Report - pxdoland.cc/register?i=070b08

Report Overview

Visited public
2024-11-09 06:45:32
Tags
URL
pxdoland.cc/register?i=070b08
Finishing URL
mafiasex.cc/register
IP / ASN
192.64.119.110
#22612 NAMECHEAP-NET
Title
Club Penguin

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
mafiasex.cc	unknown	2024-11-07	2024-11-09	2024-11-09	2.5 kB	730 kB	188.114.97.1
img001.prntscr.com	unknown	2010-01-07	2022-02-19	2024-10-29	450 B	712 kB	104.23.140.12
5kteens.cc	unknown	unknown	No data	No data	481 B	69 kB	104.21.86.137
pxdoland.cc	unknown	2024-11-02	2024-11-04	2024-11-04	661 B	550 B	192.64.119.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-11-09 06:45:20	low	192.64.119.110	Client IP	ET INFO Namecheap URL Forward
2024-11-09 06:45:22	low	192.64.119.110	Client IP	ET INFO Namecheap URL Forward

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	mafiasex.cc/js/main.js	ScriptElement	2.9 kB	2024-11-09	2024-11-13
Pretty URL mafiasex.cc/js/main.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-09 06:45 Last Seen2024-11-13 00:51 Times Seen2 Hash a1971a6c07e39f40fbde1483f94784fc 13fda9ab796fe89a794a90ab1adc6d1deb7ae676 8c1240d51d230d03a79084e15653631a19e636a66c0f41b61d3c50a66587ea91 Loading...

	mafiasex.cc/register	ScriptElement	0 B	0001-01-01	2025-04-26
Pretty URL mafiasex.cc/register IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-04-26 02:28 Times Seen4535762 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (9)

URL IP Response Size

pxdoland.cc/

192.64.119.110

302 Found

42 B

URL
pxdoland.cc/
IP
192.64.119.110:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text
Size
42 B (42 bytes)
Hash
321846953e891c23f81cabca61966d21
d10d1400832c1b339b99e974c10ffc6eca01b2df
bbfcc99a46347fbe72fb04c2bbba2d72c550e3f60aed069e1c0142987728c02b

Detections

NIDS	Severity	Alert
suricata	low	ET INFO Namecheap URL Forward

HTTP Headers

GET / HTTP/1.1
Host: pxdoland.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Sat, 09 Nov 2024 06:45:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 42
Connection: keep-alive
Location: https://mafiasex.cc
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx

mafiasex.cc/

188.114.97.1

301 Moved Permanently

43 B

URL User Request GET HTTP/2
mafiasex.cc/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmafiasex.cc
FingerprintA2:86:CB:0F:44:8D:C9:ED:A2:B0:C4:2D:3F:E4:7A:44:97:45:C8:F7
ValidityThu, 07 Nov 2024 17:09:52 GMT - Wed, 05 Feb 2025 17:09:51 GMT

File type
ASCII text, with no line terminators
Size
43 B (43 bytes)
Hash
55522fdc37f6dca7385b20332322e842
cae00cb10d2e6ce6b7122cbbbaa6d230bdd3e3a8
3399c8130bc08a1f67dd11f6e2c28c0a1f77ae9a35ad0c45b6f6ca6685d60e21

HTTP Headers

GET / HTTP/1.1
Host: mafiasex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 09 Nov 2024 06:45:11 GMT
content-type: text/plain; charset=utf-8
content-length: 43
x-powered-by: Express
location: /register
vary: Accept
set-cookie: connect.sid=s%3Anga0mPv7b0iZvyGIWopNjbFt24a_pQUu.SST7AXVSe1xhVnVllIyXG1Ca5EHu%2Bk5ngmcORjcS9Ys; Path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTSW9Uh%2Bip%2BhZBhqpAqggNetJnXKzDrup7rOP5CkIMTtw9Nnza0YhHtmqHhmfykXrxN%2BLGONc9uGoNcYC8wFUgOCMFafRKrAA8HZ788cC2xcWSorQBQoDtv%2BqkkutA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8dfbd6a73997b4f3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=31676&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3275&recv_bytes=1145&delivery_rate=247113&cwnd=254&unsent_bytes=0&cid=230453d84de81820&ts=384&x=0"
X-Firefox-Spdy: h2

pxdoland.cc/register?i=070b08

192.64.119.110

302 Found

42 B

URL User Request GET HTTP/1.1
pxdoland.cc/register?i=070b08
IP
192.64.119.110:80
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text
Size
42 B (42 bytes)
Hash
321846953e891c23f81cabca61966d21
d10d1400832c1b339b99e974c10ffc6eca01b2df
bbfcc99a46347fbe72fb04c2bbba2d72c550e3f60aed069e1c0142987728c02b

