Report - daftsex.com/watch/-125812644

Report Overview

Submitted URL
daftsex.com/watch/-125812644_456239791
IP
104.21.65.121
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-12 22:32:50
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.43.253.52
counter.yadro.ru	7275	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	494 B	407 B	88.212.201.198
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	31 kB	52.59.153.168
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	1.9 kB	104.18.20.226
celeritascdn.com	77558	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	722 B	6.6 kB	104.16.91.6
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	2.9 kB	93.184.220.29
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	54.230.245.118
creepingbrings.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	344 B	956 B	104.21.234.233
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.9 kB	95.101.11.115
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	846 B	192.243.59.13
addresseepaper.com	18169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	344 B	958 B	104.21.234.254
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
graduatewonderentreaty.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	826 B	15 kB	173.233.137.44
sun9-66.userapi.com	41386	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	11 kB	87.240.185.165
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
hw-cdn2.ang-content.com	165651	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	12 kB	205.185.208.20
banquetunarmedgrater.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	327 B	192.243.59.13
daxab.com	162511	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	2.8 kB	104.21.234.225
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	172.64.155.188
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
hw-cdn2.adtng.com	11917	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	17 kB	209.197.3.25
thesaurussurf.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	21 kB	192.243.61.227
onclickgenius.com	65265	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	492 B	3.2 kB	35.190.71.96
sun9-68.userapi.com	44446	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	53 kB	87.240.185.167
daftsex.com	81782	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	812 B	1.4 kB	172.67.163.49
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
a.adtng.com	15165	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	24 kB	66.254.114.171
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	11 kB	95.101.11.115

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-12	medium	thesaurussurf.com	Sinkholed
2022-09-12	medium	graduatewonderentreaty.com	Sinkholed
2022-09-12	medium	graduatewonderentreaty.com	Sinkholed
2022-09-12	medium	banquetunarmedgrater.com	Sinkholed
2022-09-12	medium	unseenreport.com	Sinkholed
2022-09-12	medium	unseenreport.com	Sinkholed

JavaScript (46)

	URL	Size	First Seen	Last Seen
	daftsex.com/js/nouislider.v2192f61dc764023a.js	22 kB	2023-03-07	2023-05-30
Pretty URL daftsex.com/js/nouislider.v2192f61dc764023a.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:25 Last Seen2023-05-30 00:56:17 Times Seen17 Hash 60c812ab681269cb528405ececba7cb9 075f2a99e50fe50865b51ffbe48df10afaf5d95e 3163a0bb8d266afe1be8255b71e829fdb0fd155ae1a339acf22376bc4e5c297c Loading...

	daftsex.com/watch/-125812644_456239791	63 B	2023-03-07	2023-08-08
Pretty URL daftsex.com/watch/-125812644_456239791 IP 172.67.163.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:24 Last Seen2023-08-08 01:03:12 Times Seen17 Hash b75750eb5610ec57e24862c646098009 e1ac294e08c7a4bf4953f088d654a6bf17e2a2fe 7b57274b1b188270bba67ab934933a9e41763d88d992e6cb346ce1bdc6d35309 Loading...

	daftsex.com/index.js?6	99 B	2023-03-07	2023-05-30
Pretty URL daftsex.com/index.js?6 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:24 Last Seen2023-05-30 00:56:17 Times Seen17 Hash bcd67ea9debeab882aafba7793ed54f5 6a9ccfddf6638fdf8a4807f2f6e83f2c0a67d648 c75c59de97556773545bd7896fc5ac8c19aa77bbef4523de6bbe25e65d03d3a6 Loading...

	psv146-9999999.crazycloud.ru/ip.get?callback=jQuery31104864032925830606_1663021948057&_=1663021948058	64 B	2023-03-07	2023-03-07
Pretty URL psv146-9999999.crazycloud.ru/ip.get?callback=jQuery31104864032925830606_1663021948057&_=1663021948058 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:28:14 Last Seen2023-03-07 15:28:14 Times Seen1 Hash 9d863c718dd86113caf089ceeb08d38d 29500b4f4b31f365c4b9e9f5f686d04b7cd3cb10 11d476b65d980a9711b1718e6989134ad56f5b29cdfe2dcef3c2e79fe0b4ac2d Loading...

	graduatewonderentreaty.com/c7/28/b2/c728b26853ace83e7b56264fcb197a60.js	37 kB	2023-03-07	2023-03-07
Pretty URL graduatewonderentreaty.com/c7/28/b2/c728b26853ace83e7b56264fcb197a60.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:28:14 Last Seen2023-03-07 15:28:14 Times Seen1 Hash 11cbec73417c2ab915e5d846b704e3ee 615afa2079633a1a1494bafd1765cc1d07a4fcfd 4b39efbb5b3f081470611613444249a9e1737ef1afaf19c2a2f96f1cf2888ef2 Loading...

	celeritascdn.com/script/firefox.js	12 kB	2023-03-07	2023-06-18
Pretty URL celeritascdn.com/script/firefox.js IP 104.16.91.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2023-06-18 12:11:27 Times Seen185 Hash 1461940cfd6093640b63b931682cce4d 9f5e4ee175dbbbf6919b8e4b73224f51b0723de8 b20c2fe21ce9bbaac046f903eca490faa00d93288243574fbb4c60244d9767e8 Loading...

	banquetunarmedgrater.com/advertisers.js	0 B	2023-03-07	2024-04-19
Pretty URL banquetunarmedgrater.com/advertisers.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 15:32:22 Times Seen36961400 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	daftsex.com/watch/-125812644_456239791	187 B	2023-03-07	2023-03-07
Pretty URL daftsex.com/watch/-125812644_456239791 IP 172.67.163.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:28:14 Last Seen2023-03-07 15:28:14 Times Seen1 Hash 026a42125b40416113ccfdee078cc97a cbc6c50c46642c67e50da474f5368afc6072bf12 67bbb94a057ade46aff1add578b959dcd493a606f618614d23f658abdb99f15d Loading...

	daftsex.com/js/jquery.mutations.min.v4b147b138a5b1019.js	2.8 kB	2023-03-07	2023-05-30
Pretty URL daftsex.com/js/jquery.mutations.min.v4b147b138a5b1019.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:24 Last Seen2023-05-30 00:56:17 Times Seen12 Hash 68cc036d7fa9b821bfaa513ea5722e31 ac19f6ab41ff901dcd1dc1de211426f6d8009b0a f89c9e846b51b1ca71aa7c143500c5aed31d7a4c7c3a04596ebf93274585f500 Loading...

	daftsex.com/js/share.vdf8ddf291dc2f417.js	1.5 kB	2023-03-07	2023-08-13
Pretty URL daftsex.com/js/share.vdf8ddf291dc2f417.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2023-08-13 16:12:21 Times Seen23 Hash 045eb003c5003a8d488aabfbac3e1896 1eee6f5790e328cac2e0fd76f43f7aef0f4dd1bc 36d1a8cdf62f75d7ce9c80442e988216183dd0b619d003ec04cfa555c955641d Loading...

	hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js	5.0 kB	2023-03-07	2024-04-15
Pretty URL hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js IP 205.185.208.20 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-15 14:27:28 Times Seen5103 Hash 5e5817bcf4c82c7c85d1d88636d221ce b5c32cc6c931c33c1297884016e13d3b9a5bf261 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Loading...

	daftsex.com/watch/-125812644_456239791	442 B	2023-03-07	2023-08-08
Pretty URL daftsex.com/watch/-125812644_456239791 IP 172.67.163.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:24 Last Seen2023-08-08 01:03:12 Times Seen17 Hash f7262530e04a138dece906858ce106e9 ce79f58355f62e03ca533e18e2b0d0ef7afebe4c 43daa9ef82274b60a5d20132f82bdfb9314e5a106c51c9f2030f4677fc2ac112 Loading...

	daftsex.com/js/likes.v5e342c5feda70804.js	1.4 kB	2023-03-07	2023-05-30
Pretty URL daftsex.com/js/likes.v5e342c5feda70804.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:24 Last Seen2023-05-30 00:56:17 Times Seen13 Hash 4745e04909b2188cab86215f7cf9e36f 1c37436edaced79a263bbf0cbd6a2613962b5df1 85459fc0385788957cb251a62c1327c1252f73693a9d81565a704c14e1b255af Loading...

	daxab.com/player/js/ad.min.js	4.7 kB	2023-03-07	2024-03-21
Pretty URL daxab.com/player/js/ad.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:31 Last Seen2024-03-21 16:52:47 Times Seen148 Hash 89845c96bf17f40288b22f74883e9001 43c5cb10bc3ab8799f232b403be19eb11effd9f2 c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc Loading...

	daftsex.com/watch/-125812644_456239791	740 B	2023-03-07	2023-08-08
Pretty URL daftsex.com/watch/-125812644_456239791 IP 172.67.163.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2023-08-08 01:03:12 Times Seen24 Hash 2104bab9892815feea3c4cf087ddf8c5 ad2364720f761285deb507656fb430614368a950 fddec4b2b345ae7bf6037f12e42db9434ba5adfa75f80efbcfaef251566eb8fd Loading...

	daftsex.com/js/jquery-2.1.1.min.v18b7e87c91d98481.js	84 kB	2023-03-07	2023-05-30
Pretty URL daftsex.com/js/jquery-2.1.1.min.v18b7e87c91d98481.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:24 Last Seen2023-05-30 00:56:17 Times Seen17 Hash 8e598a8462a2a6c60f898f546f599255 96791d9a449ddc01a168c008651c6a9b824594e6 edd830fac5e4e01fda1a7cbc0f0dd08e155910f200c52e9be6ae839840e8ec94 Loading...

	a.adtng.com/get/10002729?time=1555363895445	1.3 kB	2023-03-07	2023-03-07
Pretty URL a.adtng.com/get/10002729?time=1555363895445 IP 66.254.114.171 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:28:14 Last Seen2023-03-07 15:28:14 Times Seen1 Hash d51549aa7e4b47e786203f87a0c0feb7 e0ef05c7afff3da1c02bcc3afbdd7c913592014a 3e0130cbbba9763a35ba91e8129ef142e068593adc60426b1bcdc0a9ab5848c2 Loading...

	daxab.com/player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24	777 B	2023-03-07	2023-03-07
Pretty URL daxab.com/player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24 IP 104.21.234.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:28:14 Last Seen2023-03-07 15:28:14 Times Seen1 Hash d194d4b110ce6ff3e179fa7b4ff57d39 b1f7e6b71d9f4fef8a7e352312587b7e7384e466 5c1293355d8cb4f7d6c9633eee448e630f665b93a157b315987f97f03709a7b8 Loading...

	daxab.com/player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24	6.7 kB	2023-03-07	2023-03-17
Pretty URL daxab.com/player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24 IP 104.21.234.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:24 Last Seen2023-03-17 10:26:31 Times Seen1 Hash 886eaec63e2b57d1b5118eb413f5388b a2153505d6b595bc5d6509fd7165ca1f1750f605 3961b12c0252bb09e0cdf102a8ecb8db31b66b8bda6a78cbdf8abdc16635545e Loading...

	a.adtng.com/get/10009021?time=1575323689465	1.3 kB	2023-03-07	2023-03-07
Pretty URL a.adtng.com/get/10009021?time=1575323689465 IP 66.254.114.171 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:28:14 Last Seen2023-03-07 15:28:14 Times Seen1 Hash 1f9ca5b9d6e57fc45cfc9d660533556c a9b96be40182a4e1071c4497024f8cc7edbe04a6 68e6055d7db184f5d3bae907e276e4b3f8dbe5c1b150fba13dfa14e93fb4fd06 Loading...

	onclickgenius.com/script/suurl.php?r=1865791&cbrandom=0.06776752297670374&cbiframe=1&cbWidth=702&cbHeight=395&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com	5.4 kB	2023-03-07	2023-03-07
Pretty URL onclickgenius.com/script/suurl.php?r=1865791&cbrandom=0.06776752297670374&cbiframe=1&cbWidth=702&cbHeight=395&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com IP 35.190.71.96 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:28:14 Last Seen2023-03-07 15:28:14 Times Seen1 Hash f981ffdbcff2e5ac39f49626ba3788dc 8873266427271ca04768473b0960750cee9faa21 d118783708161e75da8370fd70e5edabdcd95bc5942fb3c8cfa6e29ee6167952 Loading...

	daftsex.com/js/select.ve363dc0076d2c78b.js	3.5 kB	2023-03-07	2023-08-08
Pretty URL daftsex.com/js/select.ve363dc0076d2c78b.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:24 Last Seen2023-08-08 01:03:12 Times Seen24 Hash 7c3e60b3ffe363dc0076d2c78b006ed6 b3361c86cfff86a1f40adc02be47f11859b3c2cb e1ae85b0e11126404715a0dfe0f4a15faa4326d93cbc6907d43da2b1cf533515 Loading...

	daftsex.com/watch/-125812644_456239791	72 B	2023-03-07	2023-03-17
Pretty URL daftsex.com/watch/-125812644_456239791 IP 172.67.163.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:24 Last Seen2023-03-17 10:26:31 Times Seen1 Hash 491154c750c73bf48c72b6cf7d26e3bf 7cbac824f5ee9301ec66586cda8ff0f2dcd7dadd 6b15fa8db0c4cf0ecfc425bb1abcf6f7fbbbcf61c5cdc1823db431a69c2d4297 Loading...

	a.adtng.com/get/10002729?time=1555363895445	1.0 kB	2023-03-07	2023-03-07
Pretty URL a.adtng.com/get/10002729?time=1555363895445 IP 66.254.114.171 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:28:14 Last Seen2023-03-07 15:28:14 Times Seen1 Hash 0135d9f9b022d72bebb4f65c3dd37d47 d360dbfea5731f997d7a09df7037ca9f8431a5db 14c2d3cc82babf20add29642787b2e5b19045db834dfdb368103e4657ee2bb01 Loading...

	a.adtng.com/get/10009021?time=1575323689465	1.1 kB	2023-03-07	2023-03-07
Pretty URL a.adtng.com/get/10009021?time=1575323689465 IP 66.254.114.171 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:28:14 Last Seen2023-03-07 15:28:14 Times Seen1 Hash a57a730356d03baa3a90ca67840f374a 4590b44e6ab4181f86c727528ec1bec73a2f5f4e 221698791fc81c06ddecfef0a00c21930e21fb7b7b51936bcb303647c0f0b4cf Loading...

	thesaurussurf.com/a5/96/32/a59632dda777535e591fa2e7dde66a93.js	59 kB	2023-03-07	2023-03-07
Pretty URL thesaurussurf.com/a5/96/32/a59632dda777535e591fa2e7dde66a93.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58:09 Last Seen2023-03-07 15:28:14 Times Seen1 Hash 7bcd593fd6d4bd73420055c1e114e799 d71a6debf485e55f67082cbab821296241583e43 97005a4dd51ae2749c1c82fbc7b648bee6124ce4f4eed95639d1c29e1f8620d9 Loading...

	daftsex.com/js/auth.vfa3c32a15fba2304.js	18 kB	2023-03-07	2023-03-17
Pretty URL daftsex.com/js/auth.vfa3c32a15fba2304.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:24 Last Seen2023-03-17 10:26:31 Times Seen1 Hash 3a03da2145096afc83438c3d0da08fde 9eb07068816ab383a17724191accaa6b4a541472 c86aa2bd7077f7a3a2828f457cb4b4b299a604b19cc8fa3ffae512f7e0d3dd5d Loading...

	daftsex.com/js/fav.v764365b62392eb58.js	3.3 kB	2023-03-07	2023-05-30
Pretty URL daftsex.com/js/fav.v764365b62392eb58.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:24 Last Seen2023-05-30 00:56:17 Times Seen11 Hash e3b6b3ed20a585b4cf1fce8f82436a87 e3cee81e37ddae116a4d8fcb018b55da493d601c 0eb73acb8beca256d2372a324307bf95d06ce33f5c8e9a54f0d095d20f121b3f Loading...

	a.adtng.com/get/10002729?time=1555363895445	1.0 kB	2023-03-07	2023-03-07
Pretty URL a.adtng.com/get/10002729?time=1555363895445 IP 66.254.114.171 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:28:14 Last Seen2023-03-07 15:28:14 Times Seen1 Hash 627ea932f86968e7a664728c17f79f95 ec3bbab9cce5e4d0580467bfb1d564b740e6b6f8 e4571f060f975d723a05344b4138e2ebbd20f1d01329d34f8b4a69f0483faca7 Loading...

	celeritascdn.com/script/compatibility.js	14 kB	2023-03-07	2024-03-30
Pretty URL celeritascdn.com/script/compatibility.js IP 104.16.91.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:29 Last Seen2024-03-30 19:38:05 Times Seen474 Hash 946bb9192a14e6dad035a9ec8178f073 4ed49123d975e7d51fcc523845ef7bba4157c56e 7cb4263ccaaa637a20896180c003024db4b27f66c7fda6369bf852176003422c Loading...

	daftsex.com/js/common.vb1f31c4b59a9e4d1.js	26 kB	2023-03-07	2023-03-17
Pretty URL daftsex.com/js/common.vb1f31c4b59a9e4d1.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:25 Last Seen2023-03-17 10:26:31 Times Seen1 Hash 811b8537d4b1f31c4b59a9e4d14762c8 89f2a7be7cc66841a0ad4d72341f8f4368c99c4b 09688f85ca6bd99ac1ff1efa1409260669ce989549586af33b29ed00555be3ae Loading...

	daftsex.com/watch/-125812644_456239791	127 B	2023-03-07	2023-03-07
Pretty URL daftsex.com/watch/-125812644_456239791 IP 172.67.163.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:28:14 Last Seen2023-03-07 15:28:14 Times Seen1 Hash 3a0a4b515fb0210f265c95a375c988fd 5b91dd96c1787510a5d242bc7c8b3150a5c571f3 3ee263aecccf53fefa21d45a5875c904ad745bf0752cf898c668f545c154130b Loading...

	daxab.com/player/js/player.e1fc5faa5683f0e8.js	157 kB	2023-03-07	2023-07-21
Pretty URL daxab.com/player/js/player.e1fc5faa5683f0e8.js IP 104.21.234.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:24 Last Seen2023-07-21 22:39:57 Times Seen30 Hash 79043f8423e1fc5faa5683f0e86087b2 b400e6abbe5ef1159c355f5432b4c879f5ee5a36 a6ef13b087703174e3f93cc220571f2bd26bf460022378c03ae38ca5d4337cb2 Loading...

	daxab.com/player/js/utils.302f113eba88d6ca.js	318 kB	2023-03-07	2023-07-21
Pretty URL daxab.com/player/js/utils.302f113eba88d6ca.js IP 104.21.234.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:25 Last Seen2023-07-21 22:39:57 Times Seen18 Hash c5ef63ad3b302f113eba88d6cadcad5c 8d9a472deae1aff5292892a5adf741b4005c2a03 75c16bc8a7d432f7bb416fd9e4752893730256eb50db962c8cec7864f6881492 Loading...

	a.adtng.com/get/10002729?time=1555363895445	1.3 kB	2023-03-07	2023-03-07
Pretty URL a.adtng.com/get/10002729?time=1555363895445 IP 66.254.114.171 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:28:14 Last Seen2023-03-07 15:28:14 Times Seen1 Hash f774e9273f12bd94401e8a70accb8a30 e87c5520949fd1ad676b799b2ca3e303d63a07e6 ba5e409651fff50937bdf4399f580a915abf4a4541ee40550a04901b196435e0 Loading...

	a.adtng.com/get/10002729?time=1555363895445	16 kB	2023-03-07	2024-01-10
Pretty URL a.adtng.com/get/10002729?time=1555363895445 IP 66.254.114.171 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-10 17:29:43 Times Seen1642 Hash 70706313fb93351e8f1040eaabd75e27 ced0e6419eeb845fec13844780ee3431cbe6b63c 3c3f577d6cf858ea89de2dfdecbefc739187b49010823b1b6ed1b5a5ae304a50 Loading...

	daftsex.com/js/history.v955089448af5a0c8.js	17 kB	2023-03-07	2023-08-13
Pretty URL daftsex.com/js/history.v955089448af5a0c8.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2023-08-13 16:12:21 Times Seen36 Hash 05295428192e252db0d816e4fa8d4f62 1922451dd69a747f646ffb11741de9009572d5b2 a99f95b2edc1ee7fbe27ce7c68d5c0886ef5c4089bab611dfb1422cd120da48d Loading...

	daftsex.com/js/nprogress.v3410974b8841b4f3.js	6.3 kB	2023-03-07	2023-08-13
Pretty URL daftsex.com/js/nprogress.v3410974b8841b4f3.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2023-08-13 16:12:21 Times Seen22 Hash 8f63e454bc4b89f61d733803981b2719 8dd7aee1ad643d48d7b005e69f984c0d19cd7b2d 5527bc007570f3a31788e8d7ded679fea1df67cd978193662dfb00599c5d0d82 Loading...

	daftsex.com/watch/-125812644_456239791	854 B	2023-03-07	2023-03-07
Pretty URL daftsex.com/watch/-125812644_456239791 IP 172.67.163.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:28:14 Last Seen2023-03-07 15:28:14 Times Seen1 Hash 9c9073fd2e5bea10524d8a76a91c8176 d25484110f09efbf5c5ab00f6d48efc37d3c0019 9067b9c74a8a1adff7c74d04305bbba9688a45a135e0de9208a5fed204e345fc Loading...

	daftsex.com/watch/-125812644_456239791	427 B	2023-03-07	2023-07-21
Pretty URL daftsex.com/watch/-125812644_456239791 IP 172.67.163.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:24 Last Seen2023-07-21 22:39:57 Times Seen11 Hash 86f38cfa085a0aae7971937e67ab44bf b7c2f046afb70a65e88924323b2f3fc0e80a5d93 ca0e2e2adf2fc83655770c5d479345f4768e806daeadf0b4a1799e75a637ccc2 Loading...

	hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js	17 kB	2023-03-07	2024-04-15
Pretty URL hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js IP 209.197.3.25 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-15 14:27:27 Times Seen5479 Hash 48c80c7c28b5b00a8b4ff94a22b72fe3 d57303c2ad2fd5cedc5cb20f264a6965a7819cee 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8f70d81bcd88daac858c0659ec0f2f39	186 B	2023-03-07	2023-07-21
Pretty Observations First Seen2023-03-07 12:12:25 Last Seen2023-07-21 22:39:57 Times Seen16 Hash 8f70d81bcd88daac858c0659ec0f2f39 ff13effb444157d308a12ee05f03f94e6d45dc20 5cb0e7b696c67bd31fbd286a4b20b37951024fb03aebf7103abc7775f5371d8f Loading...

	#2 Eval - 9ab1fabf9dc4997cd9920606f1af8c19	14 B	2023-03-07	2024-01-21
Pretty Observations First Seen2023-03-07 01:06:37 Last Seen2024-01-21 14:28:54 Times Seen73 Hash 9ab1fabf9dc4997cd9920606f1af8c19 5bdc95c1d5437df7615040c18d9139211045797d 73ae699242eb07eb3d3efcd35fead008d3a17f7b0284d974758538d0018583c8 Loading...

	#3 Eval - b30a0c28e3630a77c9e7c02b7b1ce636	188 kB	2023-03-07	2023-07-21
Pretty Observations First Seen2023-03-07 12:12:25 Last Seen2023-07-21 22:39:57 Times Seen16 Hash b30a0c28e3630a77c9e7c02b7b1ce636 ceba170f5853722c2b5e01678a56051bbd3b5c9c 6633122f633174bb989a8f300e2e7494376e5e473305efa7ceedf43c7bda2498 Loading...

	#4 Eval - b0a21ee80250bacb559ef2c06fd3852f	38 kB	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:12:25 Last Seen2023-03-17 10:26:32 Times Seen1 Hash b0a21ee80250bacb559ef2c06fd3852f 2084992cf45095beb04d04813f81271412ff9c0c 6b1e444d1a02d0260a18c5ed9e7a5eda23d6d859d9ee4c71a67475b618504321 Loading...

		Size	First Seen	Last Seen
	#1 Write - a2bcd811936f5618b89aa376fc472191	286 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 15:28:14 Last Seen2023-03-07 15:28:14 Times Seen1 Hash a2bcd811936f5618b89aa376fc472191 6f076d5ba1e3f33ad547238adc35edb30024995d 714d2673f4ed11c705bca62cc2f8911c0a3bfcaf7feaae2f937410bac9104174 Loading...

HTTP Transactions (62)

URL IP Response Size

daftsex.com/watch/-125812644_456239791

172.67.163.49

301 Moved Permanently

0 B

URL HTTP/1.1
daftsex.com/watch/-125812644_456239791
IP
172.67.163.49:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch/-125812644_456239791 HTTP/1.1
Host: daftsex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 12 Sep 2022 22:32:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 12 Sep 2022 23:32:39 GMT
Location: https://daftsex.com/watch/-125812644_456239791
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shQFhNwy2kDYW12LMqi4kWutPIWAsZTLIHw%2FkZT7hMGM3J6yuQuVQfhDXyH7wAgAuwUhFYxSqW5bgceAZS886stYVRg2FMxojE7txUeyTSILJlETq3tvV0vOnAKE9g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c19ada9070b06-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 22:08:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bkOLUyPAavdiZZMfTe1FQwb7hgYuvph7kdIOEMUR619vZpW3CL0fiA==
Age: 1448

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8107
Expires: Tue, 13 Sep 2022 00:47:46 GMT
Date: Mon, 12 Sep 2022 22:32:39 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kKlRtltaouNbm34-8Z_Bp23j_CTMwMFJUT5XiE8Nzbh2h4BnTuY7NA==
age: 54927
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
978bf7e2ac86a90a829d1c6ed9ed4888
db2f84bf33a48f1441e4b1bcf5c41da7be7c501f
0f5ef3f720bf3e29bd1de69480c86762114c958bdc3f3eb9a1d41e20ea907d15

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0F5EF3F720BF3E29BD1DE69480C86762114C958BDC3F3EB9A1D41E20EA907D15"
Last-Modified: Mon, 12 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9767
Expires: Tue, 13 Sep 2022 01:15:26 GMT
Date: Mon, 12 Sep 2022 22:32:39 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:32:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
978bf7e2ac86a90a829d1c6ed9ed4888
db2f84bf33a48f1441e4b1bcf5c41da7be7c501f
0f5ef3f720bf3e29bd1de69480c86762114c958bdc3f3eb9a1d41e20ea907d15

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0F5EF3F720BF3E29BD1DE69480C86762114C958BDC3F3EB9A1D41E20EA907D15"
Last-Modified: Mon, 12 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9767
Expires: Tue, 13 Sep 2022 01:15:26 GMT
Date: Mon, 12 Sep 2022 22:32:39 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dd0fd1101c745417faf6a04a3ff59804
d3da7442a57d6c86402c6893927d0d3ce04870c8
0d20d345b18a32faeee1b0e6f8dfd6609b0e632d85e259015baa45dd4e99bff6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D20D345B18A32FAEEE1B0E6F8DFD6609B0E632D85E259015BAA45DD4E99BFF6"
Last-Modified: Sun, 11 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14883
Expires: Tue, 13 Sep 2022 02:40:43 GMT
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
fbac9c4ebd60c798ae6f1319489c601f
e6e7d47337a8137b8186b5228fe4e987f1789a82
94b9a03ed1db9c1493a9938961551ad33c2a190d040f1ed321cca676e6211055

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4822
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:32:40 GMT
Last-Modified: Mon, 12 Sep 2022 21:12:18 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 312

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
fbac9c4ebd60c798ae6f1319489c601f
e6e7d47337a8137b8186b5228fe4e987f1789a82
94b9a03ed1db9c1493a9938961551ad33c2a190d040f1ed321cca676e6211055

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3162
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:32:40 GMT
Last-Modified: Mon, 12 Sep 2022 21:39:58 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312

ocsp.digicert.com/

93.184.220.29

200 OK

1.5 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
1.5 kB (1450 bytes)
Hash
9de95e792c37bc0ceefee2aaced54f83
67b9207e732e73f968d7fd5f31a6edb08c9c289d
3ab142a431c8e47b823d15d7b03a8bfeaa11ffe66b3fd29c3b5f7440c9996764

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4605
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:32:40 GMT
Last-Modified: Mon, 12 Sep 2022 21:15:55 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 312

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 21:56:07 GMT
Expires: Mon, 12 Sep 2022 22:37:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qBPnaNJFg5Eti4v6WYEqSXMDfqQZNP8eP-BwiK2nspsWt4s_D5GnRg==
Age: 2193

hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js

209.197.3.25

200 OK

17 kB

URL HTTP/1.1
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP
209.197.3.25:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (16885), with no line terminators
Size
17 kB (16885 bytes)
Hash
48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356

HTTP Headers

GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10721591
X-HW: 1663021960.dop207.sk1.t,1663021960.cds236.sk1.shn,1663021960.dop207.sk1.t,1663021960.cds228.sk1.c
Access-Control-Allow-Origin: *

hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js

205.185.208.20

200 OK

5.0 kB

URL HTTP/1.1
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP
205.185.208.20:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (5027), with no line terminators
Size
5.0 kB (5027 bytes)
Hash
5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c

HTTP Headers

GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10450174
X-HW: 1663021960.dop227.sk1.t,1663021960.cds220.sk1.shn,1663021960.cds220.sk1.c
Access-Control-Allow-Origin: *

hw-cdn2.ang-content.com/a7/creatives/1/49/814959/1040545/1040545_logo.png

205.185.208.20

200 OK

3.0 kB

URL HTTP/1.1
hw-cdn2.ang-content.com/a7/creatives/1/49/814959/1040545/1040545_logo.png
IP
205.185.208.20:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (3031 bytes)
Hash
0b1a4f8844a7468537ef9c5efdfd86c0
8680824dc752f61b01b0e4a2c719e0f69aa6efca
3f7b23bc0415c71c830991cdcbbd3d80720609842586592f3f27bf73d6b55d74

HTTP Headers

GET /a7/creatives/1/49/814959/1040545/1040545_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: Keep-Alive
ETag: "1661290692"
Content-Length: 3031
Content-Type: image/png
Last-Modified: Tue, 23 Aug 2022 21:38:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10762121
X-HW: 1663021960.dop012.sk1.t,1663021960.cds236.sk1.shn,1663021960.dop012.sk1.t,1663021960.cds215.sk1.c
Access-Control-Allow-Origin: *

a.adtng.com/get/10002729?time=1555363895445

66.254.114.171

200 OK

12 kB

URL HTTP/2
a.adtng.com/get/10002729?time=1555363895445
IP
66.254.114.171:0
ASN
#29789 REFLECTED

File type
data
Size
12 kB (12113 bytes)
Hash
7a2dccbe186c0f3fbe32eca8ef951476
b510d9eccc5cc1fa0fc137e997333d5a087dc94d
ea619c8d595a4ce90bb3096609eee32247a03546fcdb5e5ddfb2e2c86428d399

HTTP Headers

GET /get/10002729?time=1555363895445 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KImMfs4gkjlDucDtrAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7079; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 631FB388-42FE72AB01BB7A93-24DAD507
X-Firefox-Spdy: h2

hw-cdn2.ang-content.com/a7/creatives/1/49/814986/1040948/1040948_logo.png

205.185.208.20

200 OK

3.3 kB

URL HTTP/1.1
hw-cdn2.ang-content.com/a7/creatives/1/49/814986/1040948/1040948_logo.png
IP
205.185.208.20:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3346 bytes)
Hash
4c992f93419cff2c1c149dfc70e710c6
ea1808199ce5bb59a63edea6fd39bbbf5e7511d7
ba89161f62c517bdd776996943f3e26ed2b92d749178f1c24da07c8db904e27c

HTTP Headers

GET /a7/creatives/1/49/814986/1040948/1040948_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: Keep-Alive
ETag: "1661776299"
Content-Length: 3346
Content-Type: image/png
Last-Modified: Mon, 29 Aug 2022 12:31:39 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10673825
X-HW: 1663021960.dop215.sk1.t,1663021960.cds240.sk1.shn,1663021960.dop215.sk1.t,1663021960.cds017.sk1.c
Access-Control-Allow-Origin: *

thesaurussurf.com/a5/96/32/a59632dda777535e591fa2e7dde66a93.js

192.243.61.227

200 OK

20 kB

URL HTTP/1.1
thesaurussurf.com/a5/96/32/a59632dda777535e591fa2e7dde66a93.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (59437), with no line terminators
Size
20 kB (20341 bytes)
Hash
7e06feed0cd5c470f83f7c1d54749263
14dffe3b3c82d90d996a4d8f7a9e1faad0386b1c
0adaf559cda94598d5f7bc08305d5e26946637f78d33a63f6c3c6d8d774bd303

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /a5/96/32/a59632dda777535e591fa2e7dde66a93.js HTTP/1.1
Host: thesaurussurf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 22:32:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ef2a869e1beb2871b1d0062d2f322735
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

a.adtng.com/get/10002729?time=1555363895445

66.254.114.171

200 OK

9.7 kB

URL HTTP/2
a.adtng.com/get/10002729?time=1555363895445
IP
66.254.114.171:0
ASN
#29789 REFLECTED

File type
data
Size
9.7 kB (9684 bytes)
Hash
c9bd8d8b6049aa80a6c8883dc2260f16
6bc4780d3f7e6207d632a2203a266800fae0eecb
cd116a9e4afd9251f15ed68e305325ee1a7d6d7f8133be6fa1a2bfe1b61f23e6

HTTP Headers

GET /get/10002729?time=1555363895445 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KEmMfs4hCKFN0RJa1Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7041; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 631FB388-42FE72AB01BB7A93-24DAD4EB
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
b32a5e9b733c4d6d00fa0ae101956367
a584d7ac68cf4e1e8d897ef1b0ba8d4d3037e997
6d41a9ea960766d6c7a93e01b3da41b93b651a3e38b00ec9873794c4bbdbee5b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6D41A9EA960766D6C7A93E01B3DA41B93B651A3E38B00EC9873794C4BBDBEE5B"
Last-Modified: Sat, 10 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10237
Expires: Tue, 13 Sep 2022 01:23:17 GMT
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a08de1f4da52733048f50303ff241be1
7e61302bcde4397d4dd24348aaf5581860cea0c6
7349cd1b89a4781daae80312ecab20747edfe839047edc787bbeda4cb2d3d31b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7349CD1B89A4781DAAE80312ECAB20747EDFE839047EDC787BBEDA4CB2D3D31B"
Last-Modified: Sun, 11 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6989
Expires: Tue, 13 Sep 2022 00:29:09 GMT
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: keep-alive

celeritascdn.com/script/compatibility.js

104.16.91.6

200 OK

5.0 kB

URL HTTP/2
celeritascdn.com/script/compatibility.js
IP
104.16.91.6:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
5.0 kB (4985 bytes)
Hash
37c89a4fd4edd8adc0b9523f839699de
a4ef0d4f860387de2079b6f6aa4e4c9d0ec5e4ba
3a37dbd0ec961c1122a9323297e5bcae4a93b87d68bb644d4658d0f403647170

HTTP Headers

GET /script/compatibility.js HTTP/1.1
Host: celeritascdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daxab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdvlhDYanHECByaSza43raCvmpFPU8fiCV7OLEX_q4EIweZAHwBoezGh7KYmWphViGMHxR6yJfcHC_HKodp5ba6Xmg
x-goog-generation: 1655802523449377
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14461
x-goog-hash: crc32c=COVK0Q==, md5=lGu5GSoU5trQNansgXjwcw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Tue, 13 Sep 2022 02:32:40 GMT
cache-control: public, max-age=14400
last-modified: Tue, 21 Jun 2022 09:08:43 GMT
etag: W/"946bb9192a14e6dad035a9ec8178f073"
cf-cache-status: HIT
age: 1212
vary: Accept-Encoding
server: cloudflare
cf-ray: 749c19b4ed45b51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
349efb77dc286c5653310b0358a6221c
b943ed167db03fc167d8811af5b227b2a9fb9191
4f24854f12c2afa74b77b523fa34a78cc756ead857140680c1e76eb7668305a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 22:32:40 GMT
Last-Modified: Mon, 12 Sep 2022 20:47:30 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OC516t1K-h0Lmn6Ahs7xWtYaNIxduV_4ODMGYmCWaQOYs_ugqAPKZg==
Age: 6310

simplewebanalysis.com/stats

52.59.153.168

200 OK

30 kB

URL HTTP/2
simplewebanalysis.com/stats
IP
52.59.153.168:0
ASN
#16509 AMAZON-02

File type
data
Size
30 kB (30539 bytes)
Hash
19b50c01c8d5ccf4d2b28eb414986870
141ba1ee4946b216ce5bf0770569f4e15a08770e
3c5f1154dd09b8b16c012f7b46a4b75b9a288c5a53ec459543cc62c593cc4b74

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daftsex.com
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://daftsex.com
access-control-allow-credentials: true
set-cookie: uid_id2=5792855a-3f3f-4988-a851-1be2873187ae:2:1; expires=Thu, 09 Sep 2032 22:32:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.43.253.52

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.253.52:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jqzlvYYOE/AqoM8zCtsf8w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VkvHdhNhJXt9WWMz4AieNQ+xxlQ=

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d2459905efc0d0d5c1d595afd6e1275d
6a3f9a8b2ef044467291e4e5bbd3fd6e505b5b19
f01ea0d062d0bc57b5101ef667c14993d40d9c7f24a6f5859b3f66bc7147c37e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:32:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 19:53:32 GMT
Expires: Fri, 16 Sep 2022 19:53:31 GMT
Etag: "6a3f9a8b2ef044467291e4e5bbd3fd6e505b5b19"
Cache-Control: max-age=335450,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749c19b6b8960b45-OSL

e1.o.lencr.org/

95.101.11.115

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
b32a5e9b733c4d6d00fa0ae101956367
a584d7ac68cf4e1e8d897ef1b0ba8d4d3037e997
6d41a9ea960766d6c7a93e01b3da41b93b651a3e38b00ec9873794c4bbdbee5b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6D41A9EA960766D6C7A93E01B3DA41B93B651A3E38B00EC9873794C4BBDBEE5B"
Last-Modified: Sat, 10 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10237
Expires: Tue, 13 Sep 2022 01:23:17 GMT
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
279e23966ec0a262edc36219bb30ee6c
147d0e5f83e627e5a8e09247bef080fadedeadd0
295d242f1b8c87609e303484b44114b2d21fdf4f8de8539f0876081eddd29231

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "295D242F1B8C87609E303484B44114B2D21FDF4F8DE8539F0876081EDDD29231"
Last-Modified: Sun, 11 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7766
Expires: Tue, 13 Sep 2022 00:42:06 GMT
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
279e23966ec0a262edc36219bb30ee6c
147d0e5f83e627e5a8e09247bef080fadedeadd0
295d242f1b8c87609e303484b44114b2d21fdf4f8de8539f0876081eddd29231

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "295D242F1B8C87609E303484B44114B2D21FDF4F8DE8539F0876081EDDD29231"
Last-Modified: Sun, 11 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7766
Expires: Tue, 13 Sep 2022 00:42:06 GMT
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: keep-alive

graduatewonderentreaty.com/c7/28/b2/c728b26853ace83e7b56264fcb197a60.js

173.233.137.44

200 OK

13 kB

URL HTTP/1.1
graduatewonderentreaty.com/c7/28/b2/c728b26853ace83e7b56264fcb197a60.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (37114), with no line terminators
Size
13 kB (13400 bytes)
Hash
161ed5ded805064b029139ffddefb9f1
df7b510b3378d12d87f3ece23ab6c5d136c9934e
4d9dde6e758d412bd2339475954452363c28cbcda00098937cc00147985fa76f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /c7/28/b2/c728b26853ace83e7b56264fcb197a60.js HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 22:32:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 905b3f8fc50c4d0b2c1c9cba3d3ecd5c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

graduatewonderentreaty.com/pixel/purst?dl=0&th=0&sc=0&rs=1246&rd=1246&fd=644&bv=22.8.v.1&tmpl=70

173.233.137.44

200 OK

0 B

URL HTTP/1.1
graduatewonderentreaty.com/pixel/purst?dl=0&th=0&sc=0&rs=1246&rd=1246&fd=644&bv=22.8.v.1&tmpl=70
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1246&rd=1246&fd=644&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 22:32:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
503237177a3d86d83f4c970effc37833
e2c733d5fe37ec941521578d5bdcf0bcad00d7e5
16380371ae5fc51ca985271a1fccdcd8e203b4af6134e8ffbe4e957a04180764

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16380371AE5FC51CA985271A1FCCDCD8E203B4AF6134E8FFBE4E957A04180764"
Last-Modified: Sun, 11 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11246
Expires: Tue, 13 Sep 2022 01:40:07 GMT
Date: Mon, 12 Sep 2022 22:32:41 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d2459905efc0d0d5c1d595afd6e1275d
6a3f9a8b2ef044467291e4e5bbd3fd6e505b5b19
f01ea0d062d0bc57b5101ef667c14993d40d9c7f24a6f5859b3f66bc7147c37e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:32:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 19:53:32 GMT
Expires: Fri, 16 Sep 2022 19:53:31 GMT
Etag: "6a3f9a8b2ef044467291e4e5bbd3fd6e505b5b19"
Cache-Control: max-age=335449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749c19b8a9a00b45-OSL

banquetunarmedgrater.com/advertisers.js

192.243.59.13

200 OK

0 B

URL HTTP/1.1
banquetunarmedgrater.com/advertisers.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 12 Sep 2022 22:32:41 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7499c9d1b3a6786ba2dee82d45e4fd9e
Strict-Transport-Security: max-age=0; includeSubdomains

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
7851482e721e0b7f3e894f07bfd7ae62
3e73f18956998a4949f2803c60ee71e903f2a678
f68397ba4108087074389d7603bc6391810f73eb4b39c58ac0391270cb0528bc

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:32:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 16 Sep 2022 20:13:59 GMT
ETag: "3e73f18956998a4949f2803c60ee71e903f2a678"
Last-Modified: Mon, 12 Sep 2022 20:14:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2470
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c19bb2978b505-OSL

onclickgenius.com/script/suurl.php?r=1865791&cbrandom=0.06776752297670374&cbiframe=1&cbWidth=702&cbHeight=395&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com

35.190.71.96

200 OK

3.0 kB

URL HTTP/2
onclickgenius.com/script/suurl.php?r=1865791&cbrandom=0.06776752297670374&cbiframe=1&cbWidth=702&cbHeight=395&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com
IP
35.190.71.96:0
ASN
#15169 GOOGLE

File type
data
Size
3.0 kB (2970 bytes)
Hash
fb56aaca8353a0f0cfc7eba5450c5e68
0fdcc169d5c4a67a9f6b7d5ea8dae8816ba5e8ca
d0c0aa69e87872d157a14472803e51d97acc73a926d8b752f9b8890d83c46b84

HTTP Headers

GET /script/suurl.php?r=1865791&cbrandom=0.06776752297670374&cbiframe=1&cbWidth=702&cbHeight=395&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com HTTP/1.1
Host: onclickgenius.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daxab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

counter.yadro.ru/hit?t45.6;r;s1280*1024*24;uhttps%3A//daftsex.com/watch/-125812644_456239791;hpussylingus%20%281%29%20%u2014%20DaftSex;0.34690905843485886

88.212.201.198

200 OK

104 B

URL HTTP/1.1
counter.yadro.ru/hit?t45.6;r;s1280*1024*24;uhttps%3A//daftsex.com/watch/-125812644_456239791;hpussylingus%20%281%29%20%u2014%20DaftSex;0.34690905843485886
IP
88.212.201.198:0
ASN
#39134 United Network LLC

File type
GIF image data, version 87a, 31 x 31\012- data
Size
104 B (104 bytes)
Hash
77be1b29d5a9ddd0b4cf1878f1de4b25
29ee14ca48b313868412505ba4fb102dccf7dc6b
aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970

HTTP Headers

GET /hit?t45.6;r;s1280*1024*24;uhttps%3A//daftsex.com/watch/-125812644_456239791;hpussylingus%20%281%29%20%u2014%20DaftSex;0.34690905843485886 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 12 Sep 2022 22:32:41 GMT
Content-Type: image/gif
Content-Length: 104
Connection: keep-alive
Expires: Sun, 12 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400

sun9-66.userapi.com/c855320/v855320487/22cd71/Aot4Q5xpJzo.jpg

87.240.185.165

200 OK

11 kB

URL HTTP/2
sun9-66.userapi.com/c855320/v855320487/22cd71/Aot4Q5xpJzo.jpg
IP
87.240.185.165:0
ASN
#47541 VKontakte Ltd

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 320x240, components 3\012- data
Size
11 kB (10916 bytes)
Hash
ca6cc77e4ef66b543f83b890dd301511
0d4ba670279db991882e72b1b5e38e62e068638a
ed05429be8b42dd106974d3ef5ab448d65071cc96d29f00878687d3b47f2d6b6

HTTP Headers

GET /c855320/v855320487/22cd71/Aot4Q5xpJzo.jpg HTTP/1.1
Host: sun9-66.userapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: kittenx
date: Mon, 12 Sep 2022 22:32:41 GMT
content-type: image/jpeg
content-length: 10916
last-modified: Fri, 24 Apr 2020 22:52:53 GMT
expires: Wed, 12 Oct 2022 22:32:41 GMT
cache-control: max-age=2592000
x-frontend: front226105
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2

sun9-68.userapi.com/c636222/v636222747/3e19f/aZOYCaUG8OY.jpg

87.240.185.167

200 OK

52 kB

URL HTTP/2
sun9-68.userapi.com/c636222/v636222747/3e19f/aZOYCaUG8OY.jpg
IP
87.240.185.167:0
ASN
#47541 VKontakte Ltd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 320x240, components 3\012- data
Size
52 kB (52382 bytes)
Hash
8bbb8ca536d30a479b009900b5389bf3
24a90ba6e7c60e5d3ccfcf034d2a992126e3f8b1
6c70674ff9cef071060caa0fdfec4706d7d44c936fd6f121ec125fd3abd8f4f3

HTTP Headers

GET /c636222/v636222747/3e19f/aZOYCaUG8OY.jpg HTTP/1.1
Host: sun9-68.userapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: kittenx
date: Mon, 12 Sep 2022 22:32:41 GMT
content-type: image/jpeg
content-length: 52382
last-modified: Thu, 08 Dec 2016 15:08:57 GMT
expires: Wed, 12 Oct 2022 22:32:41 GMT
cache-control: max-age=2592000
x-frontend: front226107
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:32:41 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:32:41 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:32:41 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:32:41 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:32:41 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9466 bytes)
Hash
6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: u_jETr8miiFyuhq7R09yb0lAP-hUv_6eTRV81Xzd9gSqU31VXwC9CQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:15:48 GMT
age: 69413
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8799 bytes)
Hash
c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bTzXQvDkX23_t4vLJNWv7bg-DoRsdqiBhwNJH5B-RcXxj9RC-87LvA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:41:52 GMT
age: 3049
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8485 bytes)
Hash
e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2jR7F56GE_qqbRBWjNDiDBgWbCYv-Ac6kvC1LI0HciQkKGTeNDYlyw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:57:43 GMT
age: 2098
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9815 bytes)
Hash
239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:41 GMT
age: 2220
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6999 bytes)
Hash
b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:38:55 GMT
age: 68026
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
090a097732f15b625208ab10faeea110
33b4fbb528d5b24e6edeebec3887e9b92bed4272
dd912cb8f4b18a02f086446af981c96af8de389bb8872f8bb6dd76cb5b018194

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD912CB8F4B18A02F086446AF981C96AF8DE389BB8872F8BB6DD76CB5B018194"
Last-Modified: Sat, 10 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11007
Expires: Tue, 13 Sep 2022 01:36:08 GMT
Date: Mon, 12 Sep 2022 22:32:41 GMT
Connection: keep-alive

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4162 bytes)
Hash
b674daf3dc6e85ed054ab34d69979b86
47aaf5a3af2c25820d01d613c82b7f1279a298fc
7b9993ef69d4b77c1533ada040c85563b9cf7b1f5d007177c005f6cd7fdba1d3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4162
x-amzn-requestid: 9dc27e34-69e1-439d-8974-1297584ef4d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIhuHlWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87a4-410e9ede524aa657609a057a;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jGj2al3pBpze7UQnHild4DxKndrprY4pTG_EZScw2RukQlgFEvNMkw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:18:04 GMT
age: 54877
etag: "47aaf5a3af2c25820d01d613c82b7f1279a298fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=5792855a-3f3f-4988-a851-1be2873187ae&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a59632dda777535e591fa2e7dde66a93&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=5792855a-3f3f-4988-a851-1be2873187ae&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a59632dda777535e591fa2e7dde66a93&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=5792855a-3f3f-4988-a851-1be2873187ae&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a59632dda777535e591fa2e7dde66a93&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 12 Sep 2022 22:32:42 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6d2875ba64024e9cca445d74d67597c8
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=5792855a-3f3f-4988-a851-1be2873187ae&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=c728b26853ace83e7b56264fcb197a60&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=5792855a-3f3f-4988-a851-1be2873187ae&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=c728b26853ace83e7b56264fcb197a60&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=5792855a-3f3f-4988-a851-1be2873187ae&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=c728b26853ace83e7b56264fcb197a60&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 12 Sep 2022 22:32:42 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4f10e93eae270f74b37f67e4671e2731
Strict-Transport-Security: max-age=0; includeSubdomains

creepingbrings.com/sfp.js

104.21.234.233

200 OK

0 B

URL HTTP/2
creepingbrings.com/sfp.js
IP
104.21.234.233:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:41 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 5f506e5837b91b8fb4090dcff3908bb6
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 12 Sep 2022 22:32:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBDkpjDCjbqNk7RyJy7Mc7a5hRo9Wl%2BYLbbeWE798LqE6MXhi6y6fP%2BjNQBya7c4e2VqZjU3cjqE2YE36OYIP6gUrUTUk78X1tym8RAsTjHhaaZjR2aIcVxZdmRsFuWOuIPrd5I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749c19b92baa0712-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

a.adtng.com/get/10009021?time=1575323689465

66.254.114.171

200 OK

0 B

URL HTTP/2
a.adtng.com/get/10009021?time=1575323689465
IP
66.254.114.171:0
ASN
#29789 REFLECTED

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /get/10009021?time=1575323689465 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KFmMfs4hee2OTM1JTAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7040; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 631FB388-42FE72AB01BB7A93-24DAD4F1
X-Firefox-Spdy: h2

daxab.com/player/js/player.e1fc5faa5683f0e8.js

104.21.234.225

200 OK

0 B

URL HTTP/2
daxab.com/player/js/player.e1fc5faa5683f0e8.js
IP
104.21.234.225:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /player/js/player.e1fc5faa5683f0e8.js HTTP/1.1
Host: daxab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daxab.com/player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 05 Aug 2022 07:16:30 GMT
etag: W/"62ecc3ce-26673"
cache-control: max-age=14400
cf-cache-status: HIT
age: 476
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORW4rytdNTRAm6jf%2BnAWZo23kM9OoAVDi%2BOLWr%2BdWCkY1xLkna3nvIxcPxDYf2Bfsz%2FwbNAmyegmhDEfBSZBHLlVnddYo1gHUoiFIpbEB4vY1ysDGSBP2Fo2O%2Bw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749c19b389c8dd7e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

104.21.234.254

200 OK

0 B

URL HTTP/2
addresseepaper.com/sfp.js
IP
104.21.234.254:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: a4a480fd7b86e4caff98c359fbb32b29
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 12 Sep 2022 22:32:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCWMmI0bfrksVBgMo%2FCG3ABYc2ahroQsXiJ7pIfAb94ikV%2BSq520LY5yXwS08r9NpsPOoo5nbL2umS3ks6Nco3tMWKmZL%2BDO06r6PnFJjs8OTUHfvVxHnbPENfhWHouRCOXId4U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749c19b5dd7cdd7a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

daftsex.com/watch/-125812644_456239791

172.67.163.49

200 OK

0 B

URL HTTP/2
daftsex.com/watch/-125812644_456239791
IP
172.67.163.49:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /watch/-125812644_456239791 HTTP/1.1
Host: daftsex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:39 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
set-cookie: ext_on=1; expires=Mon, 12-Sep-2022 22:33:39 GMT; Max-Age=60
vary: Accept-Encoding
proxy-firewall: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tY8AzT2s6JQoZKfREn0hWjiOMJima1sqUYvvwfG8zna2Fb8PCdatlFC5d5TN9pJmjFLwPr4HOVsUVGGZr1KGRcleescb5%2FG%2FLqzsN6Ybyx6Xfj6xfXwy3jBqhSSJnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749c19af6de8b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

daxab.com/player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24

104.21.234.225

200 OK

0 B

URL HTTP/2
daxab.com/player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24
IP
104.21.234.225:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24 HTTP/1.1
Host: daxab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLJP2Tzrcf5qPTSAHvaWJZXkkfkmK0%2BC0QUbjJFfGrbNZXFIDW%2FBG5FlxeO9smXghW1Mlc7ZCqFSOGtHnkZU0wq6qBpftD4EzM2%2BFqx65BtUXSY4JHb2L%2Foti4w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749c19b2b871dd7e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

daxab.com/player/css/videoplayer.37b7600b79af5957.css

104.21.234.225

200 OK

0 B

URL HTTP/2
daxab.com/player/css/videoplayer.37b7600b79af5957.css
IP
104.21.234.225:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /player/css/videoplayer.37b7600b79af5957.css HTTP/1.1
Host: daxab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daxab.com/player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: text/css
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"607061fd-7b11"
last-modified: Fri, 09 Apr 2021 14:17:33 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bS4r37QF1Ml%2F%2BAuK8Ox%2F7EfSegbMQxXE%2BMmSK%2FUPdSdBJMGhQoRlNKp98TzaNDM02HU8GUJ76KlY%2FTjV%2Fck3pGCMmHo9q9FRqwJn5omp2Iyodwdd1MbGiGiXBA8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749c19b389c5dd7e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

daxab.com/player/js/utils.302f113eba88d6ca.js

104.21.234.225

200 OK

0 B

URL HTTP/2
daxab.com/player/js/utils.302f113eba88d6ca.js
IP
104.21.234.225:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /player/js/utils.302f113eba88d6ca.js HTTP/1.1
Host: daxab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daxab.com/player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Apr 2022 05:17:34 GMT
etag: W/"6260e8ee-4dace"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1631
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MauQRZv43dqdmJ%2FDvE01bS1dCgW84CTtDaqGgX%2FTxD%2BzuZQBs7lB8hJB9bm2D97M4qiFW8r8VmytGM4ml8jbDOgp1b93zenkEQGPk0ceIkBQhn5FdZEdZxMh1NM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749c19b389c6dd7e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

celeritascdn.com/script/firefox.js

104.16.91.6

200 OK

0 B

URL HTTP/2
celeritascdn.com/script/firefox.js
IP
104.16.91.6:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /script/firefox.js HTTP/1.1
Host: celeritascdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daxab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdvH-yqjXKyaHKUPK-aQKwedkGEubqC3QMOqF_XwP5SDPhN4By_4HctypCwXqOBx7LQKpL2ZiP3qSkpfNExP2kFHWw
x-goog-generation: 1655802539797909
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11758
x-goog-hash: crc32c=BzbV2Q==, md5=FGGUDP1gk2QLY7kxaCzOTQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Tue, 13 Sep 2022 02:32:40 GMT
cache-control: public, max-age=14400
last-modified: Tue, 21 Jun 2022 09:08:59 GMT
etag: W/"1461940cfd6093640b63b931682cce4d"
cf-cache-status: HIT
age: 2062
vary: Accept-Encoding
server: cloudflare
cf-ray: 749c19b68eaeb51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (46)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations