Report - tapeadvertisement.com/e/6Qb4jgd7oof9GJO

Report Overview

Submitted URL
tapeadvertisement.com/e/6Qb4jgd7oof9GJO
IP
172.67.162.22
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-04 07:03:38
Access
public
Website Title
Streamtape.com
Final URL
tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
12ezo5v60.com	unknown	2023-06-19	2023-06-19	2024-05-02	419 B	159 kB	212.117.190.202
tapeadvertisement.com	unknown	2024-03-22	2024-03-22	2024-03-23	3.3 kB	416 kB	104.21.34.152
thumb.tapecontent.net	98256	2020-01-18	2020-04-26	2024-04-30	464 B	264 kB	104.21.235.147
yy.puffexies.com	unknown	2024-04-23	2024-04-30	2024-04-30	414 B	1.5 kB	23.109.170.189
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-03	492 B	207 kB	142.250.74.35
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	461 B	1.4 kB	142.250.74.100

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	tapeadvertisement.com	Sinkholed
2024-05-04	medium	puffexies.com	Sinkholed
2024-05-04	medium	tapeadvertisement.com	Sinkholed
2024-05-04	medium	tapeadvertisement.com	Sinkholed
2024-05-04	medium	tapeadvertisement.com	Sinkholed
2024-05-04	medium	tapeadvertisement.com	Sinkholed
2024-05-04	medium	tapeadvertisement.com	Sinkholed
2024-05-04	medium	tapeadvertisement.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	tapeadvertisement.com/e/6Qb4jgd7oof9GJO	33 kB	2024-05-04	2024-05-04
Pretty URL tapeadvertisement.com/e/6Qb4jgd7oof9GJO IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 09:03:39 Last Seen2024-05-04 09:03:39 Times Seen1 Hash 2363195121318b4e4394275ede8f1d88 6b2c7e3d38309e94a0b9f6de2f87826bf8fb2959 fb6ee748a0b47c55bf09f12bbecc8b164eae1b4a231c143a37e11b80571e5a18 Loading...

	tapeadvertisement.com/e/6Qb4jgd7oof9GJO	288 B	2024-05-04	2024-05-04
Pretty URL tapeadvertisement.com/e/6Qb4jgd7oof9GJO IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 09:03:39 Last Seen2024-05-04 09:03:39 Times Seen1 Hash df8251eaec67d0bb5d1ca262eab23a8f 8fdceaedc80a80f44a173bf8a5b456d6230dad24 3a781e2e43168252aac55396cf67641fbdaae1d2e93fada8ce9b65e3026aae4a Loading...

	unknown	79 B	2023-04-11	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-05-18 06:07:23 Times Seen126489 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	tapeadvertisement.com/js/jquery.min.js	88 kB	2023-03-07	2024-05-18
Pretty URL tapeadvertisement.com/js/jquery.min.js IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-18 06:24:48 Times Seen98765 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	tapeadvertisement.com/js/player.ec3b7e.js	148 kB	2023-03-07	2024-05-18
Pretty URL tapeadvertisement.com/js/player.ec3b7e.js IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-18 06:07:23 Times Seen436 Hash 1781a0087c11152a2361ca6c84b13fab 87360f858b201c3e28f4af24b2fc7c2d8a8d0232 00c57c8b0121e3c2154bc0c181a5c01ad10550648cc4835a62dc887d5427c656 Loading...

	tapeadvertisement.com/e/6Qb4jgd7oof9GJO	207 B	2023-03-07	2024-05-18
Pretty URL tapeadvertisement.com/e/6Qb4jgd7oof9GJO IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-18 06:07:22 Times Seen226 Hash 326bf869435fdfd3d3e2b6ae92504faa d8f389560a57eebe30e47336c04d60bb0f78642c 02dfbc5561a44e0bd21e3eaa85c620c2d76658781f136705c7c2e91a715e87f9 Loading...

	unknown	37 B	2023-04-11	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-05-18 06:32:04 Times Seen237761 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	tapeadvertisement.com/e/6Qb4jgd7oof9GJO	176 B	2023-03-07	2024-05-18
Pretty URL tapeadvertisement.com/e/6Qb4jgd7oof9GJO IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-18 06:07:22 Times Seen228 Hash 41cc58e5da3a06326891b8646afc7548 a4a725eadb523ca5dee8b3a9a411357a8ed33976 ecbb8b7b69fb79c8909082c10e5d79f11b280d9a089cfde1b89f08f8364d25af Loading...

	tapeadvertisement.com/e/6Qb4jgd7oof9GJO	773 B	2024-05-04	2024-05-04
Pretty URL tapeadvertisement.com/e/6Qb4jgd7oof9GJO IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 09:03:39 Last Seen2024-05-04 09:03:39 Times Seen1 Hash 689107f53c24b29b4bbfab3b0ee24091 7ef055b2caf2dd6aa153c302434b9cb89f95ad3a 21a120008a4b7ee254c365a7b52b54fa0153afd394ce7f86760a514a3ee8215e Loading...

	www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs	884 B	2024-04-24	2024-05-08
Pretty URL www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 19:07:51 Last Seen2024-05-08 15:47:15 Times Seen159 Hash 996b590be570d3613e79a37adb3485e1 a09affc1b206f92d0db4de366c11bc6fc635b928 65ae5fcacb3335ad318606507d85c2f3b1ddae8e968002ae429cd51a32ae3c7f Loading...

	unknown	34 B	2023-04-11	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16:40 Last Seen2024-05-18 06:07:22 Times Seen77378 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	tapeadvertisement.com/adgpt.js	20 B	2023-03-07	2024-05-18
Pretty URL tapeadvertisement.com/adgpt.js IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-18 06:07:23 Times Seen619 Hash 69a305bcdc8e061bbd43294a477a3678 506582a1d912d546f5942d95ffae95ec7f4c37ce 8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa Loading...

	tapeadvertisement.com/e/6Qb4jgd7oof9GJO	54 B	2023-03-07	2024-05-18
Pretty URL tapeadvertisement.com/e/6Qb4jgd7oof9GJO IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-18 06:07:23 Times Seen225 Hash 2823d7b7a22610d80a99e65878e70ae8 545e80f2fabeb1eb49cebb7088635dcc4a867d44 36c7a0369978008d36a90e0e62177759df257606497bcef68e3a0f5b30c65c97 Loading...

	tapeadvertisement.com/e/6Qb4jgd7oof9GJO	370 B	2023-03-07	2024-05-18
Pretty URL tapeadvertisement.com/e/6Qb4jgd7oof9GJO IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-18 06:07:23 Times Seen225 Hash 0b3f8544e15a29c2a15dc1af98210a68 ac09e6ba1b671420fc8dcf45dad1d49353f7d5e4 8b6b4924d58cb7afa649222900dcb4b470e9a45c4ce55265d3fa980cb5c8e34c Loading...

	tapeadvertisement.com/e/6Qb4jgd7oof9GJO	4.9 kB	2023-10-21	2024-05-18
Pretty URL tapeadvertisement.com/e/6Qb4jgd7oof9GJO IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-21 08:54:01 Last Seen2024-05-18 06:07:23 Times Seen227 Hash 991e31d1267d98ff019b705a3d148ae4 ce26bf1efabcfe070f058fbef107ebadbd1d8d40 aeb0b57af128c03be119c7203f7a81fb63705ded005926bf8ee2485f75f31aac Loading...

		Size	First Seen	Last Seen
	#1 Write - e1f1c9f54666acb1650465e150d3df1b	44 B	2023-03-07	2024-05-18
Pretty Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-18 06:07:23 Times Seen226 Hash e1f1c9f54666acb1650465e150d3df1b 6b7251286fa476ae4e0985f8067cc76006a7cf89 490fbee07295a40ddaf64abd25076eb54cd926777e2b307c8a7c537d62f95ec9 Loading...

HTTP Transactions (12)

URL IP Response Size

tapeadvertisement.com/adgpt.js

104.21.34.152

200 OK

20 B

URL GET HTTP/3
tapeadvertisement.com/adgpt.js
IP
104.21.34.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Certificate
IssuerLet's Encrypt
Subjecttapeadvertisement.com
Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08
ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT

File type
ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
69a305bcdc8e061bbd43294a477a3678
506582a1d912d546f5942d95ffae95ec7f4c37ce
8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adgpt.js HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Cookie: _b=kube11
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 07:03:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 20
last-modified: Tue, 28 Mar 2023 18:04:25 GMT
etag: "64232c29-14"
cache-control: max-age=432000
cf-cache-status: HIT
age: 1980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HlXBE079XUCOeSjRBlSBYNeLxfZMxrdSH5BaZvdTVlDj50AbXWHqJl2vGvBZWqv9Bt9FGX1fjZfQ31gBosPNKmlx2cj3ar%2FtQk%2BOIkX7%2FGZFJ6wo7T2yPDGW%2BHOOYTtVy6asEm2mhUU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6a12ea86eb4fa-OSL
alt-svc: h3=":443"; ma=86400

thumb.tapecontent.net/thumb/6Qb4jgd7oof9GJO/8Z04GgQBGjCokw8.jpg

104.21.235.147

200 OK

263 kB

URL GET HTTP/2
thumb.tapecontent.net/thumb/6Qb4jgd7oof9GJO/8Z04GgQBGjCokw8.jpg
IP
104.21.235.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Certificate
IssuerGoogle Trust Services LLC
Subjecttapecontent.net
Fingerprint0D:92:96:2E:BC:7A:10:2B:6D:A4:39:25:87:DD:4B:F9:C6:47:0A:5E
ValidityMon, 15 Apr 2024 06:57:29 GMT - Sun, 14 Jul 2024 06:57:28 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1275x715, components 3
Size
263 kB (262975 bytes)
Hash
928abc761c638d002b79c255082b1155
bef475432d2c7d5dcc73c420766e7e84b8cdf5a5
7a53ca3ce8e250ff28373bbb7f336bc85a11d45c92c8ad3fc2c21ded1eb6739c

HTTP Headers

GET /thumb/6Qb4jgd7oof9GJO/8Z04GgQBGjCokw8.jpg HTTP/1.1
Host: thumb.tapecontent.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 07:03:12 GMT
content-type: image/jpeg
content-length: 262975
last-modified: Sun, 28 Apr 2024 21:18:36 GMT
etag: 4771c870534d
access-control-allow-origin: *
allow: OPTIONS, GET, HEAD, POST
access-control-allow-headers: Upgrade-Insecure-Requests,Range,Content-Type,If-Modified-Since
access-control-expose-headers: ETag,Expires,Location,Content-Length,Accept-Ranges,Content-Encoding,Content-Range
content-disposition: inline; filename="8Z04GgQBGjCokw8.jpg"
cache-control: public, max-age=259200
expires: Sun, 05 May 2024 09:06:57 GMT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I4To%2FiwXfT5ORbqtK1b0v71Bq5PsIXP00p9Q4gAx8fr3o9gBDRHIeFEK%2FUzHLNCcKKAZDFF8NKteWrz354d1wTm0iSqLHfJCBKVJx6duYgPfNZyOG%2Fl%2BWVWjKKuGLohJSRBLFRrUBGI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6a12f381594e1-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

yy.puffexies.com/gPOkVLDriGo/58191

23.109.170.189

200 OK

26 B

URL GET HTTP/1.1
yy.puffexies.com/gPOkVLDriGo/58191
IP
23.109.170.189:443
ASN
#7979 SERVERS-COM

Requested by
https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Certificate
IssuerLet's Encrypt
Subjectyy.puffexies.com
FingerprintB6:80:F5:60:69:79:02:37:A5:DF:8B:13:16:0A:AD:92:C1:9F:42:3A
ValidityTue, 23 Apr 2024 06:37:04 GMT - Mon, 22 Jul 2024 06:37:03 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
4fc71bf68a1d477bd1523733e34d1e90
15119105cffbe108b6cf290146ab02c9aa8517ba
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gPOkVLDriGo/58191 HTTP/1.1
Host: yy.puffexies.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 07:03:12 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://tapeadvertisement.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sun, 05-May-2024 07:03:12 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 05-May-2024 07:03:12 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

142.250.74.35

200 OK

206 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (631)
Size
206 kB (205803 bytes)
Hash
e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tapeadvertisement.com
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:56:11 GMT
expires: Fri, 02 May 2025 01:56:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 191222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tapeadvertisement.com/js/jquery.min.js

104.21.34.152

200 OK

88 kB

URL GET HTTP/3
tapeadvertisement.com/js/jquery.min.js
IP
104.21.34.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Certificate
IssuerLet's Encrypt
Subjecttapeadvertisement.com
Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08
ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Cookie: _b=kube11
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 07:03:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 28 Aug 2020 11:07:33 GMT
etag: W/"5f48e575-15851"
cache-control: max-age=432000
cf-cache-status: HIT
age: 6948
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F3bMGvWZG%2F66FAYHxf7wBUEK3RPP%2BJBFEB6FRakNmu%2FN3bVw3UgNmbvfCdXLvIgNL4fbb00kpjEMO8hGnqgIEPAj4WsfyIE54XTZAsMpH%2Bov6HcqUPhiyDVv9cBkc9Neaukn348PR50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6a12ea871b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tapeadvertisement.com/scss/player.ec3b7d.css

104.21.34.152

200 OK

32 kB

URL GET HTTP/3
tapeadvertisement.com/scss/player.ec3b7d.css
IP
104.21.34.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Certificate
IssuerLet's Encrypt
Subjecttapeadvertisement.com
Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08
ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT

File type
ASCII text, with very long lines (31831), with no line terminators
Size
32 kB (31831 bytes)
Hash
dc2cffa80d365e1efd4a88a462260a60
b0dd95d0afb3c518fc5251cc23c2106cbc9d4fc2
0946d6f8aabb3d1ce41416563689d0e2468a898bda8a2fc190e9b0634288d005

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /scss/player.ec3b7d.css HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Cookie: _b=kube11
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 07:03:12 GMT
content-type: text/css
cf-bgj: minify
etag: W/"622bf673-7b0c"
last-modified: Sat, 12 Mar 2022 01:25:07 GMT
cache-control: max-age=432000
cf-cache-status: HIT
age: 6948
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ICsd%2BquWk2jy2I6NMjIpEYXP4wrFM4SP6cgcrMTW0heX48Fx5cMuEhgm4OsV6NWsc5pIlMbEvz7pFuKaL%2FJ5Uf6BZtTUIWGrGjQLxxgJifUekOY8G4TDskKMOxR6XTCRsG5KjqqVjrk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6a12ea873b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tapeadvertisement.com/js/player.ec3b7e.js

104.21.34.152

200 OK

148 kB

URL GET HTTP/3
tapeadvertisement.com/js/player.ec3b7e.js
IP
104.21.34.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Certificate
IssuerLet's Encrypt
Subjecttapeadvertisement.com
Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08
ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT

File type
JavaScript source, ASCII text, with very long lines (57504)
Size
148 kB (148031 bytes)
Hash
1781a0087c11152a2361ca6c84b13fab
87360f858b201c3e28f4af24b2fc7c2d8a8d0232
00c57c8b0121e3c2154bc0c181a5c01ad10550648cc4835a62dc887d5427c656

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/player.ec3b7e.js HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Cookie: _b=kube11
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 07:03:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 04 Feb 2021 09:32:45 GMT
etag: W/"601bbf3d-2423f"
cache-control: max-age=432000
cf-cache-status: HIT
age: 6948
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5TYxZ9Hk9kDqrH1H4dsIT7vl7eu1VG7zor54o0g3JbDz6oh%2FrM%2FTfwspRj3SsVJbr1PzgEwbMQa%2BV%2F%2BEKfmPXiKC8qTLYnilakvHxolb8v2NPUUYSWlIi%2FfPoMiEpHIUTFF3Dr%2FIymo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6a12f692cb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs

142.250.74.100

200 OK

884 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
JavaScript source, ASCII text, with very long lines (884), with no line terminators
Size
884 B (884 bytes)
Hash
996b590be570d3613e79a37adb3485e1
a09affc1b206f92d0db4de366c11bc6fc635b928
65ae5fcacb3335ad318606507d85c2f3b1ddae8e968002ae429cd51a32ae3c7f

HTTP Headers

GET /recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sat, 04 May 2024 07:03:12 GMT
date: Sat, 04 May 2024 07:03:12 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tapeadvertisement.com/favicon.ico

104.21.34.152

200 OK

42 kB

URL GET HTTP/3
tapeadvertisement.com/favicon.ico
IP
104.21.34.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Certificate
IssuerLet's Encrypt
Subjecttapeadvertisement.com
Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08
ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT

File type
MS Windows icon resource - 1 icon, 100x100, 32 bits/pixel
Size
42 kB (41662 bytes)
Hash
1f1617bb9d33485e49af9fae638831f9
e245af39fd84866e07b7e177fa0ff6d25221252f
3fe1701b124953220bd71e61910006cb7c3ae36f6c8975075c842101d97cf513

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Cookie: _b=kube11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 07:03:13 GMT
content-type: image/x-icon
last-modified: Wed, 01 Apr 2020 13:49:44 GMT
etag: W/"5e849bf8-a2be"
cache-control: max-age=432000
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gFX66Uq4tAfhyUpmP8lU7MjDbQtOBX7hld7JENZfyVvIe9Qr4bhEQub6%2FLYxIft2aSvz%2FbZVYKbFEaZ3f0p4uPQleSqG4DjdaAcxI%2BcfPhoFAA9haMBWM0%2FeNcII8Glvi1rzxlqgHC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6a134ce4fb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

12ezo5v60.com/i/npage/2024703/code.js

212.117.190.202

200 OK

158 kB

URL GET HTTP/2
12ezo5v60.com/i/npage/2024703/code.js
IP
212.117.190.202:443
ASN
#7979 SERVERS-COM

Requested by
https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Certificate
IssuerBuypass AS-983163327
Subject
FingerprintDB:57:32:8B:71:3B:E2:BC:8C:B1:94:D1:8A:25:4E:EE:A7:BA:C5:59
ValidityTue, 09 Jan 2024 13:35:13 GMT - Sat, 06 Jul 2024 21:59:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65107)
Size
158 kB (158045 bytes)
Hash
d5980a48c756bb02bdb71f50b6b30871
6daf72ac2453a7910c058f1fa48b2513ee8d594e
92a009e6c52ba75ed71055c15b5ea803b012be5eca56c960f8f874a6dc3fe2d0

HTTP Headers

GET /i/npage/2024703/code.js HTTP/1.1
Host: 12ezo5v60.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-269a3"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

tapeadvertisement.com/player.svg

104.21.34.152

200 OK

5.5 kB

URL GET HTTP/3
tapeadvertisement.com/player.svg
IP
104.21.34.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Certificate
IssuerLet's Encrypt
Subjecttapeadvertisement.com
Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08
ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT

File type
SVG Scalable Vector Graphics image
Size
5.5 kB (5548 bytes)
Hash
84ae75c5bb8eb53fa80dbf474f2b3c9e
e72ffb84dd4ff1ea1e29ac961af43dc1878ed382
f8f633975f552666d54d543bea7874e3934536447064d67ba8f7bf714c74152d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /player.svg HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/e/6Qb4jgd7oof9GJO
Cookie: _b=kube11
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 07:03:12 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Aug 2020 11:07:33 GMT
etag: W/"5f48e575-15ac"
cache-control: max-age=432000
cf-cache-status: HIT
age: 6948
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ON%2FRYetBV6bEsU2XrRGpmhfoNYgKKC5btOtpeXLj6BsNcqRAF0qNJ89DfQBDLkg%2BtBYnnfKtIGluQFObOBlwb%2F9WtIHW5sueMI8UZ3RHbg8x%2B%2FuT0ftzfo5e1zGrMLUdtDXov5Mvtqo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6a130ca64b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tapeadvertisement.com/e/6Qb4jgd7oof9GJO

104.21.34.152

200 OK

96 kB

URL User Request GET HTTP/2
tapeadvertisement.com/e/6Qb4jgd7oof9GJO
IP
104.21.34.152:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjecttapeadvertisement.com
Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08
ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT

File type
HTML document, ASCII text, with very long lines (31751)
Size
96 kB (95638 bytes)
Hash
928ed9ae361867235c7105e6620aa7d3
edd96f6f52d65b815950c11796f9b1ce3732c298
53ce4160aaad1671d1a0c4846522187216a69b6029e2ed5c182ac5d296e1d4ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /e/6Qb4jgd7oof9GJO HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 07:03:12 GMT
content-type: text/html; charset=UTF-8
cache-control: private
set-cookie: _b=kube11; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZFRwTQZZXU2BYO3vo96FJwFWjTaDr%2Bo2mDwiN32qYw8UCUJ%2F6Bbb5VzqFi18wC7%2FXKUZYrsoJK47eVQ%2FwMn7B2lUd4ubPYlIEtDVoW%2BTOej4xio6twHUzvVmyv0PRSmDCskVPKT4EU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6a12ba94b56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by