Report - videok.biz/cyhml2k.php?key=wk55ruuqjgqg2yv0ud2t&c1=170125431409990TUSTV45768844854V636&c2=&t1=3744085-1760936132-0&t2=Symantec%20Endpoint%20Protection&t3=en&t4=Generic%20Android%20Mobile&t5=304537620&t7=Unknown&t8=3744085&t9=23501298&t10=

Report Overview

Visited public
2023-11-29 10:39:09
Tags
URL
videok.biz/cyhml2k.php?key=wk55ruuqjgqg2yv0ud2t&c1=170125431409990TUSTV45768844854V636&c2=&t1=3744085-1760936132-0&t2=Symantec%20Endpoint%20Protection&t3=en&t4=Generic%20Android%20Mobile&t5=304537620&t7=Unknown&t8=3744085&t9=23501298&t10=
Finishing URL
pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099#
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Title
Play

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
e1gl2c0gio.facevideosc.com	unknown	unknown	No data	No data	1.1 kB	12 kB	104.26.8.177
zs1q3pdg9s.facevideosc.com	unknown	unknown	No data	No data	1.2 kB	12 kB	104.26.8.177
dqjp7c4ebk.facevideosc.com	unknown	unknown	No data	No data	1.1 kB	16 kB	104.26.8.177
qdxamgipfk.facevideosc.com	unknown	unknown	No data	No data	1.1 kB	18 kB	104.26.8.177
e30f1q5xra2xigm6ff.facevideosc.com	unknown	unknown	No data	No data	548 B	724 B	104.26.8.177
ddtvskish.com	unknown	2023-06-19	2023-06-19 19:11:19	2023-11-25 16:50:17	2.4 kB	1.7 kB	139.45.197.251
facevideosc.com	unknown	2022-05-16	2022-05-17 14:33:36	2023-11-27 20:12:44	4.8 kB	110 kB	104.26.8.177
3bdm13eqjk.facevideosc.com	unknown	unknown	No data	No data	1.1 kB	22 kB	104.26.8.177
j9uiv3u1zk.facevideosc.com	unknown	unknown	No data	No data	555 B	4.6 kB	104.26.8.177
6of6yyzp2o.facevideosc.com	unknown	unknown	No data	No data	1.7 kB	12 kB	104.26.8.177
xfp0v2taww.facevideosc.com	unknown	unknown	No data	No data	555 B	15 kB	104.26.8.177
pv62xqijy8.facevideosc.com	unknown	unknown	No data	No data	2.2 kB	24 kB	104.26.8.177

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-29 10:38:55	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-11-29 10:38:55	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	unknown	EventHandler	65 B	2023-05-12	2024-10-04
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-05-12 19:26 Last Seen2024-10-04 11:20 Times Seen82 Hash c7a09cac843b8fa4e57b09b4e0535590 17a79ba2b5995b546184b4b71897d4da56542355 fadcda44c9e4915e600886e274040bb21efc11b3974ac625abc54398f6496659 Loading...

	unknown	ScriptElement	444 B	2023-03-07	2024-10-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28 Last Seen2024-10-04 11:07 Times Seen326 Hash a5964115c589e6ac706966bdd17b4318 574e85a6842075c22750856eb7c06da299389ceb 8f979b26375828fea21e1a76ea1b844f171a0da1348ad25631a92dd98bfb3945 Loading...

	unknown	ScriptElement	951 B	2023-11-06	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-06 17:19 Last Seen2024-08-20 20:40 Times Seen39 Hash 442fce950dbbcc695fb08074943b49cd 0a916a13eb2a74328fcbc2f52a3b8f6f9ef8ca75 5fbe811776b77d8577486315470692fc09fc82d278aeba34dfe066892abef40b Loading...

	pv62xqijy8.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-05-11
Pretty URL pv62xqijy8.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.26.8.177 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:56 Times Seen31313 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	unknown	ScriptElement	210 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:28 Last Seen2024-08-20 17:28 Times Seen1 Hash a775d489def49fcb7d97b39cdb48ed11 ac7a5696bd10b6aded047daadc2de8231948b9eb 49ca03e002273476caeefe1ce7593719a5cf5ba7962f69d6a3652b46834b7704 Loading...

	unknown	ScriptElement	355 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:28 Last Seen2024-08-20 17:28 Times Seen1 Hash ba9016eb35d829182df97052e73494f8 6a089b36fee5d2a3e8c5d4d38fedd5f416e685fa 66520cd35af96b7116f16ff447f6c05a7debe426a79b51dcb23d4f378677576d Loading...

	unknown	ScriptElement	5.9 kB	2023-11-06	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-06 17:19 Last Seen2024-08-20 20:40 Times Seen39 Hash 12e1250b07d7270c82d67ca75b7b35aa c11cfb59b151bb52e4cc73bf85422498ff6568a3 36bbcc61414f6404f0497f2a326f536519355cd97647468f21be9f71c83ecdbb Loading...

	facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js	ScriptElement	27 kB	2023-07-31	2024-10-25
Pretty URL facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js IP 104.26.8.177 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-31 22:15 Last Seen2024-10-25 14:44 Times Seen387 Hash f0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e Loading...

	unknown	ScriptElement	659 B	2023-11-06	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-06 17:19 Last Seen2024-08-20 20:40 Times Seen38 Hash 5a05e260ae9fc1bcacb7ac4a71a9b1f7 f29eef6b6416cbe2b0d181301af29cc218adf547 a47287fd638aa6b0d22e0774d252514674142a01d9aa04f515dba3511c47f96c Loading...

HTTP Transactions (33)

	URL	IP	Response	Size
	e30f1q5xra2xigm6ff.facevideosc.com/favicon.ico	104.26.8.177		0 B
URL e30f1q5xra2xigm6ff.facevideosc.com/favicon.ico IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /favicon.ico HTTP/1.1 Host: e30f1q5xra2xigm6ff.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e30f1q5xra2xigm6ff.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099&gg=2099 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:52 GMT content-type: image/x-icon content-length: 0 last-modified: Tue, 28 Jun 2022 23:55:56 GMT etag: "62bb950c-0" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJfoe1iiciZfXncLjLrBXoc4ZpnAQhDoGdUSp15wP9zHC7BeSeVJ1a9OVqIj54PnKXdhEIoAv3S78jT82AvMRtMstnx5f0w8o5EM9%2Bbl5cFKctYPNYM3LISCNLLuF40i2Q%2FdDEEc0slPyljOdpPlqd9zxO8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da3939adc0b4f4-OSL X-Firefox-Spdy: h2

	ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=e30f1q5xra2xigm6ff.facevideosc.com&var=2099&ymid=e30f1q5xra2xigm6ff&var_3=&var_4=&dsig=&action=prerequest	139.45.197.251		0 B
URL ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=e30f1q5xra2xigm6ff.facevideosc.com&var=2099&ymid=e30f1q5xra2xigm6ff&var_3=&var_4=&dsig=&action=prerequest IP 139.45.197.251:0 ASN #9002 RETN Limited File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=e30f1q5xra2xigm6ff.facevideosc.com&var=2099&ymid=e30f1q5xra2xigm6ff&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1 Host: ddtvskish.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://e30f1q5xra2xigm6ff.facevideosc.com DNT: 1 Connection: keep-alive Referer: https://e30f1q5xra2xigm6ff.facevideosc.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 200 OK server: nginx date: Wed, 29 Nov 2023 10:38:52 GMT content-length: 0 x-trace-id: 0b7dab3d8eb25dcacb1d650e8172d7f6 access-control-allow-origin: https://e30f1q5xra2xigm6ff.facevideosc.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2`

	facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js	104.26.8.177	200 OK	10 kB
URL GET HTTP/2 facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js IP 104.26.8.177:443 ASN #13335 CLOUDFLARENET Requested by https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Certificate IssuerGoogle Trust Services LLC Subjectfacevideosc.com Fingerprint30:0F:E4:7A:1A:BF:E3:85:C4:62:AF:85:A2:FC:07:CF:81:39:25:20 ValiditySat, 14 Oct 2023 17:47:22 GMT - Fri, 12 Jan 2024 17:47:21 GMT File type ASCII text, with very long lines (26779), with no line terminators Size 10 kB (10310 bytes) Hash f0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e HTTP Headers GET /micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js HTTP/1.1 Host: facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://x3miqt40tc.facevideosc.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:52 GMT content-type: application/javascript; charset=utf-8 last-modified: Mon, 31 Jul 2023 21:58:24 GMT vary: Accept-Encoding etag: W/"64c82e80-689b" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: HIT age: 0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkEeGR0LECl09IZYuluSNvuo7t3djYFvyOtDqd9ci05OTW7ImOF9s8WUL7KeT0wIWys65KsAYPRC%2FXQK65HbFbDF0N1KnQUS5ohGgbkNKD7u7laNoB2uxAW2ye6zUmoC%2FA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82da393cc842b4f4-OSL content-encoding: br X-Firefox-Spdy: h2

	e1gl2c0gio.facevideosc.com/favicon.ico	104.26.8.177		0 B
URL e1gl2c0gio.facevideosc.com/favicon.ico IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /favicon.ico HTTP/1.1 Host: e1gl2c0gio.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e1gl2c0gio.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:53 GMT content-type: image/x-icon content-length: 0 last-modified: Tue, 28 Jun 2022 23:55:56 GMT etag: "62bb950c-0" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FqHWliUhoYLE4nmwyCXb91lYifirh4FTNtny5eKx7tGBBOkd%2BYj7zyYUFfNCHPDGbglUVvGlkU0XpZalk%2FIMJzCQItYLP1K54DhV%2BvMJq3Z4NVgeHEl7aWRJ5QsKP6OfuslwGFGZx0TO5r5"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da393e29a1b4f4-OSL X-Firefox-Spdy: h2

	facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js	104.26.8.177	200 OK	10 kB
URL GET HTTP/2 facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js IP 104.26.8.177:443 ASN #13335 CLOUDFLARENET Requested by https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Certificate IssuerGoogle Trust Services LLC Subjectfacevideosc.com Fingerprint30:0F:E4:7A:1A:BF:E3:85:C4:62:AF:85:A2:FC:07:CF:81:39:25:20 ValiditySat, 14 Oct 2023 17:47:22 GMT - Fri, 12 Jan 2024 17:47:21 GMT File type ASCII text, with very long lines (26779), with no line terminators Size 10 kB (10310 bytes) Hash f0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e HTTP Headers GET /micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js HTTP/1.1 Host: facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e1gl2c0gio.facevideosc.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:53 GMT content-type: application/javascript; charset=utf-8 last-modified: Mon, 31 Jul 2023 21:58:24 GMT vary: Accept-Encoding etag: W/"64c82e80-689b" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: HIT age: 1 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1Poo3ijp7J9S5wOdojCK54BZ3V140mj4d9ekUUxFacxozV0h2dDMHEAQxcB3n7WlbRF8b6xLPlUnaZk6X3ejO6Rwey%2BtCZDeZ4LuaqEEY2XNIeMXYn%2BHKivM25uTdXhlA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82da393e89f7b4f4-OSL content-encoding: br X-Firefox-Spdy: h2

	zs1q3pdg9s.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	104.26.8.177		3.9 kB
URL zs1q3pdg9s.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (12331) Size 3.9 kB (3886 bytes) Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 HTTP Headers GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 Host: zs1q3pdg9s.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zs1q3pdg9s.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:53 GMT content-type: application/javascript last-modified: Thu, 16 Nov 2023 21:55:48 GMT etag: W/"65568fe4-302c" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsZfa7Jwo8zgzSRGZeTfZMg5Bn5zcLVtZHnmJ%2BbJu37JaLc03M5pJUJ9LSO4OA0WHqeKTRCYEs93SM%2FXF5%2F3uQfMu8%2F3%2B57fRIxa1k0k6bTSvqfwfQUXkuLUNCYX5pJI2usZWDjfE2zebaDZ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da393fbb22b4f4-OSL x-frame-options: DENY x-content-type-options: nosniff expires: Fri, 01 Dec 2023 10:38:53 GMT cache-control: max-age=172800, public content-encoding: gzip X-Firefox-Spdy: h2

	3bdm13eqjk.facevideosc.com/favicon.ico	104.26.8.177		0 B
URL 3bdm13eqjk.facevideosc.com/favicon.ico IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /favicon.ico HTTP/1.1 Host: 3bdm13eqjk.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://3bdm13eqjk.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:53 GMT content-type: image/x-icon content-length: 0 last-modified: Tue, 28 Jun 2022 23:55:56 GMT etag: "62bb950c-0" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwfIq9vKbtGUVF4pWeDKPq0svzpvUB8Y8AjDZRIWXQsWidjZ1e0F%2Byhih7L%2FhfjUe9xQUIKfNL56x9lhFeDd0JhbHpl3hTfreMdkfwNCOGBAGhhT6y0bcyBfhlp0mByZ8owZZWaIwluEOHdr"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da39418d95b4f4-OSL X-Firefox-Spdy: h2

	facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js	104.26.8.177	200 OK	10 kB
URL GET HTTP/2 facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js IP 104.26.8.177:443 ASN #13335 CLOUDFLARENET Requested by https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Certificate IssuerGoogle Trust Services LLC Subjectfacevideosc.com Fingerprint30:0F:E4:7A:1A:BF:E3:85:C4:62:AF:85:A2:FC:07:CF:81:39:25:20 ValiditySat, 14 Oct 2023 17:47:22 GMT - Fri, 12 Jan 2024 17:47:21 GMT File type ASCII text, with very long lines (26779), with no line terminators Size 10 kB (10310 bytes) Hash f0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e HTTP Headers GET /micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js HTTP/1.1 Host: facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://3bdm13eqjk.facevideosc.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:53 GMT content-type: application/javascript; charset=utf-8 last-modified: Mon, 31 Jul 2023 21:58:24 GMT vary: Accept-Encoding etag: W/"64c82e80-689b" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: HIT age: 1 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0c52ANhYhx5RZotAPtdIIW8JlkSZ4W227GlpjeyRkuVAeTbvQYSQZ9wsWUzmGCqMB5J4WbyxLJJP5ai4bwMfuMRYAyFKrWpCW3aDc4NELj67OM7HoX1Q744omtko8UAdkg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82da3941ee29b4f4-OSL content-encoding: br X-Firefox-Spdy: h2

	j9uiv3u1zk.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	104.26.8.177		3.9 kB
URL j9uiv3u1zk.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (12331) Size 3.9 kB (3886 bytes) Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 HTTP Headers GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 Host: j9uiv3u1zk.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://j9uiv3u1zk.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:53 GMT content-type: application/javascript last-modified: Thu, 16 Nov 2023 21:55:48 GMT etag: W/"65568fe4-302c" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQfyycNoavdf76hZS8xdwgW9KF%2Ft8gMDu5m9xe3e6LdJDLQZxLztUgBsmPCT9KixJ0Qy0pnkWZgAz27Pbxld97KieSV020J7v%2FYRXVbQcrQ5LRiapBKf1XXMwGj1mc2ClW%2FUYD3%2FmKMqxCzH"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da3942ef4db4f4-OSL x-frame-options: DENY x-content-type-options: nosniff expires: Fri, 01 Dec 2023 10:38:53 GMT cache-control: max-age=172800, public content-encoding: gzip X-Firefox-Spdy: h2

	ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=j9uiv3u1zk.facevideosc.com&var=2099&ymid=e30f1q5xra2xigm6ff&var_3=&var_4=&dsig=&action=prerequest	139.45.197.251		0 B
URL ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=j9uiv3u1zk.facevideosc.com&var=2099&ymid=e30f1q5xra2xigm6ff&var_3=&var_4=&dsig=&action=prerequest IP 139.45.197.251:0 ASN #9002 RETN Limited File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=j9uiv3u1zk.facevideosc.com&var=2099&ymid=e30f1q5xra2xigm6ff&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1 Host: ddtvskish.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://j9uiv3u1zk.facevideosc.com DNT: 1 Connection: keep-alive Referer: https://j9uiv3u1zk.facevideosc.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 TE: trailers `HTTP/2 200 OK server: nginx date: Wed, 29 Nov 2023 10:38:54 GMT content-length: 0 x-trace-id: 2de25ce88b935ceb5561cf44ea430e37 access-control-allow-origin: https://j9uiv3u1zk.facevideosc.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2`

	facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js	104.26.8.177	200 OK	10 kB
URL GET HTTP/2 facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js IP 104.26.8.177:443 ASN #13335 CLOUDFLARENET Requested by https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Certificate IssuerGoogle Trust Services LLC Subjectfacevideosc.com Fingerprint30:0F:E4:7A:1A:BF:E3:85:C4:62:AF:85:A2:FC:07:CF:81:39:25:20 ValiditySat, 14 Oct 2023 17:47:22 GMT - Fri, 12 Jan 2024 17:47:21 GMT File type ASCII text, with very long lines (26779), with no line terminators Size 10 kB (10310 bytes) Hash f0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e HTTP Headers GET /micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js HTTP/1.1 Host: facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://6rw0ckrlc0.facevideosc.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:54 GMT content-type: application/javascript; charset=utf-8 last-modified: Mon, 31 Jul 2023 21:58:24 GMT vary: Accept-Encoding etag: W/"64c82e80-689b" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: HIT age: 2 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56ARw2ENtCsHmdpED7Ibpv52JSmJCgEDxq%2FmvzDmtkJP68k023jy1MmthxW%2BASYmP1kTq5yvOUE9UnrU7T725hwfceL2YgyLBkicvWcHtrKSE31lZ5yeu7YKhZ0y5jvmbg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82da39450958b4f4-OSL content-encoding: br X-Firefox-Spdy: h2

	zs1q3pdg9s.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099	104.26.8.177		6.5 kB
URL zs1q3pdg9s.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5374) Size 6.5 kB (6495 bytes) Hash 927e98a5b5cb852b1103d86bf39c14b2 ba935e961d1cc110847e8f175009a4a25dac447d 18f68e54e4d11102a60b838e0c9f697640f270eef99f70bbabdf5315d04e8cfb HTTP Headers GET /error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 HTTP/1.1 Host: zs1q3pdg9s.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e1gl2c0gio.facevideosc.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:53 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BaM0MRrWE%2FkiTgoqPycWDdt991mCle%2FyBEtIeE%2BaUunsZQEXW%2Fpg1T9ky8AgXfXJHPmoJ5I6i4rAyCv8ideMXyAjYP87YlBx7MUVH%2FrbGZyUsRQO500u4uzf5ZDX59oTdAfJ6jcoHtwXqJH"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82da393f2a7eb4f4-OSL content-encoding: br X-Firefox-Spdy: h2

	facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js	104.26.8.177	200 OK	21 kB
URL GET HTTP/2 facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js IP 104.26.8.177:443 ASN #13335 CLOUDFLARENET Requested by https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Certificate IssuerGoogle Trust Services LLC Subjectfacevideosc.com Fingerprint30:0F:E4:7A:1A:BF:E3:85:C4:62:AF:85:A2:FC:07:CF:81:39:25:20 ValiditySat, 14 Oct 2023 17:47:22 GMT - Fri, 12 Jan 2024 17:47:21 GMT File type ASCII text, with very long lines (26779), with no line terminators Size 21 kB (20620 bytes) Hash f0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e HTTP Headers GET /micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js HTTP/1.1 Host: facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zs1q3pdg9s.facevideosc.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:53 GMT content-type: application/javascript; charset=utf-8 last-modified: Mon, 31 Jul 2023 21:58:24 GMT vary: Accept-Encoding etag: W/"64c82e80-689b" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: HIT age: 1 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EYFmzLUV0WrSGicB2nNTSTC448hjHZGtXwrjoPhzzlhVlx4ZKrqr1QHbO%2FyjMTWhgUgSX7DZz%2Buzj2G80vaejpSJpak6n6rmENv58A0266D%2F10fruPGp77IlGndtStDAg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82da39404c13b4f4-OSL content-encoding: br X-Firefox-Spdy: h2

	6of6yyzp2o.facevideosc.com/favicon.ico	104.26.8.177		0 B
URL 6of6yyzp2o.facevideosc.com/favicon.ico IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /favicon.ico HTTP/1.1 Host: 6of6yyzp2o.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://6of6yyzp2o.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:54 GMT content-type: image/x-icon content-length: 0 last-modified: Tue, 28 Jun 2022 23:55:56 GMT etag: "62bb950c-0" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yeNFPhKzuMV8NLSi6M9ek%2F3DR2BxoyAnful52FzL%2BXs%2FvQ6VURiP0owFUgT8rrDsJZrVGXgRbfAORJLTzvaWwBVGoLW1se9%2BeHym7ak3jYdtYKxTZmF1jDjSaF7YKZ70Rj6htC0w8%2BkmONkw"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da3947fbf7b4f4-OSL X-Firefox-Spdy: h2

	6of6yyzp2o.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	104.26.8.177		3.9 kB
URL 6of6yyzp2o.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (12331) Size 3.9 kB (3886 bytes) Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 HTTP Headers GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 Host: 6of6yyzp2o.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://6of6yyzp2o.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:54 GMT content-type: application/javascript last-modified: Thu, 16 Nov 2023 21:55:48 GMT etag: W/"65568fe4-302c" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLSDSGNMl2aCs9im2chtpxcgIvbfgMdlHPHF5EwFyhC5FY6m4VWQ5sAfqaX3%2FmPLgZexWi0CeI%2B2X7%2FQKVH%2F85ubyMqS70mRn21Y64L6Gojo%2B77NFjN%2FtZLHEda%2BDRSiYP1x9hRXpjgNyYej"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da3947dbd9b4f4-OSL x-frame-options: DENY x-content-type-options: nosniff expires: Fri, 01 Dec 2023 10:38:54 GMT cache-control: max-age=172800, public content-encoding: gzip X-Firefox-Spdy: h2

	dqjp7c4ebk.facevideosc.com/favicon.ico	104.26.8.177		0 B
URL dqjp7c4ebk.facevideosc.com/favicon.ico IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /favicon.ico HTTP/1.1 Host: dqjp7c4ebk.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://dqjp7c4ebk.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:55 GMT content-type: image/x-icon content-length: 0 last-modified: Tue, 28 Jun 2022 23:55:56 GMT etag: "62bb950c-0" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpmxjuVaxJ2Buvo61iaCAi21eMvDW5BmxGobqr2lXOGfaSl0sv8vdxi80NTkXTYnGn74Yp%2B9hGveoRFSauB1sscIHMz6pva9RAbHMqAjFlf8uxLKIu%2BDWjJEI5ttGl0fe2F6Wfz%2ByteaOKu4"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da394a0e18b4f4-OSL X-Firefox-Spdy: h2

	facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js	104.26.8.177	200 OK	10 kB
URL GET HTTP/2 facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js IP 104.26.8.177:443 ASN #13335 CLOUDFLARENET Requested by https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Certificate IssuerGoogle Trust Services LLC Subjectfacevideosc.com Fingerprint30:0F:E4:7A:1A:BF:E3:85:C4:62:AF:85:A2:FC:07:CF:81:39:25:20 ValiditySat, 14 Oct 2023 17:47:22 GMT - Fri, 12 Jan 2024 17:47:21 GMT File type ASCII text, with very long lines (26779), with no line terminators Size 10 kB (10310 bytes) Hash f0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e HTTP Headers GET /micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js HTTP/1.1 Host: facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://dqjp7c4ebk.facevideosc.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:55 GMT content-type: application/javascript; charset=utf-8 last-modified: Mon, 31 Jul 2023 21:58:24 GMT vary: Accept-Encoding etag: W/"64c82e80-689b" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: HIT age: 3 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcewQqbZoRGqlM35W6wc7kMLu%2BO4iulIZ%2BJWxC6Feygt2mV%2FHhyefoVv%2FrlrRoWjbZXfbKoIG6ccKbZNGNy5z3AaZ8Bl4B03A05Ku2kmiCiETgghp8sk6nwUy5bTVd%2Bj1w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82da394a7e8ab4f4-OSL content-encoding: br X-Firefox-Spdy: h2

	e1gl2c0gio.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099	104.26.8.177		10 kB
URL e1gl2c0gio.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5374) Size 10 kB (10381 bytes) Hash dbd8115a33b6c9999e9bbfaba89d9cde 327be02437f592a342b0d9fd4758eb308f7d7128 4a68cce40a470cf4ae357a613a77f0bf7e0b836d9c97c29a367f659ef2a6ad6d HTTP Headers GET /error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 HTTP/1.1 Host: e1gl2c0gio.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://x3miqt40tc.facevideosc.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:53 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXldMxHPqxj07dzdFlh9bGeDGp1Lcq5yLfRuYb50JiWtGfPZMz%2F%2FQY%2Bbo1CgBhatlI0vtMvVJHfp%2B%2FUNN9eUDDtHBcIpYNylrcxdSC2EuEHkvJAEoNlaG0c74HUzfyD4yhIELN3%2F9D7V%2FHfh"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82da393d68f0b4f4-OSL content-encoding: br X-Firefox-Spdy: h2

	facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js	104.26.8.177	200 OK	10 kB
URL GET HTTP/2 facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js IP 104.26.8.177:443 ASN #13335 CLOUDFLARENET Requested by https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Certificate IssuerGoogle Trust Services LLC Subjectfacevideosc.com Fingerprint30:0F:E4:7A:1A:BF:E3:85:C4:62:AF:85:A2:FC:07:CF:81:39:25:20 ValiditySat, 14 Oct 2023 17:47:22 GMT - Fri, 12 Jan 2024 17:47:21 GMT File type ASCII text, with very long lines (26779), with no line terminators Size 10 kB (10310 bytes) Hash f0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e HTTP Headers GET /micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js HTTP/1.1 Host: facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ha5g7lugtc.facevideosc.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:55 GMT content-type: application/javascript; charset=utf-8 last-modified: Mon, 31 Jul 2023 21:58:24 GMT vary: Accept-Encoding etag: W/"64c82e80-689b" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: HIT age: 3 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAmbsEE%2FX0bP0d8gzPmlyZ6JQYcw1P0q0dYL%2FTUD6oY3dnmSBuVQN1qMY1DP34HE4nAsS7inxuIdjX2aygkbs7QoTxk5eu3VCJoT8vCXERewarpO%2BO1pivORwjG8oTaK2g%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82da394c689cb4f4-OSL content-encoding: br X-Firefox-Spdy: h2

	3bdm13eqjk.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	104.26.8.177		21 kB
URL 3bdm13eqjk.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type gzip compressed data, from Unix\012- data Size 21 kB (20762 bytes) Hash 6a39c270de228f99cb56326e1436848f 93e9b41f3e41b506dbc1e0b9fca764ed917a18eb 437c6eea04c24bcb5b9102f88ed697e0a7356f6b26a7997f95f6ab7363d457bf HTTP Headers GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 Host: 3bdm13eqjk.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://3bdm13eqjk.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:53 GMT content-type: application/javascript last-modified: Thu, 16 Nov 2023 21:55:48 GMT etag: W/"65568fe4-302c" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HLsOi7N0Ik7fkE7fXy6UtUcECttYDferOXFBukyut2ubzgcRr7nB1no45%2BH19zcnzY2HIHa6o%2BQ2POPiMHSY7cUoG%2F5i0wmgJ6O15lp5OkQKOdaMgNSLeSZqb5Shrgg8yRIMUETL1XY6eDB"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da39416d7fb4f4-OSL x-frame-options: DENY x-content-type-options: nosniff expires: Fri, 01 Dec 2023 10:38:53 GMT cache-control: max-age=172800, public content-encoding: gzip X-Firefox-Spdy: h2

	dqjp7c4ebk.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	104.26.8.177		14 kB
URL dqjp7c4ebk.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type gzip compressed data, from Unix\012- data Size 14 kB (14267 bytes) Hash e4870fdfdb4ca64abfe6082fe08d0b84 a2539079ad2e55f8c559337f350440fbe50a3cea 1a86b479ed2a67c61b010169d5495ab49a33eab9713f75ed8b7a8cb093243847 HTTP Headers GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 Host: dqjp7c4ebk.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://dqjp7c4ebk.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:55 GMT content-type: application/javascript last-modified: Thu, 16 Nov 2023 21:55:48 GMT etag: W/"65568fe4-302c" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kgriu%2ForznvPcXDL5AbKUCPzdpBwk4dzvedZn2RBBq8S6xW9FSepzEF%2FwXuhPnpSBDT4rF0ODNE4eg%2BnBm10Aizf9fChOCYcxB89YoWmc5BVW48ybHC%2BYqtfkrDMWgEn%2FgK4sU4VWHAD36Uv"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da3949de00b4f4-OSL x-frame-options: DENY x-content-type-options: nosniff expires: Fri, 01 Dec 2023 10:38:55 GMT cache-control: max-age=172800, public content-encoding: gzip X-Firefox-Spdy: h2

	facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js	104.26.8.177	200 OK	10 kB
URL GET HTTP/2 facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js IP 104.26.8.177:443 ASN #13335 CLOUDFLARENET Requested by https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Certificate IssuerGoogle Trust Services LLC Subjectfacevideosc.com Fingerprint30:0F:E4:7A:1A:BF:E3:85:C4:62:AF:85:A2:FC:07:CF:81:39:25:20 ValiditySat, 14 Oct 2023 17:47:22 GMT - Fri, 12 Jan 2024 17:47:21 GMT File type ASCII text, with very long lines (26779), with no line terminators Size 10 kB (10310 bytes) Hash f0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e HTTP Headers GET /micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js HTTP/1.1 Host: facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1h71io2y34.facevideosc.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:55 GMT content-type: application/javascript; charset=utf-8 last-modified: Mon, 31 Jul 2023 21:58:24 GMT vary: Accept-Encoding etag: W/"64c82e80-689b" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: HIT age: 3 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oYDskg%2BQ8%2Be143yZJNZyNpft4R%2B5HgUL1TahDkYWgZGjX%2FWpK%2Bg0A%2FiVg1LmE9WwnXdKu9q6ZjKL6u39LLTy%2FFfq%2FgBLNVQygI78Lo%2FR10URRFR174Cb03nkggG%2BDY7qA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82da394fdcc3b4f4-OSL content-encoding: br X-Firefox-Spdy: h2

	qdxamgipfk.facevideosc.com/favicon.ico	104.26.8.177		0 B
URL qdxamgipfk.facevideosc.com/favicon.ico IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /favicon.ico HTTP/1.1 Host: qdxamgipfk.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qdxamgipfk.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:56 GMT content-type: image/x-icon content-length: 0 last-modified: Tue, 28 Jun 2022 23:55:56 GMT etag: "62bb950c-0" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAz%2Fsw1ndoV0Wrh%2FLpgYyQ8Tr4%2FKCqeTBHt9fAnixxM5ieXNn7LsN4SzzyadnYaxKRMvt5Q8fFWU5ud4C6Ls7nNXSf2LM54nWzNRT%2FTfsNl90JQjK6guB%2FRLvEv0Sqx5d9o9ZyBJkoFy2l2b"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da39511e37b4f4-OSL X-Firefox-Spdy: h2

	facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js	104.26.8.177	200 OK	10 kB
URL GET HTTP/2 facevideosc.com/micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js IP 104.26.8.177:443 ASN #13335 CLOUDFLARENET Requested by https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Certificate IssuerGoogle Trust Services LLC Subjectfacevideosc.com Fingerprint30:0F:E4:7A:1A:BF:E3:85:C4:62:AF:85:A2:FC:07:CF:81:39:25:20 ValiditySat, 14 Oct 2023 17:47:22 GMT - Fri, 12 Jan 2024 17:47:21 GMT File type ASCII text, with very long lines (26779), with no line terminators Size 10 kB (10310 bytes) Hash f0a5429c5a76186434f263b62b3d2ef0 704d593487b8e6e35ff26d7b61e215eb52eb3593 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e HTTP Headers GET /micro.tag.min.js?z=5137789&cdn=1&ymid=e30f1q5xra2xigm6ff&var=2099&sw=/sw-check-permissions-local-5137789.js HTTP/1.1 Host: facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qdxamgipfk.facevideosc.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:56 GMT content-type: application/javascript; charset=utf-8 last-modified: Mon, 31 Jul 2023 21:58:24 GMT vary: Accept-Encoding etag: W/"64c82e80-689b" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: HIT age: 4 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kryvnYngIYzVAVxbb91VoKZ8uCg1VPvTyCF48OJD13rLWfRMXr3PATxIdGQHetxMKPL8LcKdmg658swkcME%2F4UHVUpgs5AiLyKonf1rcqSP1UBZ1Cc5V28xkSeGrBrZAQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82da39516ea1b4f4-OSL content-encoding: br X-Firefox-Spdy: h2

	6of6yyzp2o.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099	104.26.8.177		6.5 kB
URL 6of6yyzp2o.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5374) Size 6.5 kB (6494 bytes) Hash da4dadbfd5542bff90003cf023ee5abe 9ddefa1d26d5e101df54f211b9a32be590e84910 caa10bd3b612e76b1df2bf5945fb9701b44995eb195ba7a1cec8e7fc32d14079 HTTP Headers GET /error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 HTTP/1.1 Host: 6of6yyzp2o.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nxr5s19t5c.facevideosc.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:54 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vZall08QPg0NinU7wn2EJxM8E9FdoemO8wYYtYFNh8QDfY4UgTjyNUPgpOQfTsda2a5VfgYd7yPyHTyuj1xADhWaI4W4e5WuQ1FSfPuK7sitFygvgArlGZS3hEnYruTv%2F68Ob7wMrvvJqIW"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82da39474b6bb4f4-OSL content-encoding: br X-Firefox-Spdy: h2

	xfp0v2taww.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	104.26.8.177		14 kB
URL xfp0v2taww.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type gzip compressed data, from Unix\012- data Size 14 kB (14266 bytes) Hash dc5c357737c906b566d9b745690556f9 6ebbae38dd8319148f0af4adc9c83a41b307f81b c3e62bf9be31051d9de142589c68667881a35cb491b91b25378d13f3c80b35c7 HTTP Headers GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 Host: xfp0v2taww.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xfp0v2taww.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:56 GMT content-type: application/javascript last-modified: Thu, 16 Nov 2023 21:55:48 GMT etag: W/"65568fe4-302c" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvfG3CiUscaFmOBc67SW3OIDeNwZgelLQh2Xj2Lsrn6AwBOVgrelQsHAI%2FCbbeqcdPPmnlFtIy5Qo3Rni%2Bjs5j0XX3n0H5%2Ft6RznFnUPXqi0xmnVN7azf7Ik1BSVgHv3DpcRVDYaTvJawf2H"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da3952a865b4f4-OSL x-frame-options: DENY x-content-type-options: nosniff expires: Fri, 01 Dec 2023 10:38:56 GMT cache-control: max-age=172800, public content-encoding: gzip X-Firefox-Spdy: h2

	ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=t8euvp1740.facevideosc.com&var=2099&ymid=e30f1q5xra2xigm6ff&var_3=&var_4=&dsig=&action=prerequest	139.45.197.251		0 B
URL ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=t8euvp1740.facevideosc.com&var=2099&ymid=e30f1q5xra2xigm6ff&var_3=&var_4=&dsig=&action=prerequest IP 139.45.197.251:0 ASN #9002 RETN Limited File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=t8euvp1740.facevideosc.com&var=2099&ymid=e30f1q5xra2xigm6ff&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1 Host: ddtvskish.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://t8euvp1740.facevideosc.com DNT: 1 Connection: keep-alive Referer: https://t8euvp1740.facevideosc.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 TE: trailers `HTTP/2 200 OK server: nginx date: Wed, 29 Nov 2023 10:38:56 GMT content-length: 0 x-trace-id: d6b3467ed8fc4f906a6681ce5fd64062 access-control-allow-origin: https://t8euvp1740.facevideosc.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2`

	pv62xqijy8.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	104.26.8.177	200 OK	3.9 kB
URL GET HTTP/2 pv62xqijy8.facevideosc.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.26.8.177:443 ASN #13335 CLOUDFLARENET Requested by https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Certificate IssuerGoogle Trust Services LLC Subjectfacevideosc.com Fingerprint30:0F:E4:7A:1A:BF:E3:85:C4:62:AF:85:A2:FC:07:CF:81:39:25:20 ValiditySat, 14 Oct 2023 17:47:22 GMT - Fri, 12 Jan 2024 17:47:21 GMT File type ASCII text, with very long lines (12331) Size 3.9 kB (3886 bytes) Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 HTTP Headers GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 Host: pv62xqijy8.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:56 GMT content-type: application/javascript last-modified: Thu, 16 Nov 2023 21:55:48 GMT etag: W/"65568fe4-302c" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwXeQLSlTth4TjzBzQ3SmOWBmads9MFRznvzOqHUebU2cT%2BqI7sbDyYeYeXUEBDkOCqNbdU4XjHlxrifMMVS0IWd9OzlxWfQ2kI%2FI4uB%2F678Neq5sBIPipiIxRo3XGdiikZweq3B1opQe2Sh"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da39557b56b4f4-OSL x-frame-options: DENY x-content-type-options: nosniff expires: Fri, 01 Dec 2023 10:38:56 GMT cache-control: max-age=172800, public content-encoding: gzip X-Firefox-Spdy: h2

	qdxamgipfk.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099	104.26.8.177		17 kB
URL qdxamgipfk.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 IP 104.26.8.177:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5374) Size 17 kB (16805 bytes) Hash 8bf77743e021f33ef62e01fb259c9205 73f4925a4c4ff4c9e95bc758593d1c085a8ec86a 5019f71cf5a8cc60a775b83a314fceb5d3c2af5d6de67ee7b4c007db28a3c2e1 HTTP Headers GET /error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 HTTP/1.1 Host: qdxamgipfk.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1h71io2y34.facevideosc.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:56 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74D3D5WLdDKjEiFdrLIRv2fO%2Bk01i%2FiFkW8GctzsgvRXToieCmBdaHKV1VPTtpuRf%2Bac0lA3ClktQdrcSdy%2FJhTsKpy2Uvr8Zoc5RmWB58qa6swC3tQJ9GPSJhGcNM0CErML1bbXVojgSNZV"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82da39506d8cb4f4-OSL content-encoding: br X-Firefox-Spdy: h2

	ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=pv62xqijy8.facevideosc.com&var=2099&ymid=e30f1q5xra2xigm6ff&var_3=&var_4=&dsig=&action=prerequest	139.45.197.251	200 OK	0 B
URL POST HTTP/2 ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=pv62xqijy8.facevideosc.com&var=2099&ymid=e30f1q5xra2xigm6ff&var_3=&var_4=&dsig=&action=prerequest IP 139.45.197.251:443 ASN #9002 RETN Limited Requested by https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Certificate IssuerLet's Encrypt Subjectddtvskish.com Fingerprint11:D2:BB:C4:17:FE:21:D6:C4:AC:61:0D:92:1D:5A:3A:8E:67:4D:01 ValidityThu, 07 Sep 2023 04:50:38 GMT - Wed, 06 Dec 2023 04:50:37 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=pv62xqijy8.facevideosc.com&var=2099&ymid=e30f1q5xra2xigm6ff&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1 Host: ddtvskish.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://pv62xqijy8.facevideosc.com DNT: 1 Connection: keep-alive Referer: https://pv62xqijy8.facevideosc.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 200 OK server: nginx date: Wed, 29 Nov 2023 10:38:57 GMT content-length: 0 x-trace-id: 84033b41910c2715f9adc4515ebf03d9 access-control-allow-origin: https://pv62xqijy8.facevideosc.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2`

	pv62xqijy8.facevideosc.com/favicon.ico	104.26.8.177	200 OK	0 B
URL GET HTTP/2 pv62xqijy8.facevideosc.com/favicon.ico IP 104.26.8.177:443 ASN #13335 CLOUDFLARENET Requested by https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Certificate IssuerGoogle Trust Services LLC Subjectfacevideosc.com Fingerprint30:0F:E4:7A:1A:BF:E3:85:C4:62:AF:85:A2:FC:07:CF:81:39:25:20 ValiditySat, 14 Oct 2023 17:47:22 GMT - Fri, 12 Jan 2024 17:47:21 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: pv62xqijy8.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:56 GMT content-type: image/x-icon content-length: 0 last-modified: Tue, 28 Jun 2022 23:55:56 GMT etag: "62bb950c-0" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLN9FkR4l2Ui9ih0wkebWGBS5nZJZcZxbUyr7d2sPV6nbUkxzVkJ%2FOzzAMAa7YvrdcafWL9wbgtw%2Ff95XsD6KBI%2F7wTAATiHjK0l1uevF4vJLEo7TXxUOpnhoGhCYJiaBfxRqaVc06DaX2u1"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da39559b65b4f4-OSL X-Firefox-Spdy: h2

	pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099	104.26.8.177	200 OK	17 kB
URL User Request GET HTTP/2 pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 IP 104.26.8.177:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectfacevideosc.com Fingerprint30:0F:E4:7A:1A:BF:E3:85:C4:62:AF:85:A2:FC:07:CF:81:39:25:20 ValiditySat, 14 Oct 2023 17:47:22 GMT - Fri, 12 Jan 2024 17:47:21 GMT File type Size 17 kB (16788 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 HTTP/1.1 Host: pv62xqijy8.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://t8euvp1740.facevideosc.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:56 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FNOONRjLRyQQGDiu86buqtn4qYiv%2B6MipDO7klrTipOocKKu3pCgdL9LvB2Uq4M1e6cc0sTZ8KjbkWiPxgBS%2Bxd2F0d8T6Mg02W9s%2BjzFImQqhKvCNsEbVgsTodBehoIIlhSE0UKe8iK6dB"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82da3954dabbb4f4-OSL content-encoding: br X-Firefox-Spdy: h2

	pv62xqijy8.facevideosc.com/sw-check-permissions-local-5137789.js?var=2099&ymid=e30f1q5xra2xigm6ff	104.26.8.177	200 OK	543 B
URL GET HTTP/2 pv62xqijy8.facevideosc.com/sw-check-permissions-local-5137789.js?var=2099&ymid=e30f1q5xra2xigm6ff IP 104.26.8.177:443 ASN #13335 CLOUDFLARENET Requested by https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Certificate IssuerGoogle Trust Services LLC Subjectfacevideosc.com Fingerprint30:0F:E4:7A:1A:BF:E3:85:C4:62:AF:85:A2:FC:07:CF:81:39:25:20 ValiditySat, 14 Oct 2023 17:47:22 GMT - Fri, 12 Jan 2024 17:47:21 GMT File type ASCII text, with very long lines (607), with no line terminators Size 543 B (543 bytes) Hash d71660548537fcfb3b4500533f39cc61 e30e9600147755e98b36fa5f15f11161e69c2451 1be091c5a86f4c3954bb738afc437ea3a76e236e0311c2a0bc9a1a9287d47579 HTTP Headers GET /sw-check-permissions-local-5137789.js?var=2099&ymid=e30f1q5xra2xigm6ff HTTP/1.1 Host: pv62xqijy8.facevideosc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Moz: prefetch DNT: 1 Connection: keep-alive Referer: https://pv62xqijy8.facevideosc.com/error_301.php?cnv_id=e30f1q5xra2xigm6ff&sourceid=2099 Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 29 Nov 2023 10:38:57 GMT content-type: application/javascript; charset=utf-8 last-modified: Tue, 28 Jun 2022 23:05:31 GMT etag: W/"62bb893b-21f" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNsM2ElgYwr4rr3OKH6eLNG8xA%2B%2F4LK65Ssz5m4jYdzn5PP%2FdUjC207LRSh0IGQJCxNWDyJwmdnyFSPNzHAg%2BJqHyB5xQebJQWZ%2FoaCBH88EWJ9f6xXp8lwN6IaR3CZFq1%2Bzt4qEAgq5Zo81"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82da39561bccb4f4-OSL content-encoding: br X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (33)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL