Report - yolo80.live/embed.php?id=live6b

Report Overview

Visited public
2023-12-08 12:59:59
Tags
URL
yolo80.live/embed.php?id=live6b
Finishing URL
yolo80.live/embed.php?id=live6b
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
(1) New Message!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-12-06 20:26:27	870 B	836 B	18.157.140.81
pubtrky.com	unknown	2023-11-21	2023-11-21 12:12:26	2023-12-06 10:06:21	478 B	562 B	104.21.8.108
vintageperk.com	unknown	unknown	No data	No data	489 B	467 B	192.243.59.13
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04 17:12:50	2023-12-07 19:44:34	421 B	849 B	104.21.86.121
youradexchange.com	273384	2012-11-09	2013-02-04 17:25:46	2023-12-06 20:26:28	2.9 kB	77 kB	172.64.101.11
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-08 08:34:59	440 B	31 kB	142.250.74.42
yolo80.live	unknown	2023-08-06	2023-08-08 19:25:45	2023-11-01 08:07:44	499 B	2.9 kB	188.114.96.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-08 07:46:22	2.7 kB	92 kB	216.58.211.3
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-12-08 04:23:58	904 B	98 kB	45.133.44.9
mediasama.com	166244	2020-10-16	2015-11-22 06:12:08	2023-12-04 07:23:00	17 kB	2.8 MB	149.56.38.113
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-08 07:43:19	1.4 kB	15 kB	142.250.74.106
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-12-06 20:26:27	818 B	173 kB	104.21.234.32
cdn.barscreative1.com	25648	2021-09-08	2021-09-16 13:14:42	2023-12-07 14:44:24	494 B	2.2 kB	45.133.44.3
i.imgur.com	5110	2009-01-09	2012-05-21 10:09:36	2023-12-07 09:01:01	870 B	2.1 kB	151.101.84.193
xskctff.com	unknown	2023-11-27	2023-11-27 13:39:44	2023-12-08 06:04:15	416 B	174 kB	172.67.209.184
abolishstand.net	unknown	2023-06-20	2023-07-05 15:55:31	2023-11-08 22:27:19	1.9 kB	128 kB	104.21.68.113
awistats.com	unknown	2023-08-04	2023-08-06 00:36:54	2023-11-15 21:10:35	414 B	2.1 kB	172.67.206.156
cupidirresolute.com	unknown	2023-09-29	2023-09-29 12:25:41	2023-11-04 05:16:16	892 B	41 kB	173.233.137.60
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-12-08 05:13:57	440 B	146 kB	151.101.65.229
rotundfetch.com	unknown	2023-11-28	2023-11-28 21:49:14	2023-12-04 13:42:27	4.8 kB	7.7 kB	192.243.59.20
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15 17:46:22	2023-12-06 18:22:49	2.3 kB	101 kB	172.64.109.10
www.gaming-adult.com	315167	2017-06-16	2017-10-26 20:35:18	2023-11-20 08:28:00	627 B	1.8 kB	18.156.93.177
swarm.video	126884	2018-11-05	2017-10-22 21:55:23	2023-11-20 21:56:15	419 B	545 kB	104.21.74.27
acscdn.com	93608	2020-05-05	2020-05-06 10:07:13	2023-12-07 20:37:35	1.7 kB	507 kB	104.21.11.26

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-08	medium	vintageperk.com	Sinkholed
2023-12-08	medium	rotundfetch.com	Sinkholed
2023-12-08	medium	rotundfetch.com	Sinkholed
2023-12-08	medium	rotundfetch.com	Sinkholed
2023-12-08	medium	rotundfetch.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (31)

	URL	From	Size	First Seen	Last Seen
	mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79	ScriptElement	30 B	2023-03-07	2024-08-21
Pretty URL mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79 IP 149.56.38.113 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:10 Last Seen2024-08-21 07:13 Times Seen15 Hash cde5057d41610021d83ccaf4e68564f2 6d4584603448659e26de83c41f234dbbddbb3f07 2069b7c9d47d998e41a42ac88fbf5e12861528f45c1a14021e73bd73f5c72426 Loading...

	cupidirresolute.com/f4/c9/f5/f4c9f5d2db2a809ef278bf4b20d15a20.js	ScriptElement	42 kB	2023-12-08	2023-12-08
Pretty URL cupidirresolute.com/f4/c9/f5/f4c9f5d2db2a809ef278bf4b20d15a20.js IP 173.233.137.60 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 14:00 Last Seen2023-12-08 14:00 Times Seen1 Hash cab0a290743d3b7c71404978a305bfbc 395ce9b01abedfff40a1a5e41f403d0fc9ed3496 9e8ff8a08e522784dd0e9f635625e6e935f6c44463f15b3b2219a47e436f8443 Loading...

	yolo80.live/embed.php?id=live6b	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL yolo80.live/embed.php?id=live6b IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 14:31 Times Seen4655091 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	abolishstand.net/embed/tj0ydc	ScriptElement	44 B	2023-03-07	2025-05-11
Pretty URL abolishstand.net/embed/tj0ydc IP 104.21.68.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14 Last Seen2025-05-11 11:31 Times Seen175 Hash 8fb6e79a44a0c72402372ac295ca331a 3375b6cba22e95d2035a9eac246b4889b55a8ee9 e6dce9d47c5ff7badf344ff43d4394d35dc909cb3689651d044f388f28f7f96d Loading...

	abolishstand.net/deb.js	ScriptElement	26 kB	2023-03-14	2025-05-11
Pretty URL abolishstand.net/deb.js IP 104.21.68.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:08 Last Seen2025-05-11 11:31 Times Seen102 Hash 4854629b2f59efbee5662790a405fa68 961af168c9029a8a3765356bd37631fa3941ccb2 00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5 Loading...

	abolishstand.net/embed/tj0ydc	ScriptElement	1.7 kB	2024-08-20	2024-08-20
Pretty URL abolishstand.net/embed/tj0ydc IP 104.21.68.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:22 Last Seen2024-08-20 16:22 Times Seen1 Hash 1ed6a78921dc72ffa4e7c29fa14345ce 84818fbbf2560a392ddb1b67bfafbafad3063ab4 1b05bab84a2534699b78ef398ac6187269713683d6ae5cd7cfed5c10f1761069 Loading...

	banquetunarmedgrater.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL banquetunarmedgrater.com/advertisers.js IP 104.21.86.121 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 14:31 Times Seen4655091 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	mediasama.com/hentaiheroes/22/n/js/main.js	ScriptElement	1.3 kB	2023-03-07	2024-08-21
Pretty URL mediasama.com/hentaiheroes/22/n/js/main.js IP 149.56.38.113 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17 Last Seen2024-08-21 07:13 Times Seen17 Hash dee042800157426b09099ecf3eb7d004 f0a082059f6f9174869ce1f52b7ee6423a311641 4bad52d0b87da525c7eefbc4bb92656abb89bb6bbec58c54848523ec7ae09587 Loading...

	swarm.video/j79z9kzty.js?v=1.1	ScriptElement	544 kB	2023-03-14	2024-12-08
Pretty URL swarm.video/j79z9kzty.js?v=1.1 IP 104.21.74.27 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 06:05 Last Seen2024-12-08 17:33 Times Seen128 Hash 5bb4a2cc385c78f8f136804a7f9c099d 446deffaa8960d13ef52d28f9e27ade237b6e7b1 7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 14:30 Times Seen57555 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	abolishstand.net/embed/tj0ydc	ScriptElement	287 B	2024-08-20	2024-08-20
Pretty URL abolishstand.net/embed/tj0ydc IP 104.21.68.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:22 Last Seen2024-08-20 16:22 Times Seen1 Hash d5c2ca92123fab52f644ff8b47d58cda de81f540b8486b6c101bd0433970058783463ece 6f46c001ef7dd4ba9f6c54bc7797b18cd0dd0e8d1071fbafda57404d1a17b86c Loading...

	abolishstand.net/embed/tj0ydc	ScriptElement	1.6 kB	2024-08-20	2024-08-20
Pretty URL abolishstand.net/embed/tj0ydc IP 104.21.68.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:22 Last Seen2024-08-20 16:22 Times Seen1 Hash 4d3db70136446b0cfe57ca1166f67105 95ae0cc46f4f6b1896521efb03974cf578892f18 d4f257579bb417c9c5d98cb36c9d4e3cda679d94f592280e03900842dcf920b3 Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-11-23	2024-08-20
Pretty URL friendshipmale.com/sfp.js IP 104.21.234.32 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 18:35 Last Seen2024-08-20 18:08 Times Seen6307 Hash 924e967bca1d599992556a8d139b1c5a 222b09dbf164ddc03d39100fd0524a22018d28b2 ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95 Loading...

	acscdn.com/script/ippg.js	ScriptElement	124 kB	2023-12-04	2023-12-12
Pretty URL acscdn.com/script/ippg.js IP 104.21.11.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 16:59 Last Seen2023-12-12 09:30 Times Seen26 Hash 629c898e9b9aa62310ac901db7d2c0f8 fe9dfa4b6115de890ea2a7b16d26f07bf4e4ef80 c650b12f3ef90266409bdd601ce86898a1fda647b7dad97a6e8597eb97faeb96 Loading...

	cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js	ScriptElement	525 kB	2023-03-07	2025-05-10
Pretty URL cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-05-10 16:59 Times Seen912 Hash f55c6c796275a41ce7d97bd160e648ff 936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89 db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c Loading...

	cupidirresolute.com/93/45/68/93456850b7f4d53848dbd47cd3cb72f3.js	ScriptElement	62 kB	2023-12-08	2023-12-08
Pretty URL cupidirresolute.com/93/45/68/93456850b7f4d53848dbd47cd3cb72f3.js IP 173.233.137.60 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 14:00 Last Seen2023-12-08 14:00 Times Seen1 Hash da16b16d5b92734ac947258ce44277f8 2bc1afa9b26aa639fc18fe0351d6fbeee6008649 dddff0518733e8356ac4cd50842f7d5d907e256693ab37b713b0949d7f72711f Loading...

	abolishstand.net/embed/tj0ydc	ScriptElement	3.8 kB	2024-08-20	2024-08-20
Pretty URL abolishstand.net/embed/tj0ydc IP 104.21.68.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:22 Last Seen2024-08-20 16:22 Times Seen1 Hash 33f461caf8f7342b181ac9c307263241 43e0dd29dd1cdcf4899ddeb9a179983646aa2d55 49f1aa496b59e5fcabe6abdfac5828783fda8002df2da09264722295cc531967 Loading...

	unknown	ScriptElement	1.3 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:22 Last Seen2024-08-20 16:22 Times Seen1 Hash e98878ba9203b668859c087cfeecc446 69a13023376a15753d87264c2010472be8565f2d c6bc3448b4b4351f6728611b7e29625535df662c9c4bd36f4bdd30c92db5342f Loading...

	abolishstand.net/embed/tj0ydc	ScriptElement	1.7 kB	2024-08-20	2024-08-20
Pretty URL abolishstand.net/embed/tj0ydc IP 104.21.68.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:22 Last Seen2024-08-20 16:22 Times Seen1 Hash d08ca0c55f589fd44f9c0090b9a1d7ac 336239f70ec4ec3cf10fac2b9d0a9be64c77c88d 3fa795d9ce87b7430b5ff0ddacfc59c26c95358aa62cd2f15f595bd0affd1ded Loading...

	unknown	Function	34 B	2023-04-11	2025-05-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16 Last Seen2025-05-11 14:26 Times Seen67035 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	cdn.creative-bars1.com/sb/ssp/interstitial/center_banner/2/js/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-06
Pretty URL cdn.creative-bars1.com/sb/ssp/interstitial/center_banner/2/js/jquery.min.js IP 172.64.109.10 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-06 13:06 Times Seen1294 Hash 6326c600df01e3bfb9b40e1aa08176f8 6b4fb754d29b297b539bf62ba9b4eaf0f33f314a df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3 Loading...

	acscdn.com/script/atg.js	ScriptElement	199 kB	2023-12-04	2024-08-20
Pretty URL acscdn.com/script/atg.js IP 104.21.11.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 16:59 Last Seen2024-08-20 16:48 Times Seen17 Hash bf4637a29ed1099ceae6141eef562560 7a9aacff2cc402092277271fa92dea22b5ee8ef9 a1ba21c4d8df7b221e301705b7d265fa045675c29f4c0d637fb23da3180dbcd8 Loading...

	acscdn.com/script/ut.js?cb=1702040388156	ScriptElement	82 kB	2023-12-04	2023-12-12
Pretty URL acscdn.com/script/ut.js?cb=1702040388156 IP 104.21.11.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 16:50 Last Seen2023-12-12 09:30 Times Seen61 Hash 1edfed807930c1dea818ac18c299154c 922ff86c6fccd84cce5f2cc1ff4be0ce5940da6e bf7f34e550f5f6bead66bbd8baa61274bf0cf3ae804661c4b441d240212b8010 Loading...

	youradexchange.com/n/display.php?r=7317534&atag=1&aggr=2&czid=yixrpr15pl&ppv=1&srs=31789d60b20f424ed1383978812d26e6	ScriptElement	15 kB	2023-12-08	2023-12-08
Pretty URL youradexchange.com/n/display.php?r=7317534&atag=1&aggr=2&czid=yixrpr15pl&ppv=1&srs=31789d60b20f424ed1383978812d26e6 IP 172.64.101.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 14:00 Last Seen2023-12-08 14:00 Times Seen1 Hash dfc42b2c4934fd6c29219d42d9d25a1a ebbb358fc5668e80ab1992b8011b312edae97250 b29be1a46d5554ee2250305a52016a0bf80f1824f7b41d534987d00004b91853 Loading...

	abolishstand.net/js/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-05-11
Pretty URL abolishstand.net/js/jquery.min.js IP 104.21.68.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 14:29 Times Seen36345 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	acscdn.com/script/suv5.js	ScriptElement	97 kB	2023-12-04	2023-12-12
Pretty URL acscdn.com/script/suv5.js IP 104.21.11.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 16:59 Last Seen2023-12-12 09:30 Times Seen52 Hash fe85f0affad429f5413cd601a475b728 88b8cee8368b6b943d1ddd5be8b9c441f63ef580 25ab5707f8caa81d4c8ef4d9373254d130c294ed2ee997c807e068b149fdb4e8 Loading...

	abolishstand.net/embed/tj0ydc	ScriptElement	229 B	2023-08-26	2024-11-16
Pretty URL abolishstand.net/embed/tj0ydc IP 104.21.68.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 23:38 Last Seen2024-11-16 01:24 Times Seen26 Hash f76e4c5fe903a421bd5e5696f0e34cc3 4c183b263d804f30f938c76b500a622d9a685a11 2ce819ec8e3ced50ad2a33b23cf4ebc178353948249ae338bdc36bfdf23b4552 Loading...

	abolishstand.net/embed/tj0ydc	ScriptElement	160 B	2023-08-26	2025-05-11
Pretty URL abolishstand.net/embed/tj0ydc IP 104.21.68.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 23:38 Last Seen2025-05-11 11:31 Times Seen139 Hash 5a8804e294acad6c8bd29a7945808ddb 90ffa7ba6d41e154ce325aab134f732e62bed676 98f7e3a041cce30a75f5b01cbf7c1128760da4d9db44e8e2ed148a2154aa3bf8 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9c599006117983bf0eb3e3da7f3409ff	1.4 kB	2024-08-20 16:22	2024-08-20 16:22
Pretty Observations First Seen2024-08-20 16:22 Last Seen2024-08-20 16:22 Times Seen1 Hash 9c599006117983bf0eb3e3da7f3409ff 1072769058fb274c51974513c593a049a3fa822d 775ec7cc75b2bbdd10ab03600db0a7379fddad2d22a221e1f24c58c1cfcfdbc0 Loading...

	#2 Eval - 2a1f09d0902de2b0393b741584f196e2	6.0 kB	2024-08-20 16:22	2024-08-20 16:22
Pretty Observations First Seen2024-08-20 16:22 Last Seen2024-08-20 16:22 Times Seen1 Hash 2a1f09d0902de2b0393b741584f196e2 d6b18b9fb9744712c5f9da198ab2273cb5701a70 bec2aec21eb7ddd1e20e46e56fa4e31f1f9fdf205f3e81003e41da43983fc4cc Loading...

		Size	First Seen	Last Seen
	#1 Write - 763f7f1aec350cd1a46238d1d5c3c229	7 B	2023-03-07 01:03	2025-05-07 06:33
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-07 06:33 Times Seen2208 Hash 763f7f1aec350cd1a46238d1d5c3c229 b4ee6522335b033249255b4cc1d572993282aafb 2f26233595d165e6868c5bb9e5e835506039e72c61a36a1bafb0827abfe746a5 Loading...

HTTP Transactions (65)

URL IP Response Size

cupidirresolute.com/f4/c9/f5/f4c9f5d2db2a809ef278bf4b20d15a20.js

173.233.137.60

200 OK

15 kB

URL GET HTTP/1.1
cupidirresolute.com/f4/c9/f5/f4c9f5d2db2a809ef278bf4b20d15a20.js
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerLet's Encrypt
Subjectcupidirresolute.com
Fingerprint0B:39:9E:8D:F3:17:2C:61:FD:6E:8C:7C:E6:8F:29:01:8E:31:D3:68
ValidityTue, 28 Nov 2023 11:37:39 GMT - Mon, 26 Feb 2024 11:37:38 GMT

File type
ASCII text, with very long lines (42176), with no line terminators
Size
15 kB (15223 bytes)
Hash
cab0a290743d3b7c71404978a305bfbc
395ce9b01abedfff40a1a5e41f403d0fc9ed3496
9e8ff8a08e522784dd0e9f635625e6e935f6c44463f15b3b2219a47e436f8443

HTTP Headers

GET /f4/c9/f5/f4c9f5d2db2a809ef278bf4b20d15a20.js HTTP/1.1
Host: cupidirresolute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 08 Dec 2023 12:59:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7aa2ec37c14a759d7f1eea2c05bd76fb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cupidirresolute.com/93/45/68/93456850b7f4d53848dbd47cd3cb72f3.js

173.233.137.60

200 OK

25 kB

URL GET HTTP/1.1
cupidirresolute.com/93/45/68/93456850b7f4d53848dbd47cd3cb72f3.js
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerLet's Encrypt
Subjectcupidirresolute.com
Fingerprint0B:39:9E:8D:F3:17:2C:61:FD:6E:8C:7C:E6:8F:29:01:8E:31:D3:68
ValidityTue, 28 Nov 2023 11:37:39 GMT - Mon, 26 Feb 2024 11:37:38 GMT

File type
ASCII text, with very long lines (61954)
Size
25 kB (24578 bytes)
Hash
da16b16d5b92734ac947258ce44277f8
2bc1afa9b26aa639fc18fe0351d6fbeee6008649
dddff0518733e8356ac4cd50842f7d5d907e256693ab37b713b0949d7f72711f

HTTP Headers

GET /93/45/68/93456850b7f4d53848dbd47cd3cb72f3.js HTTP/1.1
Host: cupidirresolute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 08 Dec 2023 12:59:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-2805_0=0; expires=Mon, 11 Dec 2023 20:59:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a243c2ec1ccd91586b93df82d11a7e64
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

18.157.140.81

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.157.140.81:443
ASN
#16509 AMAZON-02

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
b5c741b72996e6442ee91b5e7b21105c
cf8410b62634a9bc04ea833dd557d5c4d6dc32c4
16924de36d0dc790973cbe86220fd3d7477d6e12b87b4f9b4d190d04530d95e9

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yolo80.live
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:41 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://yolo80.live
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ce169bc9-b561-4b6b-8d1c-90669dc1a8bd:1:1; expires=Mon, 05 Dec 2033 12:59:41 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.157.140.81

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.157.140.81:443
ASN
#16509 AMAZON-02

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
e436b250c7fcae525a00daed9cb602c3
aa5ca80b2f6912cf1b233013e39400679a8fe412
fb94b82d7224be0cfac63d472446af10b753efbaf35073efbc7456687cbfb3be

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yolo80.live
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:41 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://yolo80.live
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=89f14c5c-2399-4174-bbf0-f2d409542f48:2:1; expires=Mon, 05 Dec 2033 12:59:41 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

pubtrky.com/ut/hb.php?cb=0.16508222529800598&v=1

104.21.8.108

204 No Content

0 B

URL POST HTTP/2
pubtrky.com/ut/hb.php?cb=0.16508222529800598&v=1
IP
104.21.8.108:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectpubtrky.com
FingerprintA5:A1:14:4B:51:48:70:73:A4:B5:3C:89:63:1B:21:45:6C:F5:96:8E
ValidityTue, 21 Nov 2023 10:09:43 GMT - Mon, 19 Feb 2024 10:09:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ut/hb.php?cb=0.16508222529800598&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 723
Origin: https://yolo80.live
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 08 Dec 2023 12:59:41 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoWdXmO0T6hqVGhDcOa5%2FsM%2BZC4uJX9vi528BeNLWUteT3wO2haxEAOvTeD7AUMNIXVk8AC%2Fj2LDUWS5pqryOa6ChrJI20JadtRjBKuJ%2FU%2BnwxfEgnmluiNHhidd5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83252fe0caf85685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vintageperk.com/pixel/purst?dl=0&th=0&sc=0&rs=1454&rd=1454&fd=907&bv=23.12.v.1&tmpl=70

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
vintageperk.com/pixel/purst?dl=0&th=0&sc=0&rs=1454&rd=1454&fd=907&bv=23.12.v.1&tmpl=70
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerLet's Encrypt
Subjectvintageperk.com
FingerprintB5:A1:A6:63:12:26:F5:61:29:1F:59:C4:11:C1:FE:AC:D3:A9:0F:75
ValidityTue, 28 Nov 2023 10:47:12 GMT - Mon, 26 Feb 2024 10:47:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1454&rd=1454&fd=907&bv=23.12.v.1&tmpl=70 HTTP/1.1
Host: vintageperk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 08 Dec 2023 12:59:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

151.101.65.229

200 OK

145 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://abolishstand.net/embed/tj0ydc
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
145 kB (145133 bytes)
Hash
f55c6c796275a41ce7d97bd160e648ff
936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

HTTP Headers

GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abolishstand.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: br
accept-ranges: bytes
date: Fri, 08 Dec 2023 12:59:41 GMT
age: 29956
x-served-by: cache-fra-etou8220029-FRA, cache-bma1681-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 145133
X-Firefox-Spdy: h2

banquetunarmedgrater.com/advertisers.js

104.21.86.121

200 OK

0 B

URL GET HTTP/2
banquetunarmedgrater.com/advertisers.js
IP
104.21.86.121:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint92:8E:AD:72:AC:AD:3B:21:99:CD:21:A0:9F:BD:F2:AF:0D:98:D8:57
ValidityThu, 09 Nov 2023 11:40:15 GMT - Wed, 07 Feb 2024 11:40:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:41 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: c5f3678aef59cc58b0790828a2b78d4b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: STALE
age: 0
last-modified: Fri, 08 Dec 2023 12:59:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mpv8jlRLudrIFXTY%2FGB3p1%2Fg2pAq4Rrv3zmGwKrRUr%2FNTvYL33igX7wNsv37i3WUm%2BfFybUYL%2FErKp46FJSODV2JmSE4o4q9Kz6cztDFqmvxpT9gFdjzOA5IVqz7WW96g8MVUFUu1qiJGts%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252fe27d8c56ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.211.3

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://abolishstand.net/embed/tj0ydc
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://abolishstand.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:40:33 GMT
expires: Fri, 06 Dec 2024 15:40:33 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 76749
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

youradexchange.com/ad/czcf.php?cz=yixrpr15pl

172.64.101.11

200 OK

58 kB

URL GET HTTP/2
youradexchange.com/ad/czcf.php?cz=yixrpr15pl
IP
172.64.101.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectyouradexchange.com
FingerprintFD:52:FD:E8:62:0A:DE:66:86:28:19:39:64:21:57:5C:CB:8A:59:D9
ValidityTue, 17 Oct 2023 07:21:58 GMT - Mon, 15 Jan 2024 07:21:57 GMT

File type
JSON data\012- , ASCII text, with very long lines (304)
Size
58 kB (58383 bytes)
Hash
41b16767ed00896d97806b1cbb35b37f
c2790f969d1300cb7271b5b587367b2a099c42ed
0f81960203fe0104acdc8ecb4fe542cfd5c7d15fc21e48f28965d53313c9a995

HTTP Headers

GET /ad/czcf.php?cz=yixrpr15pl HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yolo80.live/
Origin: https://yolo80.live
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:41 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUQLu%2FjgsTbgZEKM93eREFNA9o9oJAclKO9U6D6WYFL7K0L4K%2FsXyCoAT5t%2FU3wjcZg2eraOp%2BaUIw4qaT44kjFIHzwFp3wofd64qqzjKHbyTEsVTEAxUZ3iAw7wtuYZivGUbuk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83252fe0dd5571e1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.imgur.com/removed.png

151.101.84.193

200 OK

503 B

URL GET HTTP/2
i.imgur.com/removed.png
IP
151.101.84.193:443
ASN
#54113 FASTLY

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintD6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC
ValidityMon, 13 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type
PNG image data, 161 x 81, 1-bit colormap, non-interlaced\012- data
Size
503 B (503 bytes)
Hash
d835884373f4d6c8f24742ceabe74946
20002faf28adfd94ca98cf6ced46f14334b53684
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

HTTP Headers

GET /removed.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yolo80.live/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 14 May 2014 05:44:36 GMT
etag: "d835884373f4d6c8f24742ceabe74946"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 08 Dec 2023 12:59:42 GMT
age: 23172396
x-served-by: cache-bwi5162-BWI, cache-bma1631-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 519606
x-timer: S1702040383.638748,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 503
X-Firefox-Spdy: h2

rotundfetch.com/sbar.json?key=f4c9f5d2db2a809ef278bf4b20d15a20&uuid=ce169bc9-b561-4b6b-8d1c-90669dc1a8bd%3A1%3A1

192.243.59.20

200 OK

4.7 kB

URL GET HTTP/1.1
rotundfetch.com/sbar.json?key=f4c9f5d2db2a809ef278bf4b20d15a20&uuid=ce169bc9-b561-4b6b-8d1c-90669dc1a8bd%3A1%3A1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerLet's Encrypt
Subjectrotundfetch.com
Fingerprint1E:B5:63:51:36:7D:E1:92:81:C0:87:01:E9:B1:53:73:3E:35:CE:15
ValidityTue, 28 Nov 2023 10:39:39 GMT - Mon, 26 Feb 2024 10:39:38 GMT

File type
JSON data\012- , ASCII text, with very long lines (6633), with no line terminators
Size
4.7 kB (4652 bytes)
Hash
f501ae68b51fa28446988d43b0b2f74a
6f8e3e8951684e3f75ac91b1ce0bb3815738e5c0
3f49b7b0501f0fcfe52c702355a290aed76745a6659946457fcef78832993ef3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=f4c9f5d2db2a809ef278bf4b20d15a20&uuid=ce169bc9-b561-4b6b-8d1c-90669dc1a8bd%3A1%3A1 HTTP/1.1
Host: rotundfetch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yolo80.live
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 08 Dec 2023 12:59:42 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://yolo80.live
Access-Control-Allow-Origin: https://yolo80.live
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=20185187; expires=Sat, 09 Dec 2023 12:59:42 GMT; secure; SameSite=None
uid_id2=ce169bc9-b561-4b6b-8d1c-90669dc1a8bd:1:1; expires=Fri, 15 Dec 2023 12:59:42 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 09 Dec 2023 12:59:42 GMT; secure; SameSite=None
uncs=1; expires=Sat, 09 Dec 2023 12:59:42 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 09 Dec 2023 12:59:42 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 09 Dec 2023 12:59:42 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5370fc78e3a4632d1ba8fd534cbb2448
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

rotundfetch.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2tc1Re%2Fr%2B139QWh1o2IMAsXFc3kvjc%2FMs%2BCxVorwZqENpL1%2FfUm19x593Hve%2FMmWQUL0p3TncuXzyQN2qJ2KwgycSMBoeNCsjAI%2FgcKXctMBkYP3HvOuZ8D93w%2B53x%2BUJyTEAU72%2FjY7mlj2HKrTmvXt3Qqbelra5u1kNbpjdqWTtvNG7XB9HL9d0LaqtM3ax8qsWOXIxpSGtKwdkc7ldjB8gyFzp7GYT2m9WZUD1tNDNx%2Fc18E8CyA7J%2BTl6Hl5H%2FbPz%2BDFmOkve9uK7%2BT2%2BztD3qFYbl16MvjT9Kd1JYpeoswcQGS9HheDesnhHx5CTY9njOA7R9OGYDrCQl%2BC8HT43mb4P2ji065gUrB5f9R9sdQZgzNxhD2AbR8TgAhsbaOtPd4zbqS7V6gbIpOyJUXf0OXE3Ll91eQ9r65ZfSgdt%2BaItc29RgkFfRgDN0dIytOkO8F0OUJRP4ZtPyFLL%2B4i7R3uO6NhZZnbwgVtmMu4iXeaodLTd7mSx0ZiqWYttuxFCHrcDmTSOsxdDKGUUMwH6CYHh2gSAIUWYCePKuxVpxQupLwpNHoNIUQjYYQrU5btmSj2UkoCjHlMESeDSHMEMLtI3P72NGPnl%2F%2BAq74EX67gpcBfE7QlxVKRVB6gpIRlJqgzAnKfnUkjY989VgaX%2FBw7qO5b1Qjm3cP2JHNuyolYG54kJ2Tq1P9giYR2FFntaQp4qQlI8kj1qGxSqKVDk%2BaPKIybLGIwusK2l%2Basd3TE%2FLW1h%2FI9IRc1dfB2Qm8OYHQ18CK18HK0UpEwbZHzQ7FXvpk1xrboXWj%2BwrSVsjyK8h3gwNzTl6djXF1%2FVsocXrzz8bMIFyFzFX4VP9E0DUPR%2FdsSQ7v2dKTZ%2BtZrnt6j01HfD9nubr89Udqt7ROrt72w6%2FeE1NgGj7dVD6%2Fy1Kp064nT25pKZW7Y51Q5IdVv6X4RuG3bxUuLbK7G%2B%2FfWe1lTnmvbToGm67rXw5CT8hLr23O1vf692vQbgxXVOgVp2Ru0HYMke3DZ4v%2BvSVwZlHDswBlUY1cxBePRhMYtcgZr%2BD%2FlfNFfOAfousCsPwB0l6FvqvQNxWYGcIXl0d55k5v%2Fjr%2FnJtgxI0LDrlx5tGFuF6f1VQroYmikeJJzJMVRmWcNGPO4lCt8BYLkfuJ8tfe%2FQcAAP%2F%2FAQAA%2F%2F8KOjsUlgQAAA%3D%3D

192.243.59.20

200 OK

7 B

URL GET HTTP/1.1
rotundfetch.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2tc1Re%2Fr%2B139QWh1o2IMAsXFc3kvjc%2FMs%2BCxVorwZqENpL1%2FfUm19x593Hve%2FMmWQUL0p3TncuXzyQN2qJ2KwgycSMBoeNCsjAI%2FgcKXctMBkYP3HvOuZ8D93w%2B53x%2BUJyTEAU72%2FjY7mlj2HKrTmvXt3Qqbelra5u1kNbpjdqWTtvNG7XB9HL9d0LaqtM3ax8qsWOXIxpSGtKwdkc7ldjB8gyFzp7GYT2m9WZUD1tNDNx%2Fc18E8CyA7J%2BTl6Hl5H%2FbPz%2BDFmOkve9uK7%2BT2%2BztD3qFYbl16MvjT9Kd1JYpeoswcQGS9HheDesnhHx5CTY9njOA7R9OGYDrCQl%2BC8HT43mb4P2ji065gUrB5f9R9sdQZgzNxhD2AbR8TgAhsbaOtPd4zbqS7V6gbIpOyJUXf0OXE3Ll91eQ9r65ZfSgdt%2BaItc29RgkFfRgDN0dIytOkO8F0OUJRP4ZtPyFLL%2B4i7R3uO6NhZZnbwgVtmMu4iXeaodLTd7mSx0ZiqWYttuxFCHrcDmTSOsxdDKGUUMwH6CYHh2gSAIUWYCePKuxVpxQupLwpNHoNIUQjYYQrU5btmSj2UkoCjHlMESeDSHMEMLtI3P72NGPnl%2F%2BAq74EX67gpcBfE7QlxVKRVB6gpIRlJqgzAnKfnUkjY989VgaX%2FBw7qO5b1Qjm3cP2JHNuyolYG54kJ2Tq1P9giYR2FFntaQp4qQlI8kj1qGxSqKVDk%2BaPKIybLGIwusK2l%2Basd3TE%2FLW1h%2FI9IRc1dfB2Qm8OYHQ18CK18HK0UpEwbZHzQ7FXvpk1xrboXWj%2BwrSVsjyK8h3gwNzTl6djXF1%2FVsocXrzz8bMIFyFzFX4VP9E0DUPR%2FdsSQ7v2dKTZ%2BtZrnt6j01HfD9nubr89Udqt7ROrt72w6%2FeE1NgGj7dVD6%2Fy1Kp064nT25pKZW7Y51Q5IdVv6X4RuG3bxUuLbK7G%2B%2FfWe1lTnmvbToGm67rXw5CT8hLr23O1vf692vQbgxXVOgVp2Ru0HYMke3DZ4v%2BvSVwZlHDswBlUY1cxBePRhMYtcgZr%2BD%2FlfNFfOAfousCsPwB0l6FvqvQNxWYGcIXl0d55k5v%2Fjr%2FnJtgxI0LDrlx5tGFuF6f1VQroYmikeJJzJMVRmWcNGPO4lCt8BYLkfuJ8tfe%2FQcAAP%2F%2FAQAA%2F%2F8KOjsUlgQAAA%3D%3D
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerLet's Encrypt
Subjectrotundfetch.com
Fingerprint1E:B5:63:51:36:7D:E1:92:81:C0:87:01:E9:B1:53:73:3E:35:CE:15
ValidityTue, 28 Nov 2023 10:39:39 GMT - Mon, 26 Feb 2024 10:39:38 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2tc1Re%2Fr%2B139QWh1o2IMAsXFc3kvjc%2FMs%2BCxVorwZqENpL1%2FfUm19x593Hve%2FMmWQUL0p3TncuXzyQN2qJ2KwgycSMBoeNCsjAI%2FgcKXctMBkYP3HvOuZ8D93w%2B53x%2BUJyTEAU72%2FjY7mlj2HKrTmvXt3Qqbelra5u1kNbpjdqWTtvNG7XB9HL9d0LaqtM3ax8qsWOXIxpSGtKwdkc7ldjB8gyFzp7GYT2m9WZUD1tNDNx%2Fc18E8CyA7J%2BTl6Hl5H%2FbPz%2BDFmOkve9uK7%2BT2%2BztD3qFYbl16MvjT9Kd1JYpeoswcQGS9HheDesnhHx5CTY9njOA7R9OGYDrCQl%2BC8HT43mb4P2ji065gUrB5f9R9sdQZgzNxhD2AbR8TgAhsbaOtPd4zbqS7V6gbIpOyJUXf0OXE3Ll91eQ9r65ZfSgdt%2BaItc29RgkFfRgDN0dIytOkO8F0OUJRP4ZtPyFLL%2B4i7R3uO6NhZZnbwgVtmMu4iXeaodLTd7mSx0ZiqWYttuxFCHrcDmTSOsxdDKGUUMwH6CYHh2gSAIUWYCePKuxVpxQupLwpNHoNIUQjYYQrU5btmSj2UkoCjHlMESeDSHMEMLtI3P72NGPnl%2F%2BAq74EX67gpcBfE7QlxVKRVB6gpIRlJqgzAnKfnUkjY989VgaX%2FBw7qO5b1Qjm3cP2JHNuyolYG54kJ2Tq1P9giYR2FFntaQp4qQlI8kj1qGxSqKVDk%2BaPKIybLGIwusK2l%2Basd3TE%2FLW1h%2FI9IRc1dfB2Qm8OYHQ18CK18HK0UpEwbZHzQ7FXvpk1xrboXWj%2BwrSVsjyK8h3gwNzTl6djXF1%2FVsocXrzz8bMIFyFzFX4VP9E0DUPR%2FdsSQ7v2dKTZ%2BtZrnt6j01HfD9nubr89Udqt7ROrt72w6%2FeE1NgGj7dVD6%2Fy1Kp064nT25pKZW7Y51Q5IdVv6X4RuG3bxUuLbK7G%2B%2FfWe1lTnmvbToGm67rXw5CT8hLr23O1vf692vQbgxXVOgVp2Ru0HYMke3DZ4v%2BvSVwZlHDswBlUY1cxBePRhMYtcgZr%2BD%2FlfNFfOAfousCsPwB0l6FvqvQNxWYGcIXl0d55k5v%2Fjr%2FnJtgxI0LDrlx5tGFuF6f1VQroYmikeJJzJMVRmWcNGPO4lCt8BYLkfuJ8tfe%2FQcAAP%2F%2FAQAA%2F%2F8KOjsUlgQAAA%3D%3D HTTP/1.1
Host: rotundfetch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Cookie: u_pl=20185187; uid_id2=ce169bc9-b561-4b6b-8d1c-90669dc1a8bd:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 08 Dec 2023 12:59:42 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2c52b70a7d9c63e21c04b3d04cf20ec4
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/si/d9/00/89/d90089da48b102b32e93dd9b6d740f49/1701651794.png

45.133.44.9

200 OK

14 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/d9/00/89/d90089da48b102b32e93dd9b6d740f49/1701651794.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14496 bytes)
Hash
962ac416cce3fad636d4904386c8d3d4
811166fceb971353dc6a9ea3a153367f20b47592
ec6c8e1c030499a846897265d0c1f66dedc6ece17c1ea6006b700faf37e73555

HTTP Headers

GET /si/d9/00/89/d90089da48b102b32e93dd9b6d740f49/1701651794.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:43 GMT
content-type: image/png
content-length: 14496
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:03:23 GMT
etag: "656d255b-38a0"
expires: Sun, 10 Dec 2023 12:59:43 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/53/8c/6d/538c6d14c11465cad60a6fff9f4e66bb/1701651853.png

45.133.44.9

200 OK

83 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/53/8c/6d/538c6d14c11465cad60a6fff9f4e66bb/1701651853.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
PNG image data, 360 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
83 kB (83188 bytes)
Hash
7310a1b7798db42cef036b303df3c140
d1a4b062d4703ca04d1089393ff1cd7f66aae3f1
668cd1cff2362c9fe27026f23a241deeb005b67b0dd3428713a57435705d1650

HTTP Headers

GET /si/53/8c/6d/538c6d14c11465cad60a6fff9f4e66bb/1701651853.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:43 GMT
content-type: image/png
content-length: 83188
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:04:22 GMT
etag: "656d2596-144f4"
expires: Sun, 10 Dec 2023 12:59:43 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.211.3

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://yolo80.live
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 04:57:34 GMT
expires: Fri, 06 Dec 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 115330
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.211.3

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://yolo80.live
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:46:25 GMT
expires: Fri, 06 Dec 2024 15:46:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 76399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/interstitial/center_banner/2/css/animate.css

172.64.109.10

200 OK

4.9 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/interstitial/center_banner/2/css/animate.css
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text
Size
4.9 kB (4854 bytes)
Hash
e1d8acd5ee9d1a90ea09313cbd8f2b02
8a8327b115d1356715e63270d1ce6d46124c7b1a
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a

HTTP Headers

GET /sb/ssp/interstitial/center_banner/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yolo80.live
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:43 GMT
content-type: text/css
last-modified: Mon, 23 Oct 2023 10:00:35 GMT
etag: W/"65364443-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxkjGzn90pLHEyBN2aZWgxbT5OcRM4nhVqCCGVFvmPgyIMKJnX6cg%2F6i4MNVNBQ7siR2eWamreNLYuKbBX7m3wpOSUhSB2vP1xO1h%2F2MzXocS0MTpzelPLt1g8SofTyUIySeUPnr9V7V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252feacdfd48b5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

rotundfetch.com/pixel/sbs?c=1

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
rotundfetch.com/pixel/sbs?c=1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerLet's Encrypt
Subjectrotundfetch.com
Fingerprint1E:B5:63:51:36:7D:E1:92:81:C0:87:01:E9:B1:53:73:3E:35:CE:15
ValidityTue, 28 Nov 2023 10:39:39 GMT - Mon, 26 Feb 2024 10:39:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: rotundfetch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Cookie: u_pl=20185187; uid_id2=ce169bc9-b561-4b6b-8d1c-90669dc1a8bd:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 08 Dec 2023 12:59:44 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.gaming-adult.com/7a947b90-57f3-4c8e-ac99-433e576a1aa3?campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79

18.156.93.177

302 Found

0 B

URL GET HTTP/2
www.gaming-adult.com/7a947b90-57f3-4c8e-ac99-433e576a1aa3?campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
IP
18.156.93.177:443
ASN
#16509 AMAZON-02

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerLet's Encrypt
Subjectwww.gaming-adult.com
Fingerprint0E:1B:14:C3:78:22:60:13:54:82:12:15:41:7D:5F:B4:8D:5B:A9:1A
ValidityFri, 10 Nov 2023 07:07:34 GMT - Thu, 08 Feb 2024 07:07:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /7a947b90-57f3-4c8e-ac99-433e576a1aa3?campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79 HTTP/1.1
Host: www.gaming-adult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Fri, 08 Dec 2023 12:59:47 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
pragma: no-cache
set-cookie: 7a947b90-57f3-4c8e-ac99-433e576a1aa3-v4=Nhz52NIQYNZwVdWOUXcH-I6bOVs8dAqOm9q1k6GuL8o; Max-Age=86400; Expires=Sat, 09-Dec-2023 12:59:47 GMT; Domain=www.gaming-adult.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=ksxUJ2CPGeuSQV8U0iRdwA4-eUhcgzvJcurujrfjsBc4cgwOpXnYJ21P9E8JK64UQ4jUGR01oDh-KU5d1iEsPHFUWxwgccfDtfwBMH84OTMpDuC89ZXUL_HBQ_jF4WO_qRKyGWaJNp_dBxs_n8mHqRp93U68ZNzcmGVAF8F5lPCdtXQBcdpkgORtGCTdQbRldenIT0oL9v3v3GtQrJ4RfKI-MOfDmRX4FMOMkfQLAhuqrwL6YRcUwlRllNghiG8oQAYg-hAvoupCNzu86rAsAuvgprBgAq9hMwWmCULU037CCEoL63rrJI96TYWs0HiuyaVYFw4l8s3UYuPPtajjUBMRkuZAXaNHX6j7QbZsz6ymeagQDglZQ541B2QnvoZdOMatEt8H3B9r0xFNI8Wg79wmzNxbV9QUaJtcIOJyKHsgc7GQ1scaFOhVpFIUUEgmfUK5a_7CQaLFjLzEUb2nT1g1aY0XZ5Q_hN2GrRBOyeTHhboHL6h9Kt7eObBEWvWJ; Max-Age=86400; Expires=Sat, 09-Dec-2023 12:59:47 GMT; Domain=www.gaming-adult.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79

149.56.38.113

200 OK

1.5 kB

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.5 kB (1470 bytes)
Hash
ed264376e198860ef46ebbd2e1f33568
3c5f47a1e0a1d5c4ea291f4789b8ddd52dab5479
abb68687c97a192f81e2ccd9566ab9bb49dce907860cab8cb6d81764da011148

HTTP Headers

GET /hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79 HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 12:59:47 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:31 GMT
ETag: "11ea-5d8098ccac7bc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1470
Content-Type: text/html

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.42

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:59:32 GMT
expires: Fri, 06 Dec 2024 15:59:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 75615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mediasama.com/hentaiheroes/22/n/styles.css

149.56.38.113

200 OK

2.4 kB

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/styles.css
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
ASCII text, with very long lines (420)
Size
2.4 kB (2406 bytes)
Hash
2316d884bc03e7c6cf860a03e24266e3
3d69f534c35832d5c407e4781c5e0b4215ea7ea3
1330fcf037d27ede10dfea9a3d17468b2f7f443e1f34d37ba675d493ea01a6f0

HTTP Headers

GET /hentaiheroes/22/n/styles.css HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 12:59:47 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:31 GMT
ETag: "2638-5d8098cc8d3bc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2406
Content-Type: text/css

mediasama.com/hentaiheroes/22/n/js/main.js

149.56.38.113

200 OK

549 B

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/js/main.js
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
ASCII text
Size
549 B (549 bytes)
Hash
dee042800157426b09099ecf3eb7d004
f0a082059f6f9174869ce1f52b7ee6423a311641
4bad52d0b87da525c7eefbc4bb92656abb89bb6bbec58c54848523ec7ae09587

HTTP Headers

GET /hentaiheroes/22/n/js/main.js HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 12:59:47 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:40 GMT
ETag: "516-5d8098d4ff584-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 549
Content-Type: application/javascript

fonts.gstatic.com/s/luckiestguy/v22/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2

216.58.211.3

200 OK

17 kB

URL GET HTTP/3
fonts.gstatic.com/s/luckiestguy/v22/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17360, version 1.0\012- data
Size
17 kB (17360 bytes)
Hash
70322c317b1f4e2e17dbc6b672f95f5f
f3dff7c50e1aea33814c6aeeca177ae3ff900bfc
3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a

HTTP Headers

GET /s/luckiestguy/v22/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mediasama.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:57:26 GMT
expires: Fri, 06 Dec 2024 15:57:26 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:07:53 GMT
content-type: font/woff2
age: 75742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.211.3

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mediasama.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:46:25 GMT
expires: Fri, 06 Dec 2024 15:46:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 76403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mediasama.com/hentaiheroes/22/n/audio/btn_1.mp3

149.56.38.113

206 Partial Content

20 kB

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/audio/btn_1.mp3
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Size
20 kB (20321 bytes)
Hash
d857acaef2cdf5ec88ea6128c1ceb7b3
5f67419243f34232a4da8cb1a1eaecfc192ff1a7
df83bc888086ae84b5d532a39023b0db17e8f3ccd3ffdcd6f35c8d4f39558d24

HTTP Headers

GET /hentaiheroes/22/n/audio/btn_1.mp3 HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Date: Fri, 08 Dec 2023 12:59:48 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:32 GMT
ETag: "4f61-5d8098ccea01c"
Accept-Ranges: bytes
Content-Length: 20321
Content-Range: bytes 0-20320/20321
Content-Type: audio/mpeg

mediasama.com/hentaiheroes/22/n/img/2.jpg

149.56.38.113

200 OK

246 kB

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/img/2.jpg
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
246 kB (246121 bytes)
Hash
39fd3ac6b843377f586031ba921b442e
de2eb6397bc021d673be30a04a83d16915f3ad57
5547050e7fa94b078d7663ca0134720db92e540f5220e479ef04fb5c2c372667

HTTP Headers

GET /hentaiheroes/22/n/img/2.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 12:59:48 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:34 GMT
ETag: "3c169-5d8098cf88e7f"
Accept-Ranges: bytes
Content-Length: 246121
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/n/img/1.jpg

149.56.38.113

200 OK

281 kB

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/img/1.jpg
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x1080, components 3\012- data
Size
281 kB (281124 bytes)
Hash
132d9b33f87dea17c691b1cadf39ef27
4edb3c81ef890ff81071a577b5ad22fcf9274452
40eb00e99eaa9a2647b8a8c0a2077be4b0efdf634635d90169c86cf30f3994f2

HTTP Headers

GET /hentaiheroes/22/n/img/1.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 12:59:48 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:32 GMT
ETag: "44a24-5d8098cda487d"
Accept-Ranges: bytes
Content-Length: 281124
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/n/img/7.jpg

149.56.38.113

200 OK

236 kB

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/img/7.jpg
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
236 kB (235544 bytes)
Hash
cc3e0d35a795c3e730e185375fe0ab72
df5609eeb85fbaa671b25844ba6bff3bea0a0996
23cd64ac873eed74d1376b61c325a4134a6219aa84628abdd29bf7ddf2631edb

HTTP Headers

GET /hentaiheroes/22/n/img/7.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 12:59:48 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:38 GMT
ETag: "39818-5d8098d2c8f02"
Accept-Ranges: bytes
Content-Length: 235544
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/n/img/8.jpg

149.56.38.113

200 OK

176 kB

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/img/8.jpg
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
176 kB (176267 bytes)
Hash
5924e203cb07d35aa3e4ecfb0f7cc7fa
02ea5c5a85b4b2b80661ea8913f2acd18466132c
6f6a92114b3a65d9c1f8f44520d57f88aba2c5bd10c1d7dbbb287c4bba63b150

HTTP Headers

GET /hentaiheroes/22/n/img/8.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 12:59:48 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:34 GMT
ETag: "2b08b-5d8098cf7c35f"
Accept-Ranges: bytes
Content-Length: 176267
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/n/img/9.jpg

149.56.38.113

200 OK

321 kB

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/img/9.jpg
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
321 kB (320982 bytes)
Hash
54fd9b41dd900cc87723e6f97830d5aa
a6d9810df778f5ecf69ff2f587fb3bf1de951ce6
861ae46aa69f1c9649f85e8ecd5b6871332f5e58434648c6f70d26f541f50ab6

HTTP Headers

GET /hentaiheroes/22/n/img/9.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 12:59:48 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:37 GMT
ETag: "4e5d6-5d8098d240381"
Accept-Ranges: bytes
Content-Length: 320982
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/n/img/4.jpg

149.56.38.113

200 OK

207 kB

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/img/4.jpg
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
207 kB (206595 bytes)
Hash
1146119d66aab3e812a8fb2d3a607e80
38c60e7a694780ba6c502a7bcd2379e39936afe3
001e37f21e5dceac7265cf17daf8bd6b808ecf4028f142bedb61179444fba4be

HTTP Headers

GET /hentaiheroes/22/n/img/4.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 12:59:48 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:35 GMT
ETag: "32703-5d8098cfe0cbf"
Accept-Ranges: bytes
Content-Length: 206595
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/n/img/5.jpg

149.56.38.113

200 OK

236 kB

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/img/5.jpg
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
236 kB (236168 bytes)
Hash
c1153f674579beb68d39074041f82120
d0f47c172ef1413a5637c357a7d535eebd53c98f
4b926f7b5e9f3433237eb025969527af4cf6e156d2e767104168cc93ca7fbd72

HTTP Headers

GET /hentaiheroes/22/n/img/5.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 12:59:48 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:34 GMT
ETag: "39a88-5d8098cf40a3f"
Accept-Ranges: bytes
Content-Length: 236168
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/n/img/10.jpg

149.56.38.113

200 OK

260 kB

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/img/10.jpg
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
260 kB (260278 bytes)
Hash
a5f1d0fecc011a41f60fbf54ce3a2086
028341241341b5b66fa79f8fa91e2783ff8b74af
f368c9a7268ee5e8a1bc4dfbccf237a9a3dd28412ac1900f21f2d8a0e1cedba7

HTTP Headers

GET /hentaiheroes/22/n/img/10.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 12:59:48 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:32 GMT
ETag: "3f8b6-5d8098cd8f0bd"
Accept-Ranges: bytes
Content-Length: 260278
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/n/img/3.jpg

149.56.38.113

200 OK

351 kB

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/img/3.jpg
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
351 kB (351116 bytes)
Hash
dfa8db0806adbd9fd49a03dc40a4d791
f81f0221ffb4084cef5a99535082cf31e9c27c04
2bebdb0541d63f49efa87cfe834f5e524cc261a9edc28033ee39713f01e29a58

HTTP Headers

GET /hentaiheroes/22/n/img/3.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 12:59:48 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:35 GMT
ETag: "55b8c-5d8098cff25ff"
Accept-Ranges: bytes
Content-Length: 351116
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/n/img/11.jpg

149.56.38.113

200 OK

178 kB

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/img/11.jpg
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
178 kB (178263 bytes)
Hash
9afc2142c46ccca838780008879bb714
921e20a05f388beea0a39f4f584ba3d5e549084b
3c8ea3e76f070c488ec9d687702f792a5374aa114ccc9192334691b9477f5276

HTTP Headers

GET /hentaiheroes/22/n/img/11.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 12:59:48 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:33 GMT
ETag: "2b857-5d8098ce37fde"
Accept-Ranges: bytes
Content-Length: 178263
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/n/img/6.jpg

149.56.38.113

200 OK

324 kB

URL GET HTTP/1.1
mediasama.com/hentaiheroes/22/n/img/6.jpg
IP
149.56.38.113:443
ASN
#16276 OVH SAS

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerLet's Encrypt
Subjectmediasama.com
FingerprintBB:55:6A:86:90:92:6D:B4:8C:F1:6D:20:C7:33:69:0F:B6:39:8A:A0
ValiditySat, 11 Nov 2023 09:31:18 GMT - Fri, 09 Feb 2024 09:31:17 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
324 kB (323849 bytes)
Hash
1e22aace4da7d92b7eb976d93f08a4ad
68f2836c2c50917a71a1b2142eb28f4b6bdf9637
a85983b514918622244dcc9ea40b5ae36763924d0279fa2906b77856b2a6b5f7

HTTP Headers

GET /hentaiheroes/22/n/img/6.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 12:59:48 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:38 GMT
ETag: "4f109-5d8098d2b8562"
Accept-Ranges: bytes
Content-Length: 323849
Content-Type: image/jpeg

youradexchange.com/script/i.php?t=1&stamat=m%257C%252C%252CAiFuo2Z7tGU3B0-GH0dEdHP3xP.f9c%252C0pfJ1O9U0oKxYRhByTg1YwsTR7Zl7jTwuD_KYyqvAHKlbaH_httPD8XI0R12KEMXfRh8L4WgjOpVLs3Hxk6zjaQyt67Hk2VI0exEytJDlQC_kma3BBwBoS97CTcHeDCWVGPt9a1QFdBKKfHDeGefHga2HRw0a1ZNXbJM3MWj_HhAKrkxOVZWotvs1vF1tJGKNDuIjq1kEs_DkIjibAWb3jiCuZDcc2eWGDSX9BmocEt8jj2iZNbW4k4Ue-B0Ls_Lr01--ryM-H-dM07SCvAYpN1A4lAhmlmiGGTqNcFxHvNde8lYEtw_9PnXC0f58fnpqSd6kB1vIswjBXE2Wgs-EKr6ut4dzeg-_l7VnVKBFZnrqWmPDXcbcrXwWDJrYDe8VcoO0L_Mq28O47X27WukqzueuRyN1cvEyr8wh5zTjTpvN_qsJYQlQg5HrrnvC_cpuGYuiBZuiLYuzbxJLZVyXUHFBGptYhboi_A08MKNZlT0513D9sHLKsdDpUL8mYmng4YRe5BqHQot5Ny1_B3l-0_8lNFB_92LPTct4vjkiY41-uQ67kIjUbp0i4UswYXilVOWDft4KtlO4dKZnv4Th6WytH4Lu8adyYqSKHiAu1E%252C&cbpage=https%3A%2F%2Fyolo80.live%2Fembed.php%3Fid%3Dlive6b&cbref=&srs=31789d60b20f424ed1383978812d26e6

172.64.101.11

204 No Content

0 B

URL GET HTTP/3
youradexchange.com/script/i.php?t=1&stamat=m%257C%252C%252CAiFuo2Z7tGU3B0-GH0dEdHP3xP.f9c%252C0pfJ1O9U0oKxYRhByTg1YwsTR7Zl7jTwuD_KYyqvAHKlbaH_httPD8XI0R12KEMXfRh8L4WgjOpVLs3Hxk6zjaQyt67Hk2VI0exEytJDlQC_kma3BBwBoS97CTcHeDCWVGPt9a1QFdBKKfHDeGefHga2HRw0a1ZNXbJM3MWj_HhAKrkxOVZWotvs1vF1tJGKNDuIjq1kEs_DkIjibAWb3jiCuZDcc2eWGDSX9BmocEt8jj2iZNbW4k4Ue-B0Ls_Lr01--ryM-H-dM07SCvAYpN1A4lAhmlmiGGTqNcFxHvNde8lYEtw_9PnXC0f58fnpqSd6kB1vIswjBXE2Wgs-EKr6ut4dzeg-_l7VnVKBFZnrqWmPDXcbcrXwWDJrYDe8VcoO0L_Mq28O47X27WukqzueuRyN1cvEyr8wh5zTjTpvN_qsJYQlQg5HrrnvC_cpuGYuiBZuiLYuzbxJLZVyXUHFBGptYhboi_A08MKNZlT0513D9sHLKsdDpUL8mYmng4YRe5BqHQot5Ny1_B3l-0_8lNFB_92LPTct4vjkiY41-uQ67kIjUbp0i4UswYXilVOWDft4KtlO4dKZnv4Th6WytH4Lu8adyYqSKHiAu1E%252C&cbpage=https%3A%2F%2Fyolo80.live%2Fembed.php%3Fid%3Dlive6b&cbref=&srs=31789d60b20f424ed1383978812d26e6
IP
172.64.101.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectyouradexchange.com
FingerprintFD:52:FD:E8:62:0A:DE:66:86:28:19:39:64:21:57:5C:CB:8A:59:D9
ValidityTue, 17 Oct 2023 07:21:58 GMT - Mon, 15 Jan 2024 07:21:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/i.php?t=1&stamat=m%257C%252C%252CAiFuo2Z7tGU3B0-GH0dEdHP3xP.f9c%252C0pfJ1O9U0oKxYRhByTg1YwsTR7Zl7jTwuD_KYyqvAHKlbaH_httPD8XI0R12KEMXfRh8L4WgjOpVLs3Hxk6zjaQyt67Hk2VI0exEytJDlQC_kma3BBwBoS97CTcHeDCWVGPt9a1QFdBKKfHDeGefHga2HRw0a1ZNXbJM3MWj_HhAKrkxOVZWotvs1vF1tJGKNDuIjq1kEs_DkIjibAWb3jiCuZDcc2eWGDSX9BmocEt8jj2iZNbW4k4Ue-B0Ls_Lr01--ryM-H-dM07SCvAYpN1A4lAhmlmiGGTqNcFxHvNde8lYEtw_9PnXC0f58fnpqSd6kB1vIswjBXE2Wgs-EKr6ut4dzeg-_l7VnVKBFZnrqWmPDXcbcrXwWDJrYDe8VcoO0L_Mq28O47X27WukqzueuRyN1cvEyr8wh5zTjTpvN_qsJYQlQg5HrrnvC_cpuGYuiBZuiLYuzbxJLZVyXUHFBGptYhboi_A08MKNZlT0513D9sHLKsdDpUL8mYmng4YRe5BqHQot5Ny1_B3l-0_8lNFB_92LPTct4vjkiY41-uQ67kIjUbp0i4UswYXilVOWDft4KtlO4dKZnv4Th6WytH4Lu8adyYqSKHiAu1E%252C&cbpage=https%3A%2F%2Fyolo80.live%2Fembed.php%3Fid%3Dlive6b&cbref=&srs=31789d60b20f424ed1383978812d26e6 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Fri, 08 Dec 2023 12:59:49 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnoYEByHOJfW5Edes0wJOne%2BWvGu0hTwAGAiUfXiW3HDkssbio9JxrXfzzy0G0X1EZLHKtbwH5I9wWkW6CC5Ff5FD70zEAS7fvtG%2FWimkEKAhc5WcDHL6i1%2BX9lFom6Je7XZWLI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8325301018ee3daf-LHR
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/ssp/interstitial/center_banner/2/js/jquery.min.js

172.64.109.10

200 OK

84 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/interstitial/center_banner/2/js/jquery.min.js
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text, with very long lines (32025), with CRLF line terminators
Size
84 kB (84384 bytes)
Hash
6326c600df01e3bfb9b40e1aa08176f8
6b4fb754d29b297b539bf62ba9b4eaf0f33f314a
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3

HTTP Headers

GET /sb/ssp/interstitial/center_banner/2/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:43 GMT
content-type: application/javascript
last-modified: Mon, 23 Oct 2023 10:00:34 GMT
etag: W/"65364442-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 223075
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jie37Cqv5uyRrl6V9Ampz3xSRXvNDUBhIueJqVriFvW8gF1nQSW7ldzd5wO0PD6iO14jBC1IJ%2Btnvem4pMEMz3g9vKAfdyJfp3yhdAtDmAra90yT%2BL1uBeYPD17m1KBYUvbKypRhYe3a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252feb0e5748b5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:400,700

142.250.74.106

200 OK

1.4 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://abolishstand.net/embed/tj0ydc
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1474), with no line terminators
Size
1.4 kB (1442 bytes)
Hash
d4ef74945282029ea110fcd0e0791fff
283dfa5582454b7ea9fe06304042791160b8fc57
4ba080ed4b6167304a95e77d698ecf764190010454b8b16aa7d52205bdd06fff

HTTP Headers

GET /css?family=Lato:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abolishstand.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 12:59:41 GMT
date: Fri, 08 Dec 2023 12:59:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/interstitial/center_banner/2/css/style.css

172.64.109.10

200 OK

4.3 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/interstitial/center_banner/2/css/style.css
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text, with very long lines (4505), with no line terminators
Size
4.3 kB (4275 bytes)
Hash
8bfd68bde66dfb323bd9b82b39013b02
8144fdeb353a48aeb6a8c8299461f83721fb2462
767bbc2b675eb285cb14917062e5bca272df9fc539b66f97e487e5ebc3050968

HTTP Headers

GET /sb/ssp/interstitial/center_banner/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yolo80.live
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:43 GMT
content-type: text/css
last-modified: Mon, 23 Oct 2023 10:00:35 GMT
etag: W/"65364443-10b3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMCuOzblicZgOWOnWDxVEY6Tg0JRC0CTER6ejGqtL1qrMpupzfG9dnWBIKw13v%2FNILZ2SbdPvxkw1h2IFGbzdrOUQ%2FUrHGBbD3LD3EsOtDincp%2FMW5ed4Gd1J2C3HjGGM6jRFnBs7Klm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252feade1f48b5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

rotundfetch.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxRev3t3v6QvCul5EhDl4WNFMunt6ZnpccHFdI8GYhN1IzvWrJ2Vqupqq7ulJTsEF2ZuzN4%2BdzyQbdBd1r4IgEy8SEHY8SA4Gwf9AYc8yk4HRB1Xvvfo8qPf5vPf5YXFBAhT0fPNjs6%2B0psvNul%2B7ua1SYUpXW9%2BqBX7dv1XbVmkrulUbTC%2Fbfyfwm3X%2FzdqHku%2Ba5dAPfD%2Fwg9qKsjIxg%2BUZCpU97QT1jl%2BPwnrQjDCw%2F81d4cFRD6J%2FQV6GEpP%2F7fz8DIqPkfa%2Buyvdbm6ytz%2FoFZrmxqIvTj5Jd1NTpugtwsR6SNKTeTWMmxDy5RWY9GTOAKZ%2FNGUApibE%2By0AS0%2FmbYL1jy87ZRoyBRP%2FR9kfQ%2BoxFB2DmwdQ4jkBuMD6BtLe43VjS7p3idIpOiHXXvwNVU7Itd9fQdr75o5Wg9p9o4tcmdRhkFRQgzFUd4ysOEW%2B70GVp%2BD5Z1DiF7L8Yg1p72jDaQMlzt%2FgMmh1GO8ssWYrWIpYiy3FIuBLHb%2FV6gge0JiJmURKjaGSMbQcgjoPxfQoD0Xiocg89MR5jTY7ie%2B3E5Y0GnHEOW80OG%2FGLdEUjShOfBR8ymGIPBuC6yG4PUBmD7CrHj2%2F%2BgVs8SPcTgUnPLicoC8qlJKgdAQlJSgVQZkTlP3qWGgXuuqx0K5gwdyHc9%2BoRibvHtJjk3dlSkDt8DC7INen%2BnkR4diV57Uk4p2kKULBQhr7HZmE7ZglEQt9ETRp6MOpCspdmbHdVxPy1vYfyNSEXFc3wegpnD4FVzdAi9dBy1E79EF3RlHsYz99sme0if26Vn0JYSpk%2BTXke96hviCvzsa4uvEtJD%2B7%2FWdjZuC2QmYrfKp%2BIujqh6N7piRH90zpyLONLFc9tU%2BnI76f01xe%2FfojuVcaK1bvuuFX7%2FEpMA2fbkmXr9FUqLTryJM7SghpV4zlkvyw6rYl2yzczp3CpkW2tvn%2Bymovs9I5ZdIx6HRd%2F7LgakJeem1rtr43v1%2BHsmPYokKvOCNzgzJj8OwALlv07wyB1Ysalnkoi2pkQ7Z41IpAy0VOWQX3r5wt4kP3EF3rgeYPkPYq9G2Fvq5A9RCuuDrKM3t2%2B9f550x7I6atd8S01Y8uxXXqvNYMIhmzuM2FYJKLoB024obvh0JE7Y4MOsjdRLob7%2F4DAAD%2F%2FwEAAP%2F%2FHjK18pYEAAA%3D

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
rotundfetch.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxRev3t3v6QvCul5EhDl4WNFMunt6ZnpccHFdI8GYhN1IzvWrJ2Vqupqq7ulJTsEF2ZuzN4%2BdzyQbdBd1r4IgEy8SEHY8SA4Gwf9AYc8yk4HRB1Xvvfo8qPf5vPf5YXFBAhT0fPNjs6%2B0psvNul%2B7ua1SYUpXW9%2BqBX7dv1XbVmkrulUbTC%2Fbfyfwm3X%2FzdqHku%2Ba5dAPfD%2Fwg9qKsjIxg%2BUZCpU97QT1jl%2BPwnrQjDCw%2F81d4cFRD6J%2FQV6GEpP%2F7fz8DIqPkfa%2Buyvdbm6ytz%2FoFZrmxqIvTj5Jd1NTpugtwsR6SNKTeTWMmxDy5RWY9GTOAKZ%2FNGUApibE%2By0AS0%2FmbYL1jy87ZRoyBRP%2FR9kfQ%2BoxFB2DmwdQ4jkBuMD6BtLe43VjS7p3idIpOiHXXvwNVU7Itd9fQdr75o5Wg9p9o4tcmdRhkFRQgzFUd4ysOEW%2B70GVp%2BD5Z1DiF7L8Yg1p72jDaQMlzt%2FgMmh1GO8ssWYrWIpYiy3FIuBLHb%2FV6gge0JiJmURKjaGSMbQcgjoPxfQoD0Xiocg89MR5jTY7ie%2B3E5Y0GnHEOW80OG%2FGLdEUjShOfBR8ymGIPBuC6yG4PUBmD7CrHj2%2F%2BgVs8SPcTgUnPLicoC8qlJKgdAQlJSgVQZkTlP3qWGgXuuqx0K5gwdyHc9%2BoRibvHtJjk3dlSkDt8DC7INen%2BnkR4diV57Uk4p2kKULBQhr7HZmE7ZglEQt9ETRp6MOpCspdmbHdVxPy1vYfyNSEXFc3wegpnD4FVzdAi9dBy1E79EF3RlHsYz99sme0if26Vn0JYSpk%2BTXke96hviCvzsa4uvEtJD%2B7%2FWdjZuC2QmYrfKp%2BIujqh6N7piRH90zpyLONLFc9tU%2BnI76f01xe%2FfojuVcaK1bvuuFX7%2FEpMA2fbkmXr9FUqLTryJM7SghpV4zlkvyw6rYl2yzczp3CpkW2tvn%2Bymovs9I5ZdIx6HRd%2F7LgakJeem1rtr43v1%2BHsmPYokKvOCNzgzJj8OwALlv07wyB1Ysalnkoi2pkQ7Z41IpAy0VOWQX3r5wt4kP3EF3rgeYPkPYq9G2Fvq5A9RCuuDrKM3t2%2B9f550x7I6atd8S01Y8uxXXqvNYMIhmzuM2FYJKLoB024obvh0JE7Y4MOsjdRLob7%2F4DAAD%2F%2FwEAAP%2F%2FHjK18pYEAAA%3D
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerLet's Encrypt
Subjectrotundfetch.com
Fingerprint1E:B5:63:51:36:7D:E1:92:81:C0:87:01:E9:B1:53:73:3E:35:CE:15
ValidityTue, 28 Nov 2023 10:39:39 GMT - Mon, 26 Feb 2024 10:39:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxRev3t3v6QvCul5EhDl4WNFMunt6ZnpccHFdI8GYhN1IzvWrJ2Vqupqq7ulJTsEF2ZuzN4%2BdzyQbdBd1r4IgEy8SEHY8SA4Gwf9AYc8yk4HRB1Xvvfo8qPf5vPf5YXFBAhT0fPNjs6%2B0psvNul%2B7ua1SYUpXW9%2BqBX7dv1XbVmkrulUbTC%2Fbfyfwm3X%2FzdqHku%2Ba5dAPfD%2Fwg9qKsjIxg%2BUZCpU97QT1jl%2BPwnrQjDCw%2F81d4cFRD6J%2FQV6GEpP%2F7fz8DIqPkfa%2Buyvdbm6ytz%2FoFZrmxqIvTj5Jd1NTpugtwsR6SNKTeTWMmxDy5RWY9GTOAKZ%2FNGUApibE%2By0AS0%2FmbYL1jy87ZRoyBRP%2FR9kfQ%2BoxFB2DmwdQ4jkBuMD6BtLe43VjS7p3idIpOiHXXvwNVU7Itd9fQdr75o5Wg9p9o4tcmdRhkFRQgzFUd4ysOEW%2B70GVp%2BD5Z1DiF7L8Yg1p72jDaQMlzt%2FgMmh1GO8ssWYrWIpYiy3FIuBLHb%2FV6gge0JiJmURKjaGSMbQcgjoPxfQoD0Xiocg89MR5jTY7ie%2B3E5Y0GnHEOW80OG%2FGLdEUjShOfBR8ymGIPBuC6yG4PUBmD7CrHj2%2F%2BgVs8SPcTgUnPLicoC8qlJKgdAQlJSgVQZkTlP3qWGgXuuqx0K5gwdyHc9%2BoRibvHtJjk3dlSkDt8DC7INen%2BnkR4diV57Uk4p2kKULBQhr7HZmE7ZglEQt9ETRp6MOpCspdmbHdVxPy1vYfyNSEXFc3wegpnD4FVzdAi9dBy1E79EF3RlHsYz99sme0if26Vn0JYSpk%2BTXke96hviCvzsa4uvEtJD%2B7%2FWdjZuC2QmYrfKp%2BIujqh6N7piRH90zpyLONLFc9tU%2BnI76f01xe%2FfojuVcaK1bvuuFX7%2FEpMA2fbkmXr9FUqLTryJM7SghpV4zlkvyw6rYl2yzczp3CpkW2tvn%2Bymovs9I5ZdIx6HRd%2F7LgakJeem1rtr43v1%2BHsmPYokKvOCNzgzJj8OwALlv07wyB1Ysalnkoi2pkQ7Z41IpAy0VOWQX3r5wt4kP3EF3rgeYPkPYq9G2Fvq5A9RCuuDrKM3t2%2B9f550x7I6atd8S01Y8uxXXqvNYMIhmzuM2FYJKLoB024obvh0JE7Y4MOsjdRLob7%2F4DAAD%2F%2FwEAAP%2F%2FHjK18pYEAAA%3D HTTP/1.1
Host: rotundfetch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Cookie: u_pl=20185187; uid_id2=ce169bc9-b561-4b6b-8d1c-90669dc1a8bd:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 08 Dec 2023 12:59:44 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9ba2291ea0609511dbeb8d3168199fb9
Strict-Transport-Security: max-age=0; includeSubdomains

swarm.video/j79z9kzty.js?v=1.1

104.21.74.27

200 OK

544 kB

URL GET HTTP/2
swarm.video/j79z9kzty.js?v=1.1
IP
104.21.74.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abolishstand.net/embed/tj0ydc
Certificate
IssuerGoogle Trust Services LLC
Subjectswarm.video
Fingerprint35:3C:CD:99:96:8B:D2:C6:1D:86:4A:79:5E:D1:E9:C3:98:8F:04:AB
ValidityTue, 28 Nov 2023 07:21:50 GMT - Mon, 26 Feb 2024 07:21:49 GMT

File type

Size
544 kB (544335 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /j79z9kzty.js?v=1.1 HTTP/1.1
Host: swarm.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abolishstand.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:42 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=545594
etag: W/"8533a-1893d1d213a"
last-modified: Mon, 10 Jul 2023 00:04:26 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 888074
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhnL8BZm9mQXFntvzIsK%2FNMMEWH7fInigD6Q011mnL7AaBt4%2FOcaWFwzYL1gGMYy1H7SAIRXSEH%2BbW6RWKLLjdJt50FYEQhb1baIF2vdMUJYRWWkz9K0Di7TqCRn8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252fe3b8fd56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xskctff.com/script/utils.js

172.67.209.184

200 OK

173 kB

URL GET HTTP/2
xskctff.com/script/utils.js
IP
172.67.209.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abolishstand.net/embed/tj0ydc
Certificate
IssuerGoogle Trust Services LLC
Subjectxskctff.com
FingerprintFA:FC:C9:F7:A2:8D:FD:22:6C:9A:E5:9F:13:63:27:CC:D7:F3:77:CE
ValidityMon, 27 Nov 2023 11:35:55 GMT - Sun, 25 Feb 2024 11:35:54 GMT

File type

Size
173 kB (172787 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/utils.js HTTP/1.1
Host: xskctff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abolishstand.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:42 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPrEw7_Yxd_VEX319Kgk9Q9S8EX_xIT8B9YDCQ1DrVZ0-wSWZBIOQaYZLJhK1lcGTKlp9iGP0PicK3zq-dnKwZY9nw
x-goog-generation: 1701698751454949
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 172787
x-goog-hash: crc32c=7VegwA==, md5=OLoCSXZxwtgwzVewK+JFgg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 08 Dec 2023 13:28:37 GMT
cache-control: public, max-age=14400
age: 1501
last-modified: Mon, 04 Dec 2023 14:05:51 GMT
etag: W/"38ba02497671c2d830cd57b02be24582"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4C%2FW%2FmRvqyrU8hypCre363n5FWIxlQlwyALlUCQFp5RfukAE%2FUdSy7fg4a0gcqPEjhe36JOyC3pF75ir6gEMsnk6GniZlOqI9V7Skkk5ecUhP986r%2BS6IFqXlwXB%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252fe5cb64569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

yolo80.live/embed.php?id=live6b

188.114.96.1

200 OK

1.9 kB

URL User Request GET HTTP/2
yolo80.live/embed.php?id=live6b
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectyolo80.live
Fingerprint73:50:38:FD:E4:5B:62:3B:F7:65:55:7E:4D:D1:B1:2D:0D:62:E6:D3
ValidityMon, 04 Dec 2023 23:26:07 GMT - Sun, 03 Mar 2024 23:26:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2027), with no line terminators
Size
1.9 kB (1943 bytes)
Hash
dbc9ce52d011452303a2fbee087da965
d585fe41356417bdd85bbaf99b1d1419c41c3447
8f83c25c8722ab27d57f892454b79ad885fa42fef4b065d9a83ead6290d85d36

HTTP Headers

GET /embed.php?id=live6b HTTP/1.1
Host: yolo80.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:40 GMT
content-type: text/html; charset=UTF-8
content-security-policy: frame-ancestors 'self' https://pepperlive.info http://pepperlive.info https://www.pepperlive.info http://www.pepperlive.info https://projectlive.info http://projectlive.info https://www.projectlive.info http://www.projectlive.info https://www.cazztv.xyz http://www.cazztv.xyz https://cazztv.xyz http://cazztv.xyz;
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IA95WTgADcIPod2lonGj6IGzBZWS6shmJKBp6V%2B4ltI5rR4DppKt9b8E4lipm38II1%2FGMi5Lch5hDvPa2%2Blpa89bTI9sTVnjFI3WbfiNau8STug8FS4kf10%2BIIy5Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83252fd6ed5a0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.imgur.com/zXznFUY.png?2

151.101.84.193

302 Found

503 B

URL GET HTTP/2
i.imgur.com/zXznFUY.png?2
IP
151.101.84.193:443
ASN
#54113 FASTLY

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintD6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC
ValidityMon, 13 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type

Size
503 B (503 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zXznFUY.png?2 HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
retry-after: 0
location: https://i.imgur.com/removed.png
accept-ranges: bytes
date: Fri, 08 Dec 2023 12:59:42 GMT
age: 0
x-served-by: cache-iad-kcgs7200049-IAD, cache-bma1631-BMA
x-cache: HIT, MISS
x-cache-hits: 0, 0
x-timer: S1702040382.482358,VS0,VE139
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
content-length: 0
X-Firefox-Spdy: h2

abolishstand.net/js/jquery.min.js

104.21.68.113

200 OK

87 kB

URL GET HTTP/3
abolishstand.net/js/jquery.min.js
IP
104.21.68.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abolishstand.net/embed/tj0ydc
Certificate
IssuerGoogle Trust Services LLC
Subjectabolishstand.net
FingerprintFE:CE:E2:8B:81:B4:25:1E:6B:13:D5:53:10:5E:61:59:A4:8D:C3:5D
ValidityMon, 16 Oct 2023 21:42:05 GMT - Sun, 14 Jan 2024 21:42:04 GMT

File type
ASCII text, with very long lines (32058)
Size
87 kB (86659 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: abolishstand.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abolishstand.net/embed/tj0ydc
Cookie: hf1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 12:59:41 GMT
content-type: application/javascript
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
etag: W/"5fa984ce-15283"
expires: Mon, 11 Dec 2023 09:31:58 GMT
cache-control: max-age=608400
cf-cache-status: HIT
age: 361663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMBh8slEUCWgl0RuTNPNYjMWSErlRPVRJxhF68gdEo1r0LXM8ynDT5wDehwqqjj%2FHJTsUodUtp0wCAkHmK%2BBdwkatYozyP4f01nWFCEf9oAXdmZeSalYctoqSgbcvg9OMet0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252fe2adc256ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/ssp/interstitial/center_banner/2/js/script.js

172.64.109.10

200 OK

975 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/interstitial/center_banner/2/js/script.js
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text, with very long lines (1026), with no line terminators
Size
975 B (975 bytes)
Hash
56f5217ee29771ce2ae4c86ff026496c
9b3780593c5dce75b397078fcc2005b4d81aaf25
00233eef52d4b6024e389215842798af314a85d0e50ca433ee4cfd472cdf15ca

HTTP Headers

GET /sb/ssp/interstitial/center_banner/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yolo80.live
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:43 GMT
content-type: application/javascript
last-modified: Mon, 23 Oct 2023 10:00:33 GMT
etag: W/"65364441-3cf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOwFVZ3RgJTiZYwquPzqtAjEY1cd3AhHuXWQuus1pn6vNCd9X0vHm1DzfApDkpS0JEdxrrkKBbN1zk31PxlFC8mQXkYtwWyjtUKJu0StqIcalPJv1cNoqsJiZwHERWQJmhXsuRg%2BkYwm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252febbf3048b5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

104.21.234.32

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.32:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:41 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 51e5d87f4d75bc9ed9e2f52523b2476f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: STALE
age: 1
last-modified: Fri, 08 Dec 2023 12:59:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7aKQWNIpGXA09KVcz0sN%2BFkG3lGWf5EyM9ZmTm0RmWX4IwQpFHpiKNilFQsmgOoDLQFoWAT%2B2S80orLhBhZ3NQqoxkqEcHeXuzdnsO0z41csRAKS58xnxS0AEc2%2BeGbnvwVOyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252fe04f7e0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

youradexchange.com/script/suurl5.php?r=7317542&cbur=0.2117156310459981&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Embed&cbpage=https%3A%2F%2Fyolo80.live%2Fembed.php%3Fid%3Dlive6b&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ts=1702040388624&srs=31789d60b20f424ed1383978812d26e6&atv=38.4-sw-atgv2&atag=1&aggr=2&czid=yixrpr15pl

172.64.101.11

200 OK

998 B

URL GET HTTP/3
youradexchange.com/script/suurl5.php?r=7317542&cbur=0.2117156310459981&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Embed&cbpage=https%3A%2F%2Fyolo80.live%2Fembed.php%3Fid%3Dlive6b&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ts=1702040388624&srs=31789d60b20f424ed1383978812d26e6&atv=38.4-sw-atgv2&atag=1&aggr=2&czid=yixrpr15pl
IP
172.64.101.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectyouradexchange.com
FingerprintFD:52:FD:E8:62:0A:DE:66:86:28:19:39:64:21:57:5C:CB:8A:59:D9
ValidityTue, 17 Oct 2023 07:21:58 GMT - Mon, 15 Jan 2024 07:21:57 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1024), with no line terminators
Size
998 B (998 bytes)
Hash
05524cb8de7ba827a8f0423f7c6feadb
871948c0c580da0bbf0e789f0a9894a3601b4ae6
332e5b896aa98f807b947c4c574e449e91c45eb2c90136f405cec39980c2615e

HTTP Headers

GET /script/suurl5.php?r=7317542&cbur=0.2117156310459981&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Embed&cbpage=https%3A%2F%2Fyolo80.live%2Fembed.php%3Fid%3Dlive6b&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ts=1702040388624&srs=31789d60b20f424ed1383978812d26e6&atv=38.4-sw-atgv2&atag=1&aggr=2&czid=yixrpr15pl HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yolo80.live/
Origin: https://yolo80.live
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 12:59:42 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dum0Vt8r5CDQwRQ0h5eqR6%2F0lFy28%2FbTuLBPwcCGyfAqGuj3Ezt6ldAkhBLPK6NfiqgxRP%2B9WsCdPoO9S%2B7A6nHcDP4Tx2vZC30OIv6kF1kobRVuo5mvw6bAIQb71GpZL%2BQxz%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83252fe43b553daf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

acscdn.com/script/suv5.js

104.21.11.26

200 OK

97 kB

URL GET HTTP/3
acscdn.com/script/suv5.js
IP
104.21.11.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectacscdn.com
FingerprintAA:F8:50:9E:3E:B3:E7:D9:8E:7B:8D:2D:35:4D:33:15:6A:34:04:62
ValidityThu, 02 Nov 2023 07:42:44 GMT - Wed, 31 Jan 2024 07:42:43 GMT

File type

Size
97 kB (97361 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/suv5.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 12:59:41 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPr3NXkPsz3pJBrjWcYvcS7ie7SPzaEiWWKtxV2DfkzRo9WKbpYKFH4QkuzV6Ap0UzDsaAnVhOm-XCuU9jIg5CIyHA
x-goog-generation: 1701698677261682
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 97361
x-goog-hash: crc32c=4eu5MA==, md5=/oXwr/rUKfVBPNYBpHW3KA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 08 Dec 2023 13:13:35 GMT
cache-control: public, max-age=3600
last-modified: Mon, 04 Dec 2023 14:04:37 GMT
etag: W/"fe85f0affad429f5413cd601a475b728"
age: 1439
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80CeQkn5K76bgMsfmJM75P9q9phiEQGCiX2Isx1JUMrkS6UpaQMc7h6Ja4RFR67sEqhjT%2BG0evoAk%2Bi%2B1Oy%2FuG6jVyf%2BplzkR2uhZLT4r2f0IDW8Mn51u0BaR%2Ft0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252fe27f5a5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

abolishstand.net/embed/tj0ydc

104.21.68.113

200 OK

11 kB

URL GET HTTP/2
abolishstand.net/embed/tj0ydc
IP
104.21.68.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectabolishstand.net
FingerprintFE:CE:E2:8B:81:B4:25:1E:6B:13:D5:53:10:5E:61:59:A4:8D:C3:5D
ValidityMon, 16 Oct 2023 21:42:05 GMT - Sun, 14 Jan 2024 21:42:04 GMT

File type

Size
11 kB (11211 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /embed/tj0ydc HTTP/1.1
Host: abolishstand.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: hf1=1; expires=Fri, 08-Dec-2023 13:29:41 GMT; Max-Age=1800; path=/; secure; HttpOnly; SameSite=None
hf2=1; expires=Fri, 08-Dec-2023 12:59:41 GMT; Max-Age=0; path=/; secure; HttpOnly; SameSite=None
hf3=1; expires=Fri, 08-Dec-2023 12:59:41 GMT; Max-Age=0; path=/; secure; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNjoIvfKyzc5mBEkIFTZthP5Pm6brqQCZeE5RfRETyeN%2FckzR6IiVpFhdc6%2Fmn3gmoD6CU9S7lRBtcwkG6EiBBq3wO%2F3mljMDWLbsoVFKwZ14ylFjenF31N4tzA8%2FWd8DPQb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83252fe0793a5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

104.21.234.32

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.32:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:41 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 51e5d87f4d75bc9ed9e2f52523b2476f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: STALE
age: 1
last-modified: Fri, 08 Dec 2023 12:59:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7mTvHkAI%2FtDWm%2F22Hx7JU9nr0fuu%2BAkakHU43qlXrsLvZ0zuTfnxTcWi8R7AwaK8fA0LBGJROxahbShVkDlsfv3E7Xd8XXI5iGd4ErM8aGuhBDJiiAKy63eckMVxpcpm6PN8HU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252fe05f850b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

awistats.com/js/script.js

172.67.206.156

200 OK

1.3 kB

URL GET HTTP/2
awistats.com/js/script.js
IP
172.67.206.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abolishstand.net/embed/tj0ydc
Certificate
IssuerGoogle Trust Services LLC
Subjectawistats.com
Fingerprint4E:73:79:3C:C0:D1:16:8F:AF:82:73:A0:3D:4D:5D:3E:85:AC:03:B8
ValidityThu, 30 Nov 2023 15:12:50 GMT - Wed, 28 Feb 2024 15:12:49 GMT

File type
ASCII text, with very long lines (1384), with no line terminators
Size
1.3 kB (1346 bytes)
Hash
16cfd1982a40489c41a52add24d36b85
344f1896d895c5d0a7c4caecafcf1942603cd026
72073aacecd145e525b16c4c845c07bff5798e813eeed702dff748a18b6186ce

HTTP Headers

GET /js/script.js HTTP/1.1
Host: awistats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abolishstand.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:41 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22033
last-modified: Fri, 08 Dec 2023 06:52:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qx1iNSFCK8sY6dygDtg1iZkIKtSxqAOgSNV54T0M0mWKfatPmo69hpwhCuFRJBesO%2FqnrG17OYszll4oLsIrXSes0ejH4FphKMSOrbYRyUh%2B3k3Sw1%2FErv2wUoeaKfE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252fe2e8775696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

abolishstand.net/deb.js

104.21.68.113

200 OK

26 kB

URL GET HTTP/3
abolishstand.net/deb.js
IP
104.21.68.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abolishstand.net/embed/tj0ydc
Certificate
IssuerGoogle Trust Services LLC
Subjectabolishstand.net
FingerprintFE:CE:E2:8B:81:B4:25:1E:6B:13:D5:53:10:5E:61:59:A4:8D:C3:5D
ValidityMon, 16 Oct 2023 21:42:05 GMT - Sun, 14 Jan 2024 21:42:04 GMT

File type
ASCII text, with very long lines (21359)
Size
26 kB (25680 bytes)
Hash
4854629b2f59efbee5662790a405fa68
961af168c9029a8a3765356bd37631fa3941ccb2
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5

HTTP Headers

GET /deb.js HTTP/1.1
Host: abolishstand.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abolishstand.net/embed/tj0ydc
Cookie: hf1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 12:59:41 GMT
content-type: application/javascript
last-modified: Wed, 22 Feb 2023 13:57:38 GMT
etag: W/"63f61f52-6450"
expires: Wed, 13 Dec 2023 08:53:14 GMT
cache-control: max-age=608400
cf-cache-status: HIT
age: 191187
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6MuHQetR57GGlydvNytfJWQszuFGYUNhPR%2BdrFKK1oi97z%2FK5m141ckeDMZVSWgZ4VDJaF4Tk99VFWIriGia4DY7kWxElJnrjJBgnZVoj6Nk45gJezJJ2Uf%2B6LEpu3PnTjU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252fe2bdd256ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

acscdn.com/script/atg.js

104.21.11.26

200 OK

199 kB

URL GET HTTP/2
acscdn.com/script/atg.js
IP
104.21.11.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectacscdn.com
FingerprintAA:F8:50:9E:3E:B3:E7:D9:8E:7B:8D:2D:35:4D:33:15:6A:34:04:62
ValidityThu, 02 Nov 2023 07:42:44 GMT - Wed, 31 Jan 2024 07:42:43 GMT

File type

Size
199 kB (199017 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/atg.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:40 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPrx8i9lFlTxPzmDLciWVIsbAhDH8AFhxOr7xirYFzYWfLYRlTDaouV-MnbnzqyjaPbRWhMilskLR0ntO6uYM_iywyzuYfod
x-goog-generation: 1701698094237168
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 199017
x-goog-hash: crc32c=C/9ydg==, md5=v0Y3op7RCZzq5hQe71YlYA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 08 Dec 2023 13:19:47 GMT
cache-control: public, max-age=3600
age: 1337
last-modified: Mon, 04 Dec 2023 13:54:54 GMT
etag: W/"bf4637a29ed1099ceae6141eef562560"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQju8Z1KOM1qnRpzXeDSosVVL1P2IpZeYaXfnRL2XbNye1f0Sal49SL5K6HxxEbWAz492XZeUQV%2BGI99UXElym0zEPyUbMKzdhbzUx5yUZz7mtY3CXdrUjh%2Fxma7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252fda7d8f569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/interstitial/center_banner/2/img/close.svg

172.64.109.10

200 OK

2.5 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/interstitial/center_banner/2/img/close.svg
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2573), with no line terminators
Size
2.5 kB (2503 bytes)
Hash
d05ebade4b5acd19668c0e26c2252d14
ced1fb92de4c6e06f54946dbf03349d7e8337150
0538059a2b31e76581ee1c105ef9c138a6a6c02a6f44363fad6650be18587fea

HTTP Headers

GET /sb/ssp/interstitial/center_banner/2/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:43 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Oct 2023 10:00:32 GMT
etag: W/"65364440-9c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 797743
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Zv6ezJr%2FL9shGsJVlPyxlp%2FyverodqVs1pFyvF8dadgL%2FxFJ42cqThN4KLNWngKie%2F8BerBBrp6iWbeoubHBvb3X68PT2WsRkqeweEYhmu6fNUUywQdw1hgvImGinoVlss2THk9VyH0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252feafe4748b5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap

142.250.74.106

200 OK

5.0 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://mediasama.com/hentaiheroes/22/n/?cep=kfBYnH1pMG27hhoWhm9DmiVl-5eKGIc5A11KkbfbmHM827VVzovmPQIwxbQvJn3ZaqNK7r01QXWaNN57IiCOVwV2wMIXY9MSSEeQR0M-dMhPmS4kgTsRwOqNgk3FdQeNBbkDQoC8s8_kQPLatJID-0BAsUbi1-DDN5DNYagBpBU1RKguUos9y2rgM0kTPGlRvnE492NgNBXjspvy6QU4qIap_oh1oHNEs0jKkjiPHLlarORhYrT0rapuwKbDa1B9Kes-C1vLB6c5XXPvTma2R7n5PDv-zu4WR0BduvICtG9NcBzV5fK16UTBgzW3Nz-xDmwd2yCpWpEsf9X8hX0Eguvuq3f427nDnyfU2UbjibaTOO1FO0Iws0rjHiL1cqQktJAoVW_6Khk-9e1sUAPKqODg0Y9ZIlBpL4VYQOwfpIxLuJLe5OkqHzsonMx1WrGSAIYnVPfAf1eANTsaPOrsFCDPxNniZzou5aKFN2tDjcwa2K2-UdE-ebEhn4JA9xVD&lptoken=172e02f5047b214987a8&campid=246265020&zoneid=7317534&ssp=&vertical=261400000000&externalid=170204038111130TNOTV415326358024V79
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (5102), with no line terminators
Size
5.0 kB (4967 bytes)
Hash
95b5d7bcec967a82ecefb6b987395d7b
8278ff7db9a737a6495f9ed994f8b180280bd688
d00414c1501d9c5480a96c56bceed9fbcd4315f3b18f69e2f5a0923f11bcec8f

HTTP Headers

GET /css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 12:59:47 GMT
date: Fri, 08 Dec 2023 12:59:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

6.8 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (7013), with no line terminators
Size
6.8 kB (6824 bytes)
Hash
49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 12:59:43 GMT
date: Fri, 08 Dec 2023 12:59:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

acscdn.com/script/ut.js?cb=1702040388156

104.21.11.26

200 OK

82 kB

URL GET HTTP/3
acscdn.com/script/ut.js?cb=1702040388156
IP
104.21.11.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectacscdn.com
FingerprintAA:F8:50:9E:3E:B3:E7:D9:8E:7B:8D:2D:35:4D:33:15:6A:34:04:62
ValidityThu, 02 Nov 2023 07:42:44 GMT - Wed, 31 Jan 2024 07:42:43 GMT

File type

Size
82 kB (82092 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/ut.js?cb=1702040388156 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 12:59:41 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPoobjzh6wLCC3F8_-GXVp0K60GuN9VO61JNIzwVSe7aUF1wbMtbRKbGU10Mrvh0aokb4e9dDzabA_4GW684NT08RA
x-goog-generation: 1701698737164870
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 82092
x-goog-hash: crc32c=2nkS8g==, md5=Ht/tgHkwwd6oGKwYwpkVTA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 08 Dec 2023 13:02:28 GMT
cache-control: public, max-age=3600
age: 1529
last-modified: Mon, 04 Dec 2023 14:05:37 GMT
etag: W/"1edfed807930c1dea818ac18c299154c"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AdsHpZaKaqBhH9NXhYc11wnprPKPaDqbYPj1cbS3Z9YW0HZHnl42rEV49FhF57VYD7RQ9FdE3JwsUWgym9dVt8G90yBAaUBg9o0SDgeBB%2B0CKU2DcacupUpNOo8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252fe03ce15694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

abolishstand.net/css/embed.min.css?v=0.5

104.21.68.113

200 OK

1.3 kB

URL GET HTTP/3
abolishstand.net/css/embed.min.css?v=0.5
IP
104.21.68.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abolishstand.net/embed/tj0ydc
Certificate
IssuerGoogle Trust Services LLC
Subjectabolishstand.net
FingerprintFE:CE:E2:8B:81:B4:25:1E:6B:13:D5:53:10:5E:61:59:A4:8D:C3:5D
ValidityMon, 16 Oct 2023 21:42:05 GMT - Sun, 14 Jan 2024 21:42:04 GMT

File type
ASCII text, with very long lines (1265), with no line terminators
Size
1.3 kB (1264 bytes)
Hash
f413142146e449f5b24093c83d876f95
4b687922907a8a847a961b768887a5989508315f
8808c318228b4eeecd5e15377ddc71fcd592ad54884dc86b649469b7973edf63

HTTP Headers

GET /css/embed.min.css?v=0.5 HTTP/1.1
Host: abolishstand.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abolishstand.net/embed/tj0ydc
Cookie: hf1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 12:59:41 GMT
content-type: text/css
last-modified: Thu, 09 Jun 2022 09:49:16 GMT
etag: W/"62a1c21c-4f0"
expires: Thu, 14 Dec 2023 07:08:55 GMT
cache-control: max-age=608400
cf-cache-status: HIT
age: 111046
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIGvn%2BgQOlxrBzM98q0yjP230OwIMeAQoqGDa08k%2FwmTOqZyh4HDCfWBGuoZZFUS3hZP6nxbCRVECJuF0gL74Dl6w0xg8%2BWZtA5ynt0h4pyzqEeMWWk%2B7g%2BJaMvVaPag2bMW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252fe2adbd56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

acscdn.com/script/ippg.js

104.21.11.26

200 OK

124 kB

URL GET HTTP/3
acscdn.com/script/ippg.js
IP
104.21.11.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectacscdn.com
FingerprintAA:F8:50:9E:3E:B3:E7:D9:8E:7B:8D:2D:35:4D:33:15:6A:34:04:62
ValidityThu, 02 Nov 2023 07:42:44 GMT - Wed, 31 Jan 2024 07:42:43 GMT

File type

Size
124 kB (123734 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/ippg.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 12:59:41 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPrDKjHJa7p_AQhwkmjfjbe0VlF3pNwqN2QlBdcLLIVUBHAPNWAJwjKh-SJKZn69L6vhtg9u17lDKXwo7umxxd0JUbYzMD0_
x-goog-generation: 1701698358607598
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 123734
x-goog-hash: crc32c=OxV4xQ==, md5=YpyJjpuapiMQrJAdt9LA+A==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 08 Dec 2023 13:07:36 GMT
cache-control: public, max-age=3600
last-modified: Mon, 04 Dec 2023 13:59:18 GMT
etag: W/"629c898e9b9aa62310ac901db7d2c0f8"
age: 1402
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgBDeLLMyd25Xd3ODAvHsHUBeOTswNgaFjiH00mCvTLGSk%2BG15ZPAeBv86lW4U5zqYHOAGEJgcxqFAPiOrYTH0GQd%2FB34Ts7WcSNSXYWLSXhZL518fAZ8ZR%2F5Z73"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83252fe27f575694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.barscreative1.com/sb/au/bb/09/20/bb0920e920b04fdebd2119739150c93c/1698574651.html

45.133.44.3

200 OK

1.8 kB

URL GET HTTP/2
cdn.barscreative1.com/sb/au/bb/09/20/bb0920e920b04fdebd2119739150c93c/1698574651.html
IP
45.133.44.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint55:06:B7:F1:EF:E9:55:FB:7C:8C:4F:5D:DB:05:C9:15:19:90:9B:2F
ValiditySat, 11 Nov 2023 03:00:51 GMT - Fri, 09 Feb 2024 03:00:50 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (1879), with no line terminators
Size
1.8 kB (1777 bytes)
Hash
9c074ba628a488033b36166778e610b5
5a612f81115838990e3b8741943f900c97bd3f8f
b18c3b575c2be7aa1ee3d73301c049cd4862a206e38ee5eb7651c0026d8cf8b3

HTTP Headers

GET /sb/au/bb/09/20/bb0920e920b04fdebd2119739150c93c/1698574651.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yolo80.live
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 12:59:43 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Sun, 29 Oct 2023 10:17:36 GMT
etag: W/"653e3140-6f1"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 08 Dec 2023 13:59:43 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

youradexchange.com/n/display.php?r=7317534&atag=1&aggr=2&czid=yixrpr15pl&ppv=1&srs=31789d60b20f424ed1383978812d26e6

172.64.101.11

200 OK

15 kB

URL GET HTTP/3
youradexchange.com/n/display.php?r=7317534&atag=1&aggr=2&czid=yixrpr15pl&ppv=1&srs=31789d60b20f424ed1383978812d26e6
IP
172.64.101.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yolo80.live/embed.php?id=live6b
Certificate
IssuerGoogle Trust Services LLC
Subjectyouradexchange.com
FingerprintFD:52:FD:E8:62:0A:DE:66:86:28:19:39:64:21:57:5C:CB:8A:59:D9
ValidityTue, 17 Oct 2023 07:21:58 GMT - Mon, 15 Jan 2024 07:21:57 GMT

File type
ASCII text, with very long lines (12047)
Size
15 kB (14774 bytes)
Hash
dfc42b2c4934fd6c29219d42d9d25a1a
ebbb358fc5668e80ab1992b8011b312edae97250
b29be1a46d5554ee2250305a52016a0bf80f1824f7b41d534987d00004b91853

HTTP Headers

GET /n/display.php?r=7317534&atag=1&aggr=2&czid=yixrpr15pl&ppv=1&srs=31789d60b20f424ed1383978812d26e6 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yolo80.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 12:59:42 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
link: <www.gaming-adult.com>; rel=dns-prefetch,<www.gaming-adult.com>; rel=preconnect,<youradexchange.com>; rel=dns-prefetch,<youradexchange.com>; rel=preconnect
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2w%2FQbDwh3QrzfyHTFiESlRUDhq5vBQQp%2FGpSCA8Mcpk%2F97z59m%2BjiFQF9Z%2B0tReK3HHPgP2VesEUqmy3wjvfhCv4EGkhf%2BP%2BRHCCUhulT8C3Es4xL6cbojW076pY6KsCczu25yw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83252fe289113daf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by