag: "66159d89-2bdc"
x-request-id: 13aea49745d30295dcee0faf2bf8a0c1
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg

45.133.44.24

200 OK

2.5 kB

URL GET HTTP/2
imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjectimdn.pics
Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5
ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3
Size
2.5 kB (2460 bytes)
Hash
9eb726ecf5e85e3b48f854490ff8284a
d08b4f022e64d06f2642c5c9217d35b7851516d5
30bd73405bb72856107c9e940bece489b670970c3d2e4d6b592cc138a67a3c05

HTTP Headers

GET /m/p/0/777/777181/conversions/PguV688J-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:26 GMT
content-type: image/jpeg
content-length: 2460
server: nginx
last-modified: Tue, 09 Apr 2024 19:56:49 GMT
etag: "66159d81-99c"
x-request-id: 064bc710493213dae1825c3b2f5e7289
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

e9b729472c.39268ea911.com/94a773ec0ce10439eaff9dd642e1fefb.js

45.133.44.53

200 OK

470 kB

URL GET HTTP/2
e9b729472c.39268ea911.com/94a773ec0ce10439eaff9dd642e1fefb.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjecte9b729472c.39268ea911.com
FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8
ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT

File type

Size
470 kB (470121 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /94a773ec0ce10439eaff9dd642e1fefb.js HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:25 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 12:49:54 GMT
etag: W/"661e73f2-72c69"
content-encoding: gzip
expires: Thu, 09 May 2024 19:37:25 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

74.125.131.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:bDsQRRxR3YVvYhWaDW_aJeSWCWKa6w:XPNZsHNI4d9WScOt; Expires=Sat, 09-May-2026 19:32:25 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 May 2024 19:32:25 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzOBO6tgQGfr_QJqwinVkQJIXnr0kaH3P6ZXWKAoCY38COFjQkXA1bnFR7L73ZvCRO_npmZJQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-oovX2qjKbiwEpo2eRrHHpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html

188.114.97.1

200 OK

9.7 kB

URL User Request GET HTTP/3
data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectjpg4.monster
FingerprintCD:81:17:42:31:B2:2F:0A:11:E1:03:FC:4F:86:8C:3D:15:14:F6:8A
ValidityThu, 18 Apr 2024 20:22:08 GMT - Wed, 17 Jul 2024 20:22:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (9761), with no line terminators
Size
9.7 kB (9693 bytes)
Hash
88b45941fc17a28fadaecae05aa05caf
9e57d9c93752700e96164dc05e50c398072a62a0
40fd3501d176ed7a1aa93595735e117349ebbed6faa2367389ab3d25a32b6c94

HTTP Headers

GET /contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html HTTP/1.1
Host: data.jpg4.monster
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:23 GMT
content-type: text/html; charset=UTF-8
pdojs-line8: host-data.jpg4.monster127.0.0.1-myhost-data.jpg4.monster127.0.0.1/contact/----%E3%82%B8%E3%83%A5%E3%83%8B%E3%82%A2%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%82%AD%E3%83%A3%E3%83%97%E3%83%81%E3%83%A3/pic1.html
phost: data.jpg4.monster
pdojs-line1052: notjp-es-pt-myhost-data.jpg4.monster-filteron-
line2128: notjp-es-pt-myhost-data.jpg4.monster-filteron-/contact/----%E3%82%B8%E3%83%A5%E3%83%8B%E3%82%A2%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%82%AD%E3%83%A3%E3%83%97%E3%83%81%E3%83%A3/pic1.html
line2131: notjp-es-pt-myhost-data.jpg4.monster-filteron-
line2428: notjp-/contact/----%E3%82%B8%E3%83%A5%E3%83%8B%E3%82%A2%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%82%AD%E3%83%A3%E3%83%97%E3%83%81%E3%83%A3/pic1.html-myhost-data.jpg4.monster-filteron-
cache-control: public, max-age=1816846
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
x-proxy-cache-re-la: HIT
xkey-re-re-la: contactdata.jpg4.monster--data.jpg4.monster-data.jpg4.monster-myzone---no
x-proxy-cache-g-sg1: HIT
xkey-g-sg1: contactdata.jpg4.monster--data.jpg4.monster--my_zone
cf-cache-status: MISS
last-modified: Thu, 09 May 2024 19:32:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nwzvRvZj2OZhAgL05efcz2%2FTj6Vizj8%2BwroPo9auexlgOJ9q0GbuJwQs6%2Fh4a%2BP3BLaMA51yhN14H6O13bJYgfpNoiANY%2FzqnYZH5ftbhk7dVEnECfRg3GtPoUqUSI0suWCItw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d7c8ee70b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

css.4jpg.top/mycss/av4.css?3

172.67.211.235

200 OK

3.8 kB

URL GET HTTP/3
css.4jpg.top/mycss/av4.css?3
IP
172.67.211.235:443
ASN
#13335 CLOUDFLARENET

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services LLC
Subject4jpg.top
Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02
ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT

File type
Unicode text, UTF-8 text, with very long lines (4145), with no line terminators
Size
3.8 kB (3832 bytes)
Hash
632229e131d295fe4f9a0bf73260d8c7
6a026881304a0ca059d5778fead6af759d0bacad
c2b0ff53f6e3c34914c3de2a5d3de4120f0af66f43d47e8df680b1f8c9e80016

HTTP Headers

GET /mycss/av4.css?3 HTTP/1.1
Host: css.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:23 GMT
content-type: text/css
etag: W/"ef8-615968e3e7700"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=360000
cf-cache-status: HIT
age: 54979
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qKhP%2F2SJsdUrrWrxLpQJFDGSiej6%2BoUnE0WfO4D6f3%2Bd%2B0BrJ1woDO8Glsm8DIhG7ltPpL99hWw7dFgTKxwTg9MnVWmQBzy%2Bp3kfU8KAjnNMIQqmpTCi1geNSMivkYE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88141d8119fc569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

css.4jpg.top/mycss/av4.css?3

172.67.211.235

200 OK

3.8 kB

URL GET HTTP/3
css.4jpg.top/mycss/av4.css?3
IP
172.67.211.235:443
ASN
#13335 CLOUDFLARENET

Requested by
https://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2
Certificate
IssuerGoogle Trust Services LLC
Subject4jpg.top
Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02
ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT

File type
Unicode text, UTF-8 text, with very long lines (4145), with no line terminators
Size
3.8 kB (3832 bytes)
Hash
632229e131d295fe4f9a0bf73260d8c7
6a026881304a0ca059d5778fead6af759d0bacad
c2b0ff53f6e3c34914c3de2a5d3de4120f0af66f43d47e8df680b1f8c9e80016

HTTP Headers

GET /mycss/av4.css?3 HTTP/1.1
Host: css.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:25 GMT
content-type: text/css
etag: W/"ef8-615968e3e7700"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=360000
cf-cache-status: HIT
age: 54981
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1h1dBq2Q%2B%2BIR5WvNe1CYzvBVsT73bEJ7%2F18PZ1OiRThxY32B9Cf0uHjhT96XCmwPKnq%2BiuF8V1H7RmQ6QZEk%2B8KuRC05U56uG7EWHxKuP6tG%2BRyEsTm9wRKWb6GlHU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88141d899fbc569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

jsjs.4jpg.top/index.php?js=av4&advertisement&

0.0.0.0

0 B

URL GET
jsjs.4jpg.top/index.php?js=av4&advertisement&
IP
0.0.0.0:0
ASN
#0

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services LLC
Subject4jpg.top
Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02
ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /index.php?js=av4&advertisement& HTTP/1.1
Host: jsjs.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:23 GMT
content-type: text/html; charset=UTF-8
imghost: 17296161209-h-jsjs4jpgtopmh--RU-rm16215822257/index.php?js=av4&advertisement&
56nloadrate: 1.4496875
cache-control: public, max-age=14400, s-max-age=1800
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: HIT
age: 101
last-modified: Thu, 09 May 2024 19:30:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=le0giszc6O55pL%2FYMvW052igXbp9qjby5H2z5S3E9dxX3e9rEpvv%2BLDNtUasBFkUgPcSEKwG8A2wRkEZap99sSyXvK5GWgcEp2avEZI7KOgKq5HniS3pQ4cM3IUERYgb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d7f8f54569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mcpuwpsh.com/get/

94.130.197.240

200 OK

2.1 kB

URL POST HTTP/2
mcpuwpsh.com/get/
IP
94.130.197.240:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92
ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2088), with no line terminators
Size
2.1 kB (2076 bytes)
Hash
8b5ed051eb80e6859ce7240db6a5f16d
2157d7496b2435b7ca06605fb1d32ac8dfac1123
9cf98df45bcd9a2d6dd35d3644ecad0db9c657c33a32ca5ce481d83b054fea9b

HTTP Headers

POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://data.jpg4.monster/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1170
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.16.0
date: Thu, 09 May 2024 19:32:25 GMT
content-type: application/json
content-length: 2076
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

e9b729472c.39268ea911.com/c24b4e831b8a6d9c926c8506ce6591f3/23782?version_name=a

45.133.44.53

200 OK

4.8 kB

URL GET HTTP/2
e9b729472c.39268ea911.com/c24b4e831b8a6d9c926c8506ce6591f3/23782?version_name=a
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjecte9b729472c.39268ea911.com
FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8
ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (5445), with no line terminators
Size
4.8 kB (4827 bytes)
Hash
8b418870ec62fb8cc0fa958bc75dad4a
7ff6c845f369977b6abdae7954aaef052c39bebf
78aa6cb8a462ebcbbddb3d20f4575b906a876015e06d5a78b66838ece45e7ff1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /c24b4e831b8a6d9c926c8506ce6591f3/23782?version_name=a HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Thu, 09 May 2024 19:37:24 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

comments.4jpg.top/comments/embed.js?37

172.67.211.235

302 Found

0 B

URL GET HTTP/3
comments.4jpg.top/comments/embed.js?37
IP
172.67.211.235:443
ASN
#13335 CLOUDFLARENET

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerGoogle Trust Services LLC
Subject4jpg.top
Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02
ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /comments/embed.js?37 HTTP/1.1
Host: comments.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Thu, 09 May 2024 19:32:24 GMT
content-type: text/html
location: http://av.tub4us.top/1
x-proxy-cache-re-la: MISS
xkey-re-re-la: jcomments./comments/embed.js?37-A-comments.4jpg.top-comments.4jpg.top-myzone---no
x-proxy-cache-hd-la: HIT
xkey-hd-la: comments.4jpg.top/comments/embed.js?37--comments.4jpg.top--my_zone
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4QXoFhX7mJP6pOc6w%2BlNAbBnbGuGBylx1O1vUnzlPrKOgWkQP8C%2FZbqX%2F5YTOVe3pr6ZoZKAJOJM33WjEoG5oPYz7rnRPpx1DgGfHgJgCYdk0UEN2MZA%2BY7TWtLCKYjDVuTj%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88141d8109ca569f-OSL
alt-svc: h3=":443"; ma=86400

e9b729472c.39268ea911.com/939b87343a3eb6ec5a1c3e8c8c6f7c47.js

45.133.44.53

200 OK

169 kB

URL GET HTTP/2
e9b729472c.39268ea911.com/939b87343a3eb6ec5a1c3e8c8c6f7c47.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjecte9b729472c.39268ea911.com
FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8
ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT

File type

Size
169 kB (168568 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /939b87343a3eb6ec5a1c3e8c8c6f7c47.js HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Thu, 09 May 2024 19:37:24 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

notification.tubecup.net/tags?tag_id=23782&timezone_olson=UTC&version_name=a&med_script_id=61&page=https%3A//data.jpg4.monster/contact/----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6/pic1.html

78.47.199.206

204 No Content

0 B

URL GET HTTP/2
notification.tubecup.net/tags?tag_id=23782&timezone_olson=UTC&version_name=a&med_script_id=61&page=https%3A//data.jpg4.monster/contact/----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6/pic1.html
IP
78.47.199.206:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tags?tag_id=23782&timezone_olson=UTC&version_name=a&med_script_id=61&page=https%3A//data.jpg4.monster/contact/----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6/pic1.html HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.18.0
date: Thu, 09 May 2024 19:32:24 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

comments.4jpg.top/comments/embed.js?37

172.67.211.235

302 Found

0 B

URL GET HTTP/3
comments.4jpg.top/comments/embed.js?37
IP
172.67.211.235:443
ASN
#13335 CLOUDFLARENET

Requested by
https://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2
Certificate
IssuerGoogle Trust Services LLC
Subject4jpg.top
Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02
ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /comments/embed.js?37 HTTP/1.1
Host: comments.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Thu, 09 May 2024 19:32:25 GMT
content-type: text/html
location: http://av.tub4us.top/1
x-proxy-cache-re-la: MISS
xkey-re-re-la: jcomments./comments/embed.js?37-A-comments.4jpg.top-comments.4jpg.top-myzone---no
x-proxy-cache-hd-la: HIT
xkey-hd-la: comments.4jpg.top/comments/embed.js?37--comments.4jpg.top--my_zone
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=weJAT0SpUNp37nN99rOcTLsKkJN6L04Pp%2B6OFLu8Nehk3kuSvn02Vr6kh49jlPZg0TxYHmbQsEC%2BEjwbX%2FywbYRdeinEigp0pqg9L9Z2pAoDk8d1jiMoJm0kKKnk2jSOTFWqxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88141d897f86569f-OSL
alt-svc: h3=":443"; ma=86400

jsjs.4jpg.top/index.php?js=av4&advertisement&

0.0.0.0

0 B

URL GET
jsjs.4jpg.top/index.php?js=av4&advertisement&
IP
0.0.0.0:0
ASN
#0

Requested by
https://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2
Certificate
IssuerGoogle Trust Services LLC
Subject4jpg.top
Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02
ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /index.php?js=av4&advertisement& HTTP/1.1
Host: jsjs.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:25 GMT
content-type: text/html; charset=UTF-8
imghost: 17296161209-h-jsjs4jpgtopmh--RU-rm16215822257/index.php?js=av4&advertisement&
56nloadrate: 1.4496875
cache-control: public, max-age=14400, s-max-age=1800
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: HIT
age: 103
last-modified: Thu, 09 May 2024 19:30:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2BcPojhEdZepPuZzUy4oe6oUpQut3%2F0GCVOb3pTvGFIVMmUWBnjLYblTZApPGYtX4%2FMsVrUb4Yc5i9rF927yVTLqn%2FehGNrRMv37q%2BS7556Fnl8hoT6J6YEfqQl7ZdqR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d883d7b569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

e9b729472c.39268ea911.com/8d49d19b7765f1a8c2fc9471c8f12409.js

45.133.44.53

200 OK

101 kB

URL GET HTTP/2
e9b729472c.39268ea911.com/8d49d19b7765f1a8c2fc9471c8f12409.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html
Certificate
IssuerLet's Encrypt
Subjecte9b729472c.39268ea911.com
FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8
ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT

File type

Size
101 kB (100855 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8d49d19b7765f1a8c2fc9471c8f12409.js HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 06 May 2024 08:27:28 GMT
etag: W/"66389470-189f7"
content-encoding: gzip
expires: Thu, 09 May 2024 19:37:24 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (33)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by