Detections

NIDS	Severity	Alert
suricata	low	ET INFO Namecheap URL Forward

HTTP Headers

GET /register?i=070b08 HTTP/1.1
Host: pxdoland.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Sat, 09 Nov 2024 06:45:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 42
Connection: keep-alive
Location: https://mafiasex.cc
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx

mafiasex.cc/css/main.css

188.114.96.1

200 OK

716 kB

URL GET HTTP/3
mafiasex.cc/css/main.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mafiasex.cc/register
Certificate
IssuerGoogle Trust Services
Subjectmafiasex.cc
FingerprintA2:86:CB:0F:44:8D:C9:ED:A2:B0:C4:2D:3F:E4:7A:44:97:45:C8:F7
ValidityThu, 07 Nov 2024 17:09:52 GMT - Wed, 05 Feb 2025 17:09:51 GMT

File type
ASCII text, with CRLF line terminators
Size
716 kB (716273 bytes)
Hash
a77425c2d0ec997e4e3e8c7be183a86a
f851e3c0bacfd526a594b31f2a0e0f708a291621
ce72d06429bf9205c3580ac93691130a4c6f25c0e652de035a3a135768dc379f

HTTP Headers

GET /css/main.css HTTP/1.1
Host: mafiasex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mafiasex.cc/register
Cookie: connect.sid=s%3AOEsXW_wP6IP2TYlz_Ha3SnS16LoyaVEg.V4V6cqnaEzz28LE7NxkRngmMAcPqeCjxTcZN4b%2Bg47A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 09 Nov 2024 06:45:12 GMT
content-type: text/css; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=14400
last-modified: Fri, 25 Oct 2024 08:49:40 GMT
etag: W/"587e-192c2ddfc40"
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8IzQvdXvpkg%2BdzwNt0U9eZ3b6VNwbira%2B5rHkuxbqUaULvQqkmM78jItETID%2F97%2B9Wuy8KQfZcYjH9WzzDNJFDAJ38yyQwUDETCloxhj%2F%2BNNuRX1%2Fade7oxnYji6Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8dfbd6b14c70b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21299&sent=14&recv=8&lost=0&retrans=0&sent_bytes=5731&recv_bytes=1519&delivery_rate=2297&cwnd=12000&unsent_bytes=0&cid=ffa6dd8885a31d36&ts=862&x=1", cfExtPri, cfHdrFlush;dur=0

mafiasex.cc/favicon.ico

188.114.96.1

301 Moved Permanently

43 B

URL GET HTTP/3
mafiasex.cc/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mafiasex.cc/register
Certificate
IssuerGoogle Trust Services
Subjectmafiasex.cc
FingerprintA2:86:CB:0F:44:8D:C9:ED:A2:B0:C4:2D:3F:E4:7A:44:97:45:C8:F7
ValidityThu, 07 Nov 2024 17:09:52 GMT - Wed, 05 Feb 2025 17:09:51 GMT

File type
ASCII text, with no line terminators
Size
43 B (43 bytes)
Hash
55522fdc37f6dca7385b20332322e842
cae00cb10d2e6ce6b7122cbbbaa6d230bdd3e3a8
3399c8130bc08a1f67dd11f6e2c28c0a1f77ae9a35ad0c45b6f6ca6685d60e21

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mafiasex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mafiasex.cc/register
Cookie: connect.sid=s%3AOEsXW_wP6IP2TYlz_Ha3SnS16LoyaVEg.V4V6cqnaEzz28LE7NxkRngmMAcPqeCjxTcZN4b%2Bg47A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Sat, 09 Nov 2024 06:45:13 GMT
content-type: text/plain; charset=utf-8
content-length: 43
x-powered-by: Express
location: /register
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b8R8I96nVnR1B1gkPCkN3cn1FawoJdAN%2BfcRhJrb9jgpNOWpmOqxHXtEMstTEB4%2BBHGHhv3gGjZjo9%2F6Otkx7J78nGH37tu47Q3xQNnmTfOmc85umep1KLYlUtbF7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8dfbd6b5a8e8b511-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20849&sent=20&recv=10&lost=0&retrans=0&sent_bytes=11310&recv_bytes=1910&delivery_rate=313636&cwnd=12000&unsent_bytes=0&cid=ffa6dd8885a31d36&ts=1441&x=1", cfExtPri, cfHdrFlush;dur=0

mafiasex.cc/register

188.114.96.1

200 OK

6.6 kB

URL User Request GET HTTP/2
mafiasex.cc/register
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmafiasex.cc
FingerprintA2:86:CB:0F:44:8D:C9:ED:A2:B0:C4:2D:3F:E4:7A:44:97:45:C8:F7
ValidityThu, 07 Nov 2024 17:09:52 GMT - Wed, 05 Feb 2025 17:09:51 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
6.6 kB (6551 bytes)
Hash
364f768e10a94071ca0710c973cc157c
465e32a1e0927d425368dbf0bdee2677dce2f772
7183afb22793a71c800519d395e74b65709f7a2ae26f237eed65313b537ec818

HTTP Headers

GET /register HTTP/1.1
Host: mafiasex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mafiasex.cc/register
DNT: 1
Connection: keep-alive
Cookie: connect.sid=s%3AOEsXW_wP6IP2TYlz_Ha3SnS16LoyaVEg.V4V6cqnaEzz28LE7NxkRngmMAcPqeCjxTcZN4b%2Bg47A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 09 Nov 2024 06:45:13 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
cf-cache-status: DYNAMIC
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sYHRJN9EWkwh0FzDUIZSY2www%2FiLer%2BTo9mxf9vdrueaAspK7W7IfGCVdBCq7EV9nFNriRtkqMZIyn43fJ6FxsQgNet8o25a9Vf3Ikg10zkNWoZfJMmxNFmET41bWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8dfbd6b80ad9b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21341&sent=22&recv=12&lost=0&retrans=0&sent_bytes=12073&recv_bytes=2299&delivery_rate=1933&cwnd=12000&unsent_bytes=0&cid=ffa6dd8885a31d36&ts=1666&x=1", cfExtPri, cfHdrFlush;dur=0

img001.prntscr.com/file/img001/UI_ecKNDQ4WvDgKGGmZNTA.png

104.23.140.12

200 OK

712 kB

URL GET HTTP/2
img001.prntscr.com/file/img001/UI_ecKNDQ4WvDgKGGmZNTA.png
IP
104.23.140.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mafiasex.cc/register
Certificate
IssuerGoogle Trust Services
Subjectprntscr.com
FingerprintA9:D0:1A:5D:A2:44:81:D1:15:41:D5:4D:03:A8:0C:A7:D2:85:72:37
ValidityTue, 24 Sep 2024 23:26:49 GMT - Mon, 23 Dec 2024 23:26:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
712 kB (711556 bytes)
Hash
1e9dbd836c8d2ec0aefbb56982cd1617
0ee7d79bb472fd95313802f993ed48a59b325e43
a500e9e930cbb1774654d71f0aa53f0755bc430228f65879b05f212218ba62e9

HTTP Headers

GET /file/img001/UI_ecKNDQ4WvDgKGGmZNTA.png HTTP/1.1
Host: img001.prntscr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mafiasex.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Nov 2024 06:45:13 GMT
content-type: image/webp
content-length: 711556
cache-control: max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1998490
content-disposition: inline; filename="UI_ecKNDQ4WvDgKGGmZNTA.webp"
strict-transport-security: max-age=63072000
vary: Accept
x-bz-upload-timestamp: 1729830571187
x-bz-content-sha1: 9ff1a48d6916e93e54af8c1558da7f98f2662643
x-bz-file-id: 4_z51bcbe33c7b20fe37efb0b11_f11423f1338c41976_d20241025_m042931_c004_v0402016_t0048_u01729830571187
x-bz-file-name: UI_ecKNDQ4WvDgKGGmZNTA.png
last-modified: Fri, 25 Oct 2024 04:29:35 GMT
cf-cache-status: HIT
age: 1231698
accept-ranges: bytes
server: cloudflare
cf-ray: 8dfbd6b4dc350b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mafiasex.cc/js/main.js

188.114.96.1

200 OK

2.9 kB

URL GET HTTP/3
mafiasex.cc/js/main.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mafiasex.cc/register
Certificate
IssuerGoogle Trust Services
Subjectmafiasex.cc
FingerprintA2:86:CB:0F:44:8D:C9:ED:A2:B0:C4:2D:3F:E4:7A:44:97:45:C8:F7
ValidityThu, 07 Nov 2024 17:09:52 GMT - Wed, 05 Feb 2025 17:09:51 GMT

File type
ASCII text, with very long lines (3065), with no line terminators
Size
2.9 kB (2893 bytes)
Hash
0987f9bb6a1e823812f2d5d37a8cf39c
86abba38b53ec0720f72c449335316bdb71d03cc
816c5b4ed5b826f3b23df9c8a29108ec0ea8e64849c9a9677833751d8804da27

HTTP Headers

GET /js/main.js HTTP/1.1
Host: mafiasex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mafiasex.cc/register
Cookie: connect.sid=s%3AOEsXW_wP6IP2TYlz_Ha3SnS16LoyaVEg.V4V6cqnaEzz28LE7NxkRngmMAcPqeCjxTcZN4b%2Bg47A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 09 Nov 2024 06:45:12 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=14400
last-modified: Sat, 09 Nov 2024 00:54:58 GMT
etag: W/"b4d-1930e6ac33a"
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=88RYlCUdoGEAndIBqnGqsO39lY5uEzugze0KooUj1sVr0uA1vAqHuFRlaZkySp2MnjhiqbGdNDEbRjZWBtY8RTT5PMvlSvOS1SoLw3ipoZmxDKIqbP60WyVXFcsv1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8dfbd6b15c78b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21832&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4069&recv_bytes=1476&delivery_rate=24461&cwnd=12000&unsent_bytes=0&cid=ffa6dd8885a31d36&ts=762&x=1", cfExtPri, cfHdrFlush;dur=0

5kteens.cc/free/intro.mp4

104.21.86.137

206 Partial Content

68 kB

URL GET HTTP/2
5kteens.cc/free/intro.mp4
IP
104.21.86.137:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mafiasex.cc/register
Certificate
IssuerGoogle Trust Services
Subject5kteens.cc
Fingerprint17:FE:68:C5:91:E6:19:E7:A3:F7:2E:9A:E7:82:14:77:81:EE:8A:66
ValidityThu, 07 Nov 2024 17:04:02 GMT - Wed, 05 Feb 2025 17:04:01 GMT

File type
ISO Media, Apple QuickTime movie, Apple QuickTime (.MOV/QT)
Size
68 kB (67779 bytes)
Hash
221767d5b4e16a0994bed107b195fca6
44fd4d79e8c38f14a811b88bee99d6906e2fa63f
d915d067566075eb4e10054ad93dbd696c5353ee22823ae735c8b7af0e2f9654

HTTP Headers

GET /free/intro.mp4 HTTP/1.1
Host: 5kteens.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://mafiasex.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Sat, 09 Nov 2024 06:45:13 GMT
content-type: video/mp4
content-length: 7432455
x-powered-by: Express
cache-control: public, max-age=14400
last-modified: Wed, 06 Nov 2024 00:15:17 GMT
etag: W/"716907-192fed35aa4"
cf-cache-status: EXPIRED
content-range: bytes 0-7432454/7432455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C6OwJwGms2jT7syjV5yrtY6B3G5V9GuehKAhdz2s5xruvyYFtPgz9EvVBvPEXtqid202fuRr6PEpMoW095ZkCHARr69oo91M8ENVloO%2FnE3CmCyRPo%2B%2FFtzQkkYt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8dfbd6b27a727129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=28869&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3269&recv_bytes=1235&delivery_rate=210761&cwnd=254&unsent_bytes=0&cid=df96a496304673db&ts=426&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (9)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP