Report - tapeadvertisement.com/e/aoBMB3PwDbFxryM/

Report Overview

Submitted URL
tapeadvertisement.com/e/aoBMB3PwDbFxryM/
IP
104.21.34.152
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 12:18:23
Access
public
Website Title
Streamtape.com
Final URL
tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
forhavingartistic.info	unknown	2024-03-31	2024-05-09	2024-05-09	1.1 kB	1.1 kB	188.114.97.1
yonatallcolum.info	unknown	unknown	No data	No data	984 B	1.8 kB	108.157.229.42
accounts.google.com	81	1997-09-15	2016-03-20	2024-05-09	3.8 kB	22 kB	74.125.131.84
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	461 B	1.4 kB	142.250.74.132
yy.puffexies.com	unknown	2024-04-23	2024-04-30	2024-05-03	414 B	1.5 kB	23.109.170.98
d3v3bqdndm4erx.cloudfront.net	unknown	2008-04-25	2020-12-12	2023-12-03	1.8 kB	71 kB	54.230.241.36
imasdk.googleapis.com	11661	2005-01-25	2014-10-30	2024-05-09	422 B	142 kB	142.250.74.170
o.pki.goog	unknown	2016-06-13	2024-04-24	2024-05-09	650 B	1.4 kB	142.250.74.99
tapeadvertisement.com	unknown	2024-03-22	2024-03-22	2024-03-23	3.3 kB	522 kB	104.21.34.152
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-10	492 B	205 kB	142.250.74.35
pogothere.xyz	unknown	2022-08-22	2022-09-04	2024-05-09	872 B	104 kB	188.114.97.1
acscdn.com	93608	2020-05-05	2020-05-06	2024-05-08	1.2 kB	299 kB	188.114.97.1
thumb.tapecontent.net	98256	2020-01-18	2020-04-26	2024-04-30	464 B	124 kB	104.21.235.147
getrunkhomuto.info	unknown	2024-03-31	2024-03-31	2024-05-09	966 B	1.8 kB	52.85.243.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	tapeadvertisement.com	Sinkholed
2024-05-10	medium	puffexies.com	Sinkholed
2024-05-10	medium	tapeadvertisement.com	Sinkholed
2024-05-10	medium	tapeadvertisement.com	Sinkholed
2024-05-10	medium	tapeadvertisement.com	Sinkholed
2024-05-10	medium	tapeadvertisement.com	Sinkholed
2024-05-10	medium	tapeadvertisement.com	Sinkholed
2024-05-10	medium	tapeadvertisement.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	d3v3bqdndm4erx.cloudfront.net/?dqbvd=869267	210 kB	2024-05-10	2024-05-10
Pretty URL d3v3bqdndm4erx.cloudfront.net/?dqbvd=869267 IP 54.230.241.36 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 14:18:30 Last Seen2024-05-10 14:18:30 Times Seen2 Hash 1f3d40cdaf3387eba27cc53a22f24bc3 b5d95867156f7c5f9b4b59415d8f43fcf1ce0aab 992cfc2706d98ee39b3b35d5a1307892a81d1884a570189b47ad4aae7bbd28a9 Loading...

	tapeadvertisement.com/e/aoBMB3PwDbFxryM/	183 kB	2024-05-10	2024-05-10
Pretty URL tapeadvertisement.com/e/aoBMB3PwDbFxryM/ IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 14:18:30 Last Seen2024-05-10 14:18:30 Times Seen1 Hash 3a11eca26717d087bde323b8836ed756 ec3a8e6d587db66133bce80122b628c29308e788 33501cc70d84e504bef71d966f7d350d6cb9a0562b3796f7d15f637b778defff Loading...

	tapeadvertisement.com/e/aoBMB3PwDbFxryM/	287 B	2024-05-10	2024-05-10
Pretty URL tapeadvertisement.com/e/aoBMB3PwDbFxryM/ IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 14:18:30 Last Seen2024-05-10 14:18:30 Times Seen1 Hash 9c0998de63121d6b2b1306e94024911c 7e2409d4f76e0e5dcb5514284236f67f01198a9d c7775d80df26df31d6fa831a6a8954e848d859535d0afa16509b5292293c3dab Loading...

	unknown	37 B	2023-04-11	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-05-20 23:49:07 Times Seen238932 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	tapeadvertisement.com/js/player.ec3b7e.js	148 kB	2023-03-07	2024-05-20
Pretty URL tapeadvertisement.com/js/player.ec3b7e.js IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-20 13:05:15 Times Seen507 Hash 1781a0087c11152a2361ca6c84b13fab 87360f858b201c3e28f4af24b2fc7c2d8a8d0232 00c57c8b0121e3c2154bc0c181a5c01ad10550648cc4835a62dc887d5427c656 Loading...

	acscdn.com/script/aclib.js	126 kB	2024-04-29	2024-05-15
Pretty URL acscdn.com/script/aclib.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-29 17:52:36 Last Seen2024-05-15 10:52:57 Times Seen152 Hash 4c2179a619c355d4c2eca1a64f6f3f07 b274e397844067fef7f1ee62031cf1c03d7d0343 23847115b160f47704649f2f6bb3347e31b53c12089d504d98303c18856bc58a Loading...

	tapeadvertisement.com/e/aoBMB3PwDbFxryM/	207 B	2023-03-07	2024-05-20
Pretty URL tapeadvertisement.com/e/aoBMB3PwDbFxryM/ IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-20 13:05:15 Times Seen262 Hash 326bf869435fdfd3d3e2b6ae92504faa d8f389560a57eebe30e47336c04d60bb0f78642c 02dfbc5561a44e0bd21e3eaa85c620c2d76658781f136705c7c2e91a715e87f9 Loading...

	yonatallcolum.info/a3Y1ZVMKFFYIbApLV0MmGRoIQGEtUwcjN1gABgciDxhRCGcOBE1LMAcZQAE1GRlbEX0FE0FAYS1OVg43GyRZJAEgN1YCMRwvQCELHwZkPR0KFWIzBiUORg8dAE5PJhcyR3AcHg0/TCwUJx5aDwM5FUUtBAwMfTYjOzp2KDcgJFlSFTgjezUAUxd/JmcAOGYNBiYOeAwxPjxdJwAIUwcnFTMGZSwpXyRQCTsMO2c8Pz0+f1cRARVyKQRbMXsnawQ5TQogKTJgUQUvP3wAKVsSZTQSGiZ3Kzo8AXcJCyMSeAEUKRdlVDtYEmAgFT8+ZwIbAkJ9KCoDLlEzfgBTBycyLidsPWAhR2Q0BSYSciQSJiNNVBY+Ak03YDFDY1YFMT9hMAEnN28PCgEkBDILDxFkCwkxEgYzEg8BDRMaAxVdJzleR2QkFToVfVAQMiRNUgo6UF8WPAUGCCAEISJcLwUCO0Yd	3.0 kB	2024-05-10	2024-05-10
Pretty URL yonatallcolum.info/a3Y1ZVMKFFYIbApLV0MmGRoIQGEtUwcjN1gABgciDxhRCGcOBE1LMAcZQAE1GRlbEX0FE0FAYS1OVg43GyRZJAEgN1YCMRwvQCELHwZkPR0KFWIzBiUORg8dAE5PJhcyR3AcHg0/TCwUJx5aDwM5FUUtBAwMfTYjOzp2KDcgJFlSFTgjezUAUxd/JmcAOGYNBiYOeAwxPjxdJwAIUwcnFTMGZSwpXyRQCTsMO2c8Pz0+f1cRARVyKQRbMXsnawQ5TQogKTJgUQUvP3wAKVsSZTQSGiZ3Kzo8AXcJCyMSeAEUKRdlVDtYEmAgFT8+ZwIbAkJ9KCoDLlEzfgBTBycyLidsPWAhR2Q0BSYSciQSJiNNVBY+Ak03YDFDY1YFMT9hMAEnN28PCgEkBDILDxFkCwkxEgYzEg8BDRMaAxVdJzleR2QkFToVfVAQMiRNUgo6UF8WPAUGCCAEISJcLwUCO0Yd IP 108.157.229.42 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 14:18:30 Last Seen2024-05-10 14:18:30 Times Seen1 Hash 9dc946a45c78f292a8cb3d66a956420d d8c2dd5d8f1cc73f6edc5fbaf28deff5d810ee18 3ad6673c67a0ec9c83116e7bf5bdb28e16f64919f46cbb2c9a780420c47cb870 Loading...

	tapeadvertisement.com/adgpt.js	20 B	2023-03-07	2024-05-20
Pretty URL tapeadvertisement.com/adgpt.js IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-20 13:05:15 Times Seen707 Hash 69a305bcdc8e061bbd43294a477a3678 506582a1d912d546f5942d95ffae95ec7f4c37ce 8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa Loading...

	tapeadvertisement.com/e/aoBMB3PwDbFxryM/	176 B	2023-03-07	2024-05-20
Pretty URL tapeadvertisement.com/e/aoBMB3PwDbFxryM/ IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-20 13:05:15 Times Seen264 Hash 41cc58e5da3a06326891b8646afc7548 a4a725eadb523ca5dee8b3a9a411357a8ed33976 ecbb8b7b69fb79c8909082c10e5d79f11b280d9a089cfde1b89f08f8364d25af Loading...

	tapeadvertisement.com/e/aoBMB3PwDbFxryM/	773 B	2024-05-10	2024-05-10
Pretty URL tapeadvertisement.com/e/aoBMB3PwDbFxryM/ IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 14:18:30 Last Seen2024-05-10 14:18:30 Times Seen1 Hash 8f12b246d9d82377fa2a2b32827dcea9 2bd726e78875b49c50728e25b1dd196115403a15 11ea4923df1f45cc38ef16bff9f673be26f14b6303d8ff818ce83cc9a68e945d Loading...

	unknown	79 B	2023-04-11	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-05-20 23:49:07 Times Seen126828 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	d3v3bqdndm4erx.cloudfront.net/8ckdpRlARKAcgbwYuDXtpQXNacWVUNxsjNk8zCDY1EyMfIyIGLhojPRcpHWgzHSpPLCMdKRl7FSUNPS8aJC4kNShUMxMibUJhBSc+FXpPIz4RelhgMRYlVHJ2BjcGLW0GNB8oOxosBDU4VDIIez0dPQAqPBNiWwBlXHdMdGBaP1h3dUEFTHRgHi4HMyhXdV-k+aEQYX3J1QQVMdGAAMUx1EUtxR3Z5V3VZITURLAZjYjR1WXdgQnZZd3VAdw8vIhchBj51QAFQcH5CYRx7YQ	731 B	2024-05-10	2024-05-10
Pretty URL d3v3bqdndm4erx.cloudfront.net/8ckdpRlARKAcgbwYuDXtpQXNacWVUNxsjNk8zCDY1EyMfIyIGLhojPRcpHWgzHSpPLCMdKRl7FSUNPS8aJC4kNShUMxMibUJhBSc+FXpPIz4RelhgMRYlVHJ2BjcGLW0GNB8oOxosBDU4VDIIez0dPQAqPBNiWwBlXHdMdGBaP1h3dUEFTHRgHi4HMyhXdV-k+aEQYX3J1QQVMdGAAMUx1EUtxR3Z5V3VZITURLAZjYjR1WXdgQnZZd3VAdw8vIhchBj51QAFQcH5CYRx7YQ IP 54.230.241.36 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 14:18:30 Last Seen2024-05-10 14:18:30 Times Seen2 Hash b5601bfda8917982517518b6477808a7 17768abc8c885fd7dcef2a55c7b8ea94b22d3677 7cd32931b099ce442a4a8b942bc22be6d9d99c28c668b9bf33f8900aed08aa78 Loading...

	d3v3bqdndm4erx.cloudfront.net/HWEFNU3c7LiM1SCwoKW5Oa3N7ZUR+MT82EWU1LCMSOSU7NgUsKD42Gj0vOX0UNyxrOQQ3Lz1uIgxxLjs0HQV8ax5+NTc3SmhnITIZP3xrNhk7fHx1FjwjcGdRLSBwPhgiKCE/Fn1zC2ZZaGR/Y18gcHx2RBpkf2MbMS84K1JqcTVrQQd3eXZEGmR/YwUuZH-4STm5vfXpSanEqNhQzLmhhMWpxfGNHaXF8dkVoJyQhEj4uNXZFHnh7fUd+NHBi	199 B	2024-05-10	2024-05-10
Pretty URL d3v3bqdndm4erx.cloudfront.net/HWEFNU3c7LiM1SCwoKW5Oa3N7ZUR+MT82EWU1LCMSOSU7NgUsKD42Gj0vOX0UNyxrOQQ3Lz1uIgxxLjs0HQV8ax5+NTc3SmhnITIZP3xrNhk7fHx1FjwjcGdRLSBwPhgiKCE/Fn1zC2ZZaGR/Y18gcHx2RBpkf2MbMS84K1JqcTVrQQd3eXZEGmR/YwUuZH-4STm5vfXpSanEqNhQzLmhhMWpxfGNHaXF8dkVoJyQhEj4uNXZFHnh7fUd+NHBi IP 54.230.241.36 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 14:18:30 Last Seen2024-05-10 14:18:30 Times Seen2 Hash d39ef5df7ea4338f25030ad0430273ae 2edc45ec381350ab1f66c61a8f2bafd06722a115 4f842aca7286c2ef7cde496983c4ca73363308f0fcb09e13c39bdc62750c01bc Loading...

	tapeadvertisement.com/js/jquery.min.js	88 kB	2023-03-07	2024-05-20
Pretty URL tapeadvertisement.com/js/jquery.min.js IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-20 23:27:23 Times Seen99255 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	tapeadvertisement.com/e/aoBMB3PwDbFxryM/	54 B	2023-03-07	2024-05-20
Pretty URL tapeadvertisement.com/e/aoBMB3PwDbFxryM/ IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-20 13:05:15 Times Seen261 Hash 2823d7b7a22610d80a99e65878e70ae8 545e80f2fabeb1eb49cebb7088635dcc4a867d44 36c7a0369978008d36a90e0e62177759df257606497bcef68e3a0f5b30c65c97 Loading...

	tapeadvertisement.com/e/aoBMB3PwDbFxryM/	370 B	2023-03-07	2024-05-20
Pretty URL tapeadvertisement.com/e/aoBMB3PwDbFxryM/ IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-20 13:05:15 Times Seen261 Hash 0b3f8544e15a29c2a15dc1af98210a68 ac09e6ba1b671420fc8dcf45dad1d49353f7d5e4 8b6b4924d58cb7afa649222900dcb4b470e9a45c4ce55265d3fa980cb5c8e34c Loading...

	tapeadvertisement.com/e/aoBMB3PwDbFxryM/	105 B	2024-02-16	2024-05-15
Pretty URL tapeadvertisement.com/e/aoBMB3PwDbFxryM/ IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-16 23:12:08 Last Seen2024-05-15 22:13:19 Times Seen50 Hash d986a9f30acb72cb5aa9c5ee0d6bc9ad 6fae9ad1036fdbe06c8ae35450d48dfa5206f504 a8533afad19e78d5d99bcd855bc02ca2df98e1d868ac26f6c766d7b243d79a85 Loading...

	tapeadvertisement.com/e/aoBMB3PwDbFxryM/	4.9 kB	2023-10-21	2024-05-20
Pretty URL tapeadvertisement.com/e/aoBMB3PwDbFxryM/ IP 104.21.34.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-21 08:54:01 Last Seen2024-05-20 13:05:15 Times Seen271 Hash 991e31d1267d98ff019b705a3d148ae4 ce26bf1efabcfe070f058fbef107ebadbd1d8d40 aeb0b57af128c03be119c7203f7a81fb63705ded005926bf8ee2485f75f31aac Loading...

	www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs	884 B	2024-05-08	2024-05-16
Pretty URL www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 00:24:03 Last Seen2024-05-16 10:13:42 Times Seen93 Hash f7b645333519804d7f74a27c302625b7 1ace6263091021a2b24f592c1feb28d1a9d14135 c3634f121a6016566670d5306f783954ffab343554d2563010a78e68826a89a0 Loading...

	unknown	34 B	2023-04-11	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16:40 Last Seen2024-05-20 22:14:02 Times Seen77811 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	getrunkhomuto.info/NjhJYVNXWioMbFcFK0cmRFR0RGFwHXsnNwVOegMiUlYtDGdTSjFPMFpXPAU1RFcnFX1YXT1EYXBwHiQVeG16AmR6UQRQAHVPJioEA3coUh0BYhwzdgR6BDVrBH0eNGJ6ewQyHGVtfi80Y0sCJWcEfyNRJXlgeTQdT0A7LgJnCwUbYkNxLhkrelI6URtnbnEAKwMdeyMdYlt6Mj5eVgA1GmxoehkheFAiVjV+QHgnOUFSKiY3ZHQaIyRmUC4IGHV9bFMVcFZ4GxAEYhMAFGQdeycKBwAuAhtOChsjI11eeywxe2txVRgHcjgCB2BKGDA3BV0ROxZxVRtEYXBhPjQmbHBkVQBiVXwXNW5IGgA9c0kHCQJMdCQJO3tvORk1cXYBAAtwAC0KBVlyMDA7c1J9FB1uYg8pPV4PLzQ3EwoLLxt0UW8LIFlWOVwGYggqCRBzfHhZOg	3.0 kB	2024-05-10	2024-05-10
Pretty URL getrunkhomuto.info/NjhJYVNXWioMbFcFK0cmRFR0RGFwHXsnNwVOegMiUlYtDGdTSjFPMFpXPAU1RFcnFX1YXT1EYXBwHiQVeG16AmR6UQRQAHVPJioEA3coUh0BYhwzdgR6BDVrBH0eNGJ6ewQyHGVtfi80Y0sCJWcEfyNRJXlgeTQdT0A7LgJnCwUbYkNxLhkrelI6URtnbnEAKwMdeyMdYlt6Mj5eVgA1GmxoehkheFAiVjV+QHgnOUFSKiY3ZHQaIyRmUC4IGHV9bFMVcFZ4GxAEYhMAFGQdeycKBwAuAhtOChsjI11eeywxe2txVRgHcjgCB2BKGDA3BV0ROxZxVRtEYXBhPjQmbHBkVQBiVXwXNW5IGgA9c0kHCQJMdCQJO3tvORk1cXYBAAtwAC0KBVlyMDA7c1J9FB1uYg8pPV4PLzQ3EwoLLxt0UW8LIFlWOVwGYggqCRBzfHhZOg IP 52.85.243.10 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 14:18:30 Last Seen2024-05-10 14:18:30 Times Seen1 Hash 5249b72f970bd72ae4514c5741907ddc e6559986530865ad96263ba43aad372de3516c0c a03740841a77be8743975e8e560b4e79758df4ae0e3ac08eec0075a42aea3e2a Loading...

		Size	First Seen	Last Seen
	#1 Write - e1f1c9f54666acb1650465e150d3df1b	44 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-20 13:05:15 Times Seen262 Hash e1f1c9f54666acb1650465e150d3df1b 6b7251286fa476ae4e0985f8067cc76006a7cf89 490fbee07295a40ddaf64abd25076eb54cd926777e2b307c8a7c537d62f95ec9 Loading...

HTTP Transactions (32)

URL IP Response Size

tapeadvertisement.com/adgpt.js

104.21.34.152

200 OK

20 B

URL GET HTTP/3
tapeadvertisement.com/adgpt.js
IP
104.21.34.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerLet's Encrypt
Subjecttapeadvertisement.com
Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08
ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT

File type
ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
69a305bcdc8e061bbd43294a477a3678
506582a1d912d546f5942d95ffae95ec7f4c37ce
8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /adgpt.js HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Cookie: _b=kube15
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 12:17:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 20
last-modified: Tue, 28 Mar 2023 18:04:25 GMT
etag: "64232c29-14"
cache-control: max-age=432000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dGP9DVnmxk%2BNN1NctyOFey4PptUOjl2WwV2PMxnd1UiAqY%2FkiWTSBfq00TrVmZpwY1Q7cHzbeVGPit%2Byq1julY%2FqSupp0w8zR3fePYIzhvjVh3R%2FwcyUBwCwdvSzKg1%2FbEuqNuTx8z0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819de7bde300b69-OSL
alt-svc: h3=":443"; ma=86400

thumb.tapecontent.net/thumb/aoBMB3PwDbFxryM/plzdzqB2blFr98a.jpg

104.21.235.147

200 OK

123 kB

URL GET HTTP/2
thumb.tapecontent.net/thumb/aoBMB3PwDbFxryM/plzdzqB2blFr98a.jpg
IP
104.21.235.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services LLC
Subjecttapecontent.net
Fingerprint0D:92:96:2E:BC:7A:10:2B:6D:A4:39:25:87:DD:4B:F9:C6:47:0A:5E
ValidityMon, 15 Apr 2024 06:57:29 GMT - Sun, 14 Jul 2024 06:57:28 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1280x720, components 3
Size
123 kB (123007 bytes)
Hash
a6f6455a3a63bc05c8a611a15d972919
956d030f1d814e50691b91b5865b2079d69235c8
9483524f478a0f63c575652bac1c29d52e71af43ec3aade40e021b01363300dd

HTTP Headers

GET /thumb/aoBMB3PwDbFxryM/plzdzqB2blFr98a.jpg HTTP/1.1
Host: thumb.tapecontent.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 12:17:57 GMT
content-type: image/jpeg
content-length: 123007
last-modified: Sat, 23 Mar 2024 16:39:27 GMT
etag: b1beb9fe33e4
access-control-allow-origin: *
allow: OPTIONS, GET, HEAD, POST
access-control-allow-headers: Upgrade-Insecure-Requests,Range,Content-Type,If-Modified-Since
access-control-expose-headers: ETag,Expires,Location,Content-Length,Accept-Ranges,Content-Encoding,Content-Range
content-disposition: inline; filename="plzdzqB2blFr98a.jpg"
cache-control: public, max-age=259200
expires: Sat, 11 May 2024 03:04:42 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0u6Y5gRDgcYNmDywJ53fj3xx3354TXLy2urKS7Eiu1aXr%2FzN4IIHBaHi84B88RpTw3AvAAdtcdmgE0YnjBHSzpeezXLIXU0vROQQrdlBjiCVQMyY2B5Ppw2kDrHpdaahcpYr%2FAk%2FzuI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819de7cbfb9240f-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

d3v3bqdndm4erx.cloudfront.net/?dqbvd=869267

54.230.241.36

200 OK

69 kB

URL GET HTTP/2
d3v3bqdndm4erx.cloudfront.net/?dqbvd=869267
IP
54.230.241.36:443
ASN
#16509 AMAZON-02

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (15945)
Size
69 kB (69283 bytes)
Hash
1f3d40cdaf3387eba27cc53a22f24bc3
b5d95867156f7c5f9b4b59415d8f43fcf1ce0aab
992cfc2706d98ee39b3b35d5a1307892a81d1884a570189b47ad4aae7bbd28a9

HTTP Headers

GET /?dqbvd=869267 HTTP/1.1
Host: d3v3bqdndm4erx.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 69283
date: Fri, 10 May 2024 12:17:57 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dfsV9lrMUavveTtvy3p6NjaLQJjcBjdDHX6L0JwCZUz5k27--1E3pg==
X-Firefox-Spdy: h2

yy.puffexies.com/gPOkVLDriGo/58191

23.109.170.98

200 OK

26 B

URL GET HTTP/1.1
yy.puffexies.com/gPOkVLDriGo/58191
IP
23.109.170.98:443
ASN
#7979 SERVERS-COM

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerLet's Encrypt
Subjectyy.puffexies.com
FingerprintB6:80:F5:60:69:79:02:37:A5:DF:8B:13:16:0A:AD:92:C1:9F:42:3A
ValidityTue, 23 Apr 2024 06:37:04 GMT - Mon, 22 Jul 2024 06:37:03 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
4fc71bf68a1d477bd1523733e34d1e90
15119105cffbe108b6cf290146ab02c9aa8517ba
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gPOkVLDriGo/58191 HTTP/1.1
Host: yy.puffexies.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 12:17:57 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://tapeadvertisement.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 11-May-2024 12:17:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 11-May-2024 12:17:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

forhavingartistic.info/eHJqZTdXTQkWCi4mLClmFQoEJFkUQTIiYjAUWTNUITMkHFJJSkwRXhxPU1YDS0VfQ0cRFldUEQsGCxFCC09bQ14WFAVYEQ5PW0sETFxZUxlMVB9YBl4GGgRQRUNMFUMMHldUAElHWVEETEVdUAZJ

188.114.97.1

204 No Content

0 B

URL GET HTTP/2
forhavingartistic.info/eHJqZTdXTQkWCi4mLClmFQoEJFkUQTIiYjAUWTNUITMkHFJJSkwRXhxPU1YDS0VfQ0cRFldUEQsGCxFCC09bQ14WFAVYEQ5PW0sETFxZUxlMVB9YBl4GGgRQRUNMFUMMHldUAElHWVEETEVdUAZJ
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services LLC
Subjectforhavingartistic.info
Fingerprint99:C4:40:7A:4F:8D:B3:1C:81:58:9B:CB:06:76:D8:05:9B:30:0E:F6
ValidityMon, 01 Apr 2024 07:04:42 GMT - Sun, 30 Jun 2024 07:04:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /eHJqZTdXTQkWCi4mLClmFQoEJFkUQTIiYjAUWTNUITMkHFJJSkwRXhxPU1YDS0VfQ0cRFldUEQsGCxFCC09bQ14WFAVYEQ5PW0sETFxZUxlMVB9YBl4GGgRQRUNMFUMMHldUAElHWVEETEVdUAZJ HTTP/1.1
Host: forhavingartistic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 10 May 2024 12:17:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OvfsAe%2FS3IN3%2F9DzsddxWt%2BfaaC3ewJriDk%2Bhj1OGcwJkzk00krRNtbXA5PzeVi2f%2BmghStkJqeXZbwrQFb7%2BVvS1d5veIapVkRNMrX55MWxtoRISVlkG713Hrg3vDWbbLgDDzscFSeb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8819de7f38760afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

yonatallcolum.info/a3Y1ZVMKFFYIbApLV0MmGRoIQGEtUwcjN1gABgciDxhRCGcOBE1LMAcZQAE1GRlbEX0FE0FAYS1OVg43GyRZJAEgN1YCMRwvQCELHwZkPR0KFWIzBiUORg8dAE5PJhcyR3AcHg0/TCwUJx5aDwM5FUUtBAwMfTYjOzp2KDcgJFlSFTgjezUAUxd/JmcAOGYNBiYOeAwxPjxdJwAIUwcnFTMGZSwpXyRQCTsMO2c8Pz0+f1cRARVyKQRbMXsnawQ5TQogKTJgUQUvP3wAKVsSZTQSGiZ3Kzo8AXcJCyMSeAEUKRdlVDtYEmAgFT8+ZwIbAkJ9KCoDLlEzfgBTBycyLidsPWAhR2Q0BSYSciQSJiNNVBY+Ak03YDFDY1YFMT9hMAEnN28PCgEkBDILDxFkCwkxEgYzEg8BDRMaAxVdJzleR2QkFToVfVAQMiRNUgo6UF8WPAUGCCAEISJcLwUCO0Yd

108.157.229.42

200 OK

1.2 kB

URL GET HTTP/2
yonatallcolum.info/a3Y1ZVMKFFYIbApLV0MmGRoIQGEtUwcjN1gABgciDxhRCGcOBE1LMAcZQAE1GRlbEX0FE0FAYS1OVg43GyRZJAEgN1YCMRwvQCELHwZkPR0KFWIzBiUORg8dAE5PJhcyR3AcHg0/TCwUJx5aDwM5FUUtBAwMfTYjOzp2KDcgJFlSFTgjezUAUxd/JmcAOGYNBiYOeAwxPjxdJwAIUwcnFTMGZSwpXyRQCTsMO2c8Pz0+f1cRARVyKQRbMXsnawQ5TQogKTJgUQUvP3wAKVsSZTQSGiZ3Kzo8AXcJCyMSeAEUKRdlVDtYEmAgFT8+ZwIbAkJ9KCoDLlEzfgBTBycyLidsPWAhR2Q0BSYSciQSJiNNVBY+Ak03YDFDY1YFMT9hMAEnN28PCgEkBDILDxFkCwkxEgYzEg8BDRMaAxVdJzleR2QkFToVfVAQMiRNUgo6UF8WPAUGCCAEISJcLwUCO0Yd
IP
108.157.229.42:443
ASN
#16509 AMAZON-02

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerAmazon
Subjectyonatallcolum.info
Fingerprint61:AF:8C:AB:69:57:8C:1C:85:43:ED:04:B6:FC:74:7F:F7:94:9E:7B
ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3052), with no line terminators
Size
1.2 kB (1205 bytes)
Hash
b560d72ef449a7eeeeee48224f7c122b
5f72d1f0938950945007e07d582694f9486586a6
e4c981cc029ab025efc49fff8f0d2da90b9f9263f267f29962320ec4a9f3e407

HTTP Headers

GET /a3Y1ZVMKFFYIbApLV0MmGRoIQGEtUwcjN1gABgciDxhRCGcOBE1LMAcZQAE1GRlbEX0FE0FAYS1OVg43GyRZJAEgN1YCMRwvQCELHwZkPR0KFWIzBiUORg8dAE5PJhcyR3AcHg0/TCwUJx5aDwM5FUUtBAwMfTYjOzp2KDcgJFlSFTgjezUAUxd/JmcAOGYNBiYOeAwxPjxdJwAIUwcnFTMGZSwpXyRQCTsMO2c8Pz0+f1cRARVyKQRbMXsnawQ5TQogKTJgUQUvP3wAKVsSZTQSGiZ3Kzo8AXcJCyMSeAEUKRdlVDtYEmAgFT8+ZwIbAkJ9KCoDLlEzfgBTBycyLidsPWAhR2Q0BSYSciQSJiNNVBY+Ak03YDFDY1YFMT9hMAEnN28PCgEkBDILDxFkCwkxEgYzEg8BDRMaAxVdJzleR2QkFToVfVAQMiRNUgo6UF8WPAUGCCAEISJcLwUCO0Yd HTTP/1.1
Host: yonatallcolum.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1205
date: Fri, 10 May 2024 12:17:57 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 17c1b187a3afe016510e55151109cc30.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 2ZilxILgDGDgrePLldFGT7Nd4iY3Xk-fWSyi854WgweDBfOU9KX07Q==
X-Firefox-Spdy: h2

getrunkhomuto.info/NjhJYVNXWioMbFcFK0cmRFR0RGFwHXsnNwVOegMiUlYtDGdTSjFPMFpXPAU1RFcnFX1YXT1EYXBwHiQVeG16AmR6UQRQAHVPJioEA3coUh0BYhwzdgR6BDVrBH0eNGJ6ewQyHGVtfi80Y0sCJWcEfyNRJXlgeTQdT0A7LgJnCwUbYkNxLhkrelI6URtnbnEAKwMdeyMdYlt6Mj5eVgA1GmxoehkheFAiVjV+QHgnOUFSKiY3ZHQaIyRmUC4IGHV9bFMVcFZ4GxAEYhMAFGQdeycKBwAuAhtOChsjI11eeywxe2txVRgHcjgCB2BKGDA3BV0ROxZxVRtEYXBhPjQmbHBkVQBiVXwXNW5IGgA9c0kHCQJMdCQJO3tvORk1cXYBAAtwAC0KBVlyMDA7c1J9FB1uYg8pPV4PLzQ3EwoLLxt0UW8LIFlWOVwGYggqCRBzfHhZOg

52.85.243.10

200 OK

1.2 kB

URL GET HTTP/2
getrunkhomuto.info/NjhJYVNXWioMbFcFK0cmRFR0RGFwHXsnNwVOegMiUlYtDGdTSjFPMFpXPAU1RFcnFX1YXT1EYXBwHiQVeG16AmR6UQRQAHVPJioEA3coUh0BYhwzdgR6BDVrBH0eNGJ6ewQyHGVtfi80Y0sCJWcEfyNRJXlgeTQdT0A7LgJnCwUbYkNxLhkrelI6URtnbnEAKwMdeyMdYlt6Mj5eVgA1GmxoehkheFAiVjV+QHgnOUFSKiY3ZHQaIyRmUC4IGHV9bFMVcFZ4GxAEYhMAFGQdeycKBwAuAhtOChsjI11eeywxe2txVRgHcjgCB2BKGDA3BV0ROxZxVRtEYXBhPjQmbHBkVQBiVXwXNW5IGgA9c0kHCQJMdCQJO3tvORk1cXYBAAtwAC0KBVlyMDA7c1J9FB1uYg8pPV4PLzQ3EwoLLxt0UW8LIFlWOVwGYggqCRBzfHhZOg
IP
52.85.243.10:443
ASN
#16509 AMAZON-02

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerAmazon
Subjectgetrunkhomuto.info
Fingerprint07:6C:15:28:EC:56:65:DE:8C:55:1C:BF:A5:DB:7B:96:8F:38:56:0E
ValidityMon, 01 Apr 2024 00:00:00 GMT - Wed, 30 Apr 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3030), with no line terminators
Size
1.2 kB (1187 bytes)
Hash
7ca22a7e2e1bc7d13ff3262cbb9cde41
f7f085a34b25ffe38ee9f254db65a406d424ef73
0afcc8f0219b3750da70ce68ff5d424036b0940e33a5a34aa6e5a3c931599a24

HTTP Headers

GET /NjhJYVNXWioMbFcFK0cmRFR0RGFwHXsnNwVOegMiUlYtDGdTSjFPMFpXPAU1RFcnFX1YXT1EYXBwHiQVeG16AmR6UQRQAHVPJioEA3coUh0BYhwzdgR6BDVrBH0eNGJ6ewQyHGVtfi80Y0sCJWcEfyNRJXlgeTQdT0A7LgJnCwUbYkNxLhkrelI6URtnbnEAKwMdeyMdYlt6Mj5eVgA1GmxoehkheFAiVjV+QHgnOUFSKiY3ZHQaIyRmUC4IGHV9bFMVcFZ4GxAEYhMAFGQdeycKBwAuAhtOChsjI11eeywxe2txVRgHcjgCB2BKGDA3BV0ROxZxVRtEYXBhPjQmbHBkVQBiVXwXNW5IGgA9c0kHCQJMdCQJO3tvORk1cXYBAAtwAC0KBVlyMDA7c1J9FB1uYg8pPV4PLzQ3EwoLLxt0UW8LIFlWOVwGYggqCRBzfHhZOg HTTP/1.1
Host: getrunkhomuto.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1187
date: Fri, 10 May 2024 12:17:57 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 844de3d616579278fb702fc6b9b5c9a2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: yKXOFs73oi0DnVc2v80kyZSask-YnDstGvleo70ka9_dXITwFJfaOg==
X-Firefox-Spdy: h2

forhavingartistic.info/ckZqVnddeQklShB3MBgtJS4MNEQkFzIQExgjBgwVJHQkc0U0EDwTUQYvDmtOQXRcYERUNgMySkN+TCUDEzIfJUpDYAM4ER17TCBKQ2haeEVcc0wjSkNgHiYWFXtbcAcGMgZrRkV3X2VDQXJdYUJAfg

188.114.97.1

204 No Content

0 B

URL GET HTTP/2
forhavingartistic.info/ckZqVnddeQklShB3MBgtJS4MNEQkFzIQExgjBgwVJHQkc0U0EDwTUQYvDmtOQXRcYERUNgMySkN+TCUDEzIfJUpDYAM4ER17TCBKQ2haeEVcc0wjSkNgHiYWFXtbcAcGMgZrRkV3X2VDQXJdYUJAfg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services LLC
Subjectforhavingartistic.info
Fingerprint99:C4:40:7A:4F:8D:B3:1C:81:58:9B:CB:06:76:D8:05:9B:30:0E:F6
ValidityMon, 01 Apr 2024 07:04:42 GMT - Sun, 30 Jun 2024 07:04:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ckZqVnddeQklShB3MBgtJS4MNEQkFzIQExgjBgwVJHQkc0U0EDwTUQYvDmtOQXRcYERUNgMySkN+TCUDEzIfJUpDYAM4ER17TCBKQ2haeEVcc0wjSkNgHiYWFXtbcAcGMgZrRkV3X2VDQXJdYUJAfg HTTP/1.1
Host: forhavingartistic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 10 May 2024 12:17:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0azpz4BrWX32CqoaknyQuEDihv8czsdl7r%2FfMTbBsbvst9H9ZnO%2FYZtztyzamGiZYekGHjcMv%2BOhq95t1pAr1f4pGyZuT4mrkx4RbO5rV2r9wUCFl1JoRN9RMwYOAvihLHzcviUhJrSG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8819de7f487d0afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

d3v3bqdndm4erx.cloudfront.net/8ckdpRlARKAcgbwYuDXtpQXNacWVUNxsjNk8zCDY1EyMfIyIGLhojPRcpHWgzHSpPLCMdKRl7FSUNPS8aJC4kNShUMxMibUJhBSc+FXpPIz4RelhgMRYlVHJ2BjcGLW0GNB8oOxosBDU4VDIIez0dPQAqPBNiWwBlXHdMdGBaP1h3dUEFTHRgHi4HMyhXdV-k+aEQYX3J1QQVMdGAAMUx1EUtxR3Z5V3VZITURLAZjYjR1WXdgQnZZd3VAdw8vIhchBj51QAFQcH5CYRx7YQ

54.230.241.36

200 OK

528 B

URL GET HTTP/2
d3v3bqdndm4erx.cloudfront.net/8ckdpRlARKAcgbwYuDXtpQXNacWVUNxsjNk8zCDY1EyMfIyIGLhojPRcpHWgzHSpPLCMdKRl7FSUNPS8aJC4kNShUMxMibUJhBSc+FXpPIz4RelhgMRYlVHJ2BjcGLW0GNB8oOxosBDU4VDIIez0dPQAqPBNiWwBlXHdMdGBaP1h3dUEFTHRgHi4HMyhXdV-k+aEQYX3J1QQVMdGAAMUx1EUtxR3Z5V3VZITURLAZjYjR1WXdgQnZZd3VAdw8vIhchBj51QAFQcH5CYRx7YQ
IP
54.230.241.36:443
ASN
#16509 AMAZON-02

Requested by
https://yonatallcolum.info/a3Y1ZVMKFFYIbApLV0MmGRoIQGEtUwcjN1gABgciDxhRCGcOBE1LMAcZQAE1GRlbEX0FE0FAYS1OVg43GyRZJAEgN1YCMRwvQCELHwZkPR0KFWIzBiUORg8dAE5PJhcyR3AcHg0/TCwUJx5aDwM5FUUtBAwMfTYjOzp2KDcgJFlSFTgjezUAUxd/JmcAOGYNBiYOeAwxPjxdJwAIUwcnFTMGZSwpXyRQCTsMO2c8Pz0+f1cRARVyKQRbMXsnawQ5TQogKTJgUQUvP3wAKVsSZTQSGiZ3Kzo8AXcJCyMSeAEUKRdlVDtYEmAgFT8+ZwIbAkJ9KCoDLlEzfgBTBycyLidsPWAhR2Q0BSYSciQSJiNNVBY+Ak03YDFDY1YFMT9hMAEnN28PCgEkBDILDxFkCwkxEgYzEg8BDRMaAxVdJzleR2QkFToVfVAQMiRNUgo6UF8WPAUGCCAEISJcLwUCO0Yd
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (731), with no line terminators
Size
528 B (528 bytes)
Hash
b5601bfda8917982517518b6477808a7
17768abc8c885fd7dcef2a55c7b8ea94b22d3677
7cd32931b099ce442a4a8b942bc22be6d9d99c28c668b9bf33f8900aed08aa78

HTTP Headers

GET /8ckdpRlARKAcgbwYuDXtpQXNacWVUNxsjNk8zCDY1EyMfIyIGLhojPRcpHWgzHSpPLCMdKRl7FSUNPS8aJC4kNShUMxMibUJhBSc+FXpPIz4RelhgMRYlVHJ2BjcGLW0GNB8oOxosBDU4VDIIez0dPQAqPBNiWwBlXHdMdGBaP1h3dUEFTHRgHi4HMyhXdV-k+aEQYX3J1QQVMdGAAMUx1EUtxR3Z5V3VZITURLAZjYjR1WXdgQnZZd3VAdw8vIhchBj51QAFQcH5CYRx7YQ HTTP/1.1
Host: d3v3bqdndm4erx.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yonatallcolum.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 528
date: Fri, 10 May 2024 12:17:58 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NVzT_Uboa5fBRPqT2iqxBnAWD8LllIxWWMpSjtAeHw279LqDw894lw==
X-Firefox-Spdy: h2

d3v3bqdndm4erx.cloudfront.net/HWEFNU3c7LiM1SCwoKW5Oa3N7ZUR+MT82EWU1LCMSOSU7NgUsKD42Gj0vOX0UNyxrOQQ3Lz1uIgxxLjs0HQV8ax5+NTc3SmhnITIZP3xrNhk7fHx1FjwjcGdRLSBwPhgiKCE/Fn1zC2ZZaGR/Y18gcHx2RBpkf2MbMS84K1JqcTVrQQd3eXZEGmR/YwUuZH-4STm5vfXpSanEqNhQzLmhhMWpxfGNHaXF8dkVoJyQhEj4uNXZFHnh7fUd+NHBi

54.230.241.36

200 OK

190 B

URL GET HTTP/2
d3v3bqdndm4erx.cloudfront.net/HWEFNU3c7LiM1SCwoKW5Oa3N7ZUR+MT82EWU1LCMSOSU7NgUsKD42Gj0vOX0UNyxrOQQ3Lz1uIgxxLjs0HQV8ax5+NTc3SmhnITIZP3xrNhk7fHx1FjwjcGdRLSBwPhgiKCE/Fn1zC2ZZaGR/Y18gcHx2RBpkf2MbMS84K1JqcTVrQQd3eXZEGmR/YwUuZH-4STm5vfXpSanEqNhQzLmhhMWpxfGNHaXF8dkVoJyQhEj4uNXZFHnh7fUd+NHBi
IP
54.230.241.36:443
ASN
#16509 AMAZON-02

Requested by
https://getrunkhomuto.info/NjhJYVNXWioMbFcFK0cmRFR0RGFwHXsnNwVOegMiUlYtDGdTSjFPMFpXPAU1RFcnFX1YXT1EYXBwHiQVeG16AmR6UQRQAHVPJioEA3coUh0BYhwzdgR6BDVrBH0eNGJ6ewQyHGVtfi80Y0sCJWcEfyNRJXlgeTQdT0A7LgJnCwUbYkNxLhkrelI6URtnbnEAKwMdeyMdYlt6Mj5eVgA1GmxoehkheFAiVjV+QHgnOUFSKiY3ZHQaIyRmUC4IGHV9bFMVcFZ4GxAEYhMAFGQdeycKBwAuAhtOChsjI11eeywxe2txVRgHcjgCB2BKGDA3BV0ROxZxVRtEYXBhPjQmbHBkVQBiVXwXNW5IGgA9c0kHCQJMdCQJO3tvORk1cXYBAAtwAC0KBVlyMDA7c1J9FB1uYg8pPV4PLzQ3EwoLLxt0UW8LIFlWOVwGYggqCRBzfHhZOg
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
190 B (190 bytes)
Hash
d39ef5df7ea4338f25030ad0430273ae
2edc45ec381350ab1f66c61a8f2bafd06722a115
4f842aca7286c2ef7cde496983c4ca73363308f0fcb09e13c39bdc62750c01bc

HTTP Headers

GET /HWEFNU3c7LiM1SCwoKW5Oa3N7ZUR+MT82EWU1LCMSOSU7NgUsKD42Gj0vOX0UNyxrOQQ3Lz1uIgxxLjs0HQV8ax5+NTc3SmhnITIZP3xrNhk7fHx1FjwjcGdRLSBwPhgiKCE/Fn1zC2ZZaGR/Y18gcHx2RBpkf2MbMS84K1JqcTVrQQd3eXZEGmR/YwUuZH-4STm5vfXpSanEqNhQzLmhhMWpxfGNHaXF8dkVoJyQhEj4uNXZFHnh7fUd+NHBi HTTP/1.1
Host: d3v3bqdndm4erx.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getrunkhomuto.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 190
date: Fri, 10 May 2024 12:17:58 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: awmCPPPHMbJtfFzPgi2to5aQ7LHTKtahVDMwKUz-Bq_ejd8jKbEHJA==
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js

142.250.74.35

200 OK

204 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
204 kB (204445 bytes)
Hash
add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tapeadvertisement.com
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 331524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

imasdk.googleapis.com/js/sdkloader/ima3.js

142.250.74.170

200 OK

141 kB

URL GET HTTP/2
imasdk.googleapis.com/js/sdkloader/ima3.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (2055)
Size
141 kB (141363 bytes)
Hash
cbf464a0111159755a8498aebd25332a
41a1056841eb5d8a95718e95365106c79a83047d
1237eea381e09229fc6e7d78cdc35e4a3003328fc591f7937491b5dd31844c89

HTTP Headers

GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 141363
date: Fri, 10 May 2024 12:17:58 GMT
expires: Fri, 10 May 2024 12:17:58 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tapeadvertisement.com/favicon.ico

104.21.34.152

200 OK

3.8 kB

URL GET HTTP/3
tapeadvertisement.com/favicon.ico
IP
104.21.34.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerLet's Encrypt
Subjecttapeadvertisement.com
Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08
ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT

File type
MS Windows icon resource - 1 icon, 100x100, 32 bits/pixel
Size
3.8 kB (3822 bytes)
Hash
1f1617bb9d33485e49af9fae638831f9
e245af39fd84866e07b7e177fa0ff6d25221252f
3fe1701b124953220bd71e61910006cb7c3ae36f6c8975075c842101d97cf513

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Cookie: _b=kube15
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 12:17:58 GMT
content-type: image/x-icon
last-modified: Tue, 01 Dec 2020 18:16:59 GMT
etag: W/"5fc6889b-a2be"
cache-control: max-age=432000
cf-cache-status: HIT
age: 5337
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K3bnZkqJW%2FgJFoYU19ex6o8btWXF7satSLLqY7KZ4GLkY%2FRO%2BV9KzPTL63W3rQNDcldZHl6ssLiY6A5tfbTA%2BMUWEnWhl4%2FgQRL1VCGNhFCjFKusomYTjTMiFfokeWnMJWvqvgCdfG0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819de84df8d0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

o.pki.goog/wr2

142.250.74.99

471 B

URL
o.pki.goog/wr2
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9a42e37278e1480da7ec417eb8b7285e
2ebb273a9d30622c0371647e60d4323937a9d5bc
0c3686dcbc184d61e8fd14b50520a7d83880a655fa38a7f14443a275130a446e

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 10 May 2024 12:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

74.125.131.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:9n1YvQJLQ2EYlYmNNQc3mt3BHBoOeg:gIwDegciwahYsGMO; Expires=Sun, 10-May-2026 12:17:58 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 12:17:58 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyQtp2k_dVVkutkB0I9X0T4pkZmLzOR6Dxnedr10q3S0G5kJ80eFO9bszSBWzq97QYT5Pvzlg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-ZhkmNouck10oKcyytovpvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

74.125.131.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:RDpGZZvV384r8Eo_WBVOBDi6PKBO3g:rE3Bg_dTMClFZm8b; Expires=Sun, 10-May-2026 12:17:58 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 12:17:58 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw_bXROmUgqCBXIhpM2U-EYLi-sw_Y_9RxG4Js9LW3td7ycMxo5W9chxZzhTQMbtYJK4hdNfQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-X_oMCdh6loMdx0IQavlAhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyQtp2k_dVVkutkB0I9X0T4pkZmLzOR6Dxnedr10q3S0G5kJ80eFO9bszSBWzq97QYT5Pvzlg

74.125.131.84

302 Found

426 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyQtp2k_dVVkutkB0I9X0T4pkZmLzOR6Dxnedr10q3S0G5kJ80eFO9bszSBWzq97QYT5Pvzlg
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type
HTML document, ASCII text, with very long lines (404)
Size
426 B (426 bytes)
Hash
104609d944f2ab7534ba19fbbe875c95
10acf4124a26ab83410947da9aa82fba7c7ff450
3a921a55d3210d358b79a0340e00752339ad1658b556c02c57ab8362782c6e2e

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyQtp2k_dVVkutkB0I9X0T4pkZmLzOR6Dxnedr10q3S0G5kJ80eFO9bszSBWzq97QYT5Pvzlg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tapeadvertisement.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:_xg35ycTEH4LbBDRSKz97gEyl0w_hQ:vHm9Ku1LqHViQ_Dx;Path=/;Expires=Sun, 10-May-2026 12:17:58 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 12:17:58 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQyC9g__rlFfTm7gdR0cgSeSg6b-T6azrpT5t8klYFHOmmP9gmA3-vAXQ2Mb-Us6-kNGQE0w5w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1006241639%3A1715343478951990&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-S-aiDmP4PsnW5v-Jakk3lQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 426
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw_bXROmUgqCBXIhpM2U-EYLi-sw_Y_9RxG4Js9LW3td7ycMxo5W9chxZzhTQMbtYJK4hdNfQ

74.125.131.84

302 Found

427 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw_bXROmUgqCBXIhpM2U-EYLi-sw_Y_9RxG4Js9LW3td7ycMxo5W9chxZzhTQMbtYJK4hdNfQ
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type
HTML document, ASCII text, with very long lines (406)
Size
427 B (427 bytes)
Hash
4c6068428a955b51cefe428f51009966
3633acb1d2edd8e8c35cdc5c04d3f1ad92b180e0
5cf1ff654fa882201206db7c8ef2b6924a486a97689a7e4f30fe42423926d429

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw_bXROmUgqCBXIhpM2U-EYLi-sw_Y_9RxG4Js9LW3td7ycMxo5W9chxZzhTQMbtYJK4hdNfQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tapeadvertisement.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:GMvhAfQhNxziYJjw8W5wzGuVRtQkCQ:sbsHr65J9fDoJL2s;Path=/;Expires=Sun, 10-May-2026 12:17:58 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 12:17:58 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwrfr0MZTlq4O7afuXgNG6ZFEbVGSWg6aZw2KypmFwj9HlRnUXxNwam4SgmbIn8jLVsWNMddg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S370125583%3A1715343478956120&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-u2D9LqubK2QV_lLR1wwMOA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 427
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.99

471 B

URL
o.pki.goog/wr2
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4addd78a1ebbfbfd98f962bee30de93e
113326456169ddeb584e9bc96365d93c913e40be
5aabd865e6cf2769f401a6bb4b0059dcf57bc7b5e0cc8e015a2fe0e0d85d9717

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 10 May 2024 12:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwrfr0MZTlq4O7afuXgNG6ZFEbVGSWg6aZw2KypmFwj9HlRnUXxNwam4SgmbIn8jLVsWNMddg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S370125583%3A1715343478956120&theme=mn&ddm=0

74.125.131.84

403 Forbidden

1.3 kB

URL GET HTTP/2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwrfr0MZTlq4O7afuXgNG6ZFEbVGSWg6aZw2KypmFwj9HlRnUXxNwam4SgmbIn8jLVsWNMddg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S370125583%3A1715343478956120&theme=mn&ddm=0
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type
gzip compressed data, max compression
Size
1.3 kB (1306 bytes)
Hash
3984dc881ec513848391b2446579b4fd
59cc78cd4f98fa221b30f7a15cd189907fdf6baa
e50e2d38101a05fcea2f8d78e6295eb3051caeb5b6f53283041435fe15b1a358

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwrfr0MZTlq4O7afuXgNG6ZFEbVGSWg6aZw2KypmFwj9HlRnUXxNwam4SgmbIn8jLVsWNMddg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S370125583%3A1715343478956120&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tapeadvertisement.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 12:17:59 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-CQeHVJfj0nHLcAXAu_8VTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQyC9g__rlFfTm7gdR0cgSeSg6b-T6azrpT5t8klYFHOmmP9gmA3-vAXQ2Mb-Us6-kNGQE0w5w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1006241639%3A1715343478951990&theme=mn&ddm=0

74.125.131.84

403 Forbidden

10 kB

URL GET HTTP/2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQyC9g__rlFfTm7gdR0cgSeSg6b-T6azrpT5t8klYFHOmmP9gmA3-vAXQ2Mb-Us6-kNGQE0w5w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1006241639%3A1715343478951990&theme=mn&ddm=0
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type
gzip compressed data, max compression
Size
10 kB (10486 bytes)
Hash
3059067383e393c1695cfcf1b6522f2a
4873ef628027a7450966f956af6a741681d25451
140c7b5b34050116f4dfbc97e10390e7e7a6855b64f10ffb552529914c0903cf

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQyC9g__rlFfTm7gdR0cgSeSg6b-T6azrpT5t8klYFHOmmP9gmA3-vAXQ2Mb-Us6-kNGQE0w5w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1006241639%3A1715343478951990&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tapeadvertisement.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 12:17:59 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-00KLYu7-rHC8w4LcCgYtkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tapeadvertisement.com/js/player.ec3b7e.js

104.21.34.152

200 OK

148 kB

URL GET HTTP/3
tapeadvertisement.com/js/player.ec3b7e.js
IP
104.21.34.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerLet's Encrypt
Subjecttapeadvertisement.com
Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08
ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT

File type
JavaScript source, ASCII text, with very long lines (57504)
Size
148 kB (148031 bytes)
Hash
1781a0087c11152a2361ca6c84b13fab
87360f858b201c3e28f4af24b2fc7c2d8a8d0232
00c57c8b0121e3c2154bc0c181a5c01ad10550648cc4835a62dc887d5427c656

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/player.ec3b7e.js HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Cookie: _b=kube15
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 12:17:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 04 Feb 2021 09:32:44 GMT
etag: W/"601bbf3c-2423f"
cache-control: max-age=432000
cf-cache-status: HIT
age: 5340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mHBA9huKWa22ct4oaKHR3H1rM5fw0PQS6UTX%2BCQHBlRKzaWtzw9kb8plVGQ4mvTfAMlbsTvzkp1x7AS5c8K4S5vjA0wCITyZz3rUWtpdX4OZhgL5ns1xiH0ssZrwcCdeGWUJqx702kI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819de7f19950b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pogothere.xyz/

188.114.97.1

200 OK

27 B

URL GET HTTP/2
pogothere.xyz/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B
ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
0c77caf611ae3a7425c7d043e45de052
a2fd33943e2038504eda92cfb61d92109d356298
547ae58f054b517691263580b311b58513f545af054daee9ba88e47eecb6a591

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tapeadvertisement.com/
Origin: https://tapeadvertisement.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 12:17:58 GMT
content-type: text/plain
set-cookie: csu=2079477416942322@1@1715343478; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://tapeadvertisement.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NNT8sYq1Mg89VFI5AFzOEzvsmEyb%2BAcuJhVvCbK05wv2Vaj1%2FPc67NqM5fHZQyMMSCLSa8q8swAw2ZTgw3kgjuc8DfflRRkPD63CFD3oO1gSAC91YUn%2FJZ2Z%2BwJl4MDZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8819de851a295697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

acscdn.com/script/aclib.js

188.114.97.1

200 OK

126 kB

URL GET HTTP/2
acscdn.com/script/aclib.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services LLC
Subjectacscdn.com
Fingerprint55:5D:7F:12:65:2B:04:EA:49:29:92:63:3B:D1:C2:DF:C7:F6:4B:9E
ValiditySat, 27 Apr 2024 13:56:54 GMT - Fri, 26 Jul 2024 13:56:53 GMT

File type

Size
126 kB (125606 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 12:17:57 GMT
content-type: text/javascript
x-goog-generation: 1714389616107910
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 125606
x-goog-hash: crc32c=xTw75w==, md5=TCF5phnDVdTC7KGmT28/Bw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: ABPtcPq3WDRiywUXy1I9epsgjBrZr10_kxsxD8tygBTr-xkVVMzaGeOnPwLfQ_UPT0AwhViwE90
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Fri, 10 May 2024 12:08:00 GMT
cache-control: public, max-age=3600
age: 2842
last-modified: Mon, 29 Apr 2024 11:20:16 GMT
etag: W/"4c2179a619c355d4c2eca1a64f6f3f07"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x1db12rAc%2BiHm2lupOk%2F1jsah9jglZSiJZW0zsmKOhgGxhLKBkzw5tvpvnOLsn9nJ7n0Hx3lLnNgSSaPdIbPqHnLxiCY14ZABfpeRIueaLShdmQH2C2DoiFp6AzC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819de7c8e35712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tapeadvertisement.com/player.svg

104.21.34.152

200 OK

5.5 kB

URL GET HTTP/3
tapeadvertisement.com/player.svg
IP
104.21.34.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerLet's Encrypt
Subjecttapeadvertisement.com
Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08
ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT

File type
SVG Scalable Vector Graphics image
Size
5.5 kB (5548 bytes)
Hash
84ae75c5bb8eb53fa80dbf474f2b3c9e
e72ffb84dd4ff1ea1e29ac961af43dc1878ed382
f8f633975f552666d54d543bea7874e3934536447064d67ba8f7bf714c74152d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /player.svg HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Cookie: _b=kube15
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 12:17:57 GMT
content-type: image/svg+xml
last-modified: Sun, 29 Nov 2020 16:24:53 GMT
etag: W/"5fc3cb55-15ac"
cache-control: max-age=432000
cf-cache-status: HIT
age: 7169
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njHSyH3LvM9BdIog1RQO%2F7v7%2FlqBcgtivIYiC4ZPxJ5vrNbN63Vg9Q%2Bv3qX7hJKJuf1XkipU0CN%2FCmme8STkke9a0tzdUOpyQ5sW0MEpkV0626quWXnO5Eg8D8CVF2RTtwvt55Tyw6M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819de7fda700b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs

142.250.74.132

200 OK

884 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
JavaScript source, ASCII text, with very long lines (884), with no line terminators
Size
884 B (884 bytes)
Hash
f7b645333519804d7f74a27c302625b7
1ace6263091021a2b24f592c1feb28d1a9d14135
c3634f121a6016566670d5306f783954ffab343554d2563010a78e68826a89a0

HTTP Headers

GET /recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Fri, 10 May 2024 12:17:57 GMT
date: Fri, 10 May 2024 12:17:57 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

acscdn.com/script/ippg.js

188.114.97.1

200 OK

106 kB

URL GET HTTP/3
acscdn.com/script/ippg.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services LLC
Subjectacscdn.com
Fingerprint55:5D:7F:12:65:2B:04:EA:49:29:92:63:3B:D1:C2:DF:C7:F6:4B:9E
ValiditySat, 27 Apr 2024 13:56:54 GMT - Fri, 26 Jul 2024 13:56:53 GMT

File type

Size
106 kB (106476 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/ippg.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 12:17:57 GMT
content-type: text/javascript
x-goog-generation: 1714389816428258
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 106476
x-goog-hash: crc32c=5tkeyg==, md5=biNKhMn5dr2tlMXG+AzH0A==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: ABPtcPpfVl-jZGGk4QiQqGFBmqJ7wsgOjG5GMJcdzFS_nVBCwJ59qjRK4wIpuvPlFRd92eSWZeYQ6bfLMA
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Fri, 10 May 2024 12:17:24 GMT
cache-control: public, max-age=3600
age: 2117
last-modified: Mon, 29 Apr 2024 11:23:36 GMT
etag: W/"6e234a84c9f976bdad94c5c6f80cc7d0"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=biYY3MSTUe57T97IyUGMGNmAwiISIQbrqpHIn076RTdy5m7Qm7sXx%2FrftBvlCL08kalYzl1vJebnwENF85v7AkGxWIef%2BFKTnedxRWOj4eaJspuG8%2B%2B3tfKQxJjv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819de80feccb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

acscdn.com/script/ut.js?cb=1715343477813

188.114.97.1

200 OK

63 kB

URL GET HTTP/3
acscdn.com/script/ut.js?cb=1715343477813
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services LLC
Subjectacscdn.com
Fingerprint55:5D:7F:12:65:2B:04:EA:49:29:92:63:3B:D1:C2:DF:C7:F6:4B:9E
ValiditySat, 27 Apr 2024 13:56:54 GMT - Fri, 26 Jul 2024 13:56:53 GMT

File type

Size
63 kB (62975 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/ut.js?cb=1715343477813 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 12:17:57 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPq4rLQfUzIb4PXABJF3kaL6QpNC2eEDt1dZIA_AICzJwRtEzQkHmfGBvBjJTgyllcLoFfCchk7ypw
x-goog-generation: 1714053300452258
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62975
x-goog-hash: crc32c=f8d0YQ==, md5=vEgeNFwEtFNOCk5UoPLBxg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 10 May 2024 11:43:53 GMT
cache-control: public, max-age=3600
age: 2150
last-modified: Thu, 25 Apr 2024 13:55:00 GMT
etag: W/"bc481e345c04b4534e0a4e54a0f2c1c6"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oFomY2pYYENBoeAS8%2Bjw%2B16XENVbJd6j3z01%2BWZa%2FAV5NkBOnnOrdSZ32rUTI55Sf%2BvZVO6rNZXe2zNiVE%2BACXBzpOZdtrYw7b4kGNTviv8gny2pjnQZ2gNglosP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819de80fec7b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pogothere.xyz/asd100.bin

188.114.97.1

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B
ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tapeadvertisement.com/
Origin: https://tapeadvertisement.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 12:17:58 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://tapeadvertisement.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Thu, 09 May 2024 18:50:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jw2DTsQc3XDN0IAUk%2FM2%2FnNglbWqJWi1e2KwSTdrGYP%2BZV7QedZDOkXOY1rkhn9Cp4jp17HYk6%2B7yHh9C1ASRouFnkvRl2F4NJdvFfYmbWYZKpk3nmvOv6n1hBwp2xe2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819de850a045697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tapeadvertisement.com/scss/player.ec3b7d.css

104.21.34.152

200 OK

32 kB

URL GET HTTP/3
tapeadvertisement.com/scss/player.ec3b7d.css
IP
104.21.34.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerLet's Encrypt
Subjecttapeadvertisement.com
Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08
ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT

File type
ASCII text, with very long lines (31831), with no line terminators
Size
32 kB (31831 bytes)
Hash
dc2cffa80d365e1efd4a88a462260a60
b0dd95d0afb3c518fc5251cc23c2106cbc9d4fc2
0946d6f8aabb3d1ce41416563689d0e2468a898bda8a2fc190e9b0634288d005

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /scss/player.ec3b7d.css HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Cookie: _b=kube15
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 12:17:57 GMT
content-type: text/css
cf-bgj: minify
etag: W/"622bf685-7b0c"
last-modified: Sat, 12 Mar 2022 01:25:25 GMT
cache-control: max-age=432000
cf-cache-status: HIT
age: 2481
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fi4VpTaEo%2FVpTlbE5JfOAKK5QVdXiTqI0ZJJXunGtiSMSzPEGZ3bb%2BeklpgWtC0xmrs24Ff12lF4anHgMcbBF3ny2rTC5sqQ4Im6CDXrAU4Efo%2FQYUkuymhkP1%2FJOsj0vWLgeOufo3c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819de7bee490b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tapeadvertisement.com/e/aoBMB3PwDbFxryM/

104.21.34.152

200 OK

240 kB

URL User Request GET HTTP/2
tapeadvertisement.com/e/aoBMB3PwDbFxryM/
IP
104.21.34.152:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjecttapeadvertisement.com
Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08
ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT

File type

Size
240 kB (240205 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /e/aoBMB3PwDbFxryM/ HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 12:17:56 GMT
content-type: text/html; charset=UTF-8
cache-control: private
set-cookie: _b=kube15; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=voH2L5nc9Wt1G5nMAcRztmjAUDE1uWih3i32u7STasL3ubq8saZfZhtiHh6frkVP5kalIdYgWBuAEcqa1%2FTt%2BIuTwsI5eBfS2tronYc30%2BefxcllEiAHG%2BkfsTRI9q2Ba0dSXd7w7oQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8819de797f19b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tapeadvertisement.com/js/jquery.min.js

104.21.34.152

200 OK

88 kB

URL GET HTTP/3
tapeadvertisement.com/js/jquery.min.js
IP
104.21.34.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Certificate
IssuerLet's Encrypt
Subjecttapeadvertisement.com
Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08
ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/e/aoBMB3PwDbFxryM/
Cookie: _b=kube15
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 12:17:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 28 Aug 2020 11:07:33 GMT
etag: W/"5f48e575-15851"
cache-control: max-age=432000
cf-cache-status: HIT
age: 7103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hVCUSacw1yPGKOkSbSnZjBdkzPfncw6OMfKhZzEjzwR5P9Uk0Tgd9F9NWmKMk8ks3sShrwk7jE0KRZIY9zdiKdmOd0LnYOlLtzan43ux6Y6I0aZuuPYrGThgLBDKxqAihnp1DiOVkBU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819de7bde330b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL