Report - www.rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=55&linkID=2564&to=https://www.rosequake.com/Masturbation-Cup-Category-1096.html&userID=0&em=cristian.stefanov@slurpmail.net&taskItemID=44805985

Report Overview

Submitted URL
www.rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=55&linkID=2564&to=https://www.rosequake.com/Masturbation-Cup-Category-1096.html&userID=0&em=cristian.stefanov@slurpmail.net&taskItemID=44805985
IP
104.21.73.37
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 21:50:28
Access
public
Website Title
Take you to next level of pleasure | Masturbation Cup
Final URL
www.rosequake.com/Masturbation-Cup-Category-1096.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
84

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
global.akating.com	unknown	2023-05-01	2023-12-04	2024-02-04	3.6 kB	275 kB	104.21.11.35
www.rosequake.com	unknown	2023-10-03	2023-10-15	2024-04-18	27 kB	2.0 MB	172.67.157.116
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-06	893 B	42 kB	104.17.24.14
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-07	1.3 kB	293 kB	142.250.74.168
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	561 B	1.8 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-07	1.6 kB	27 kB	216.58.207.227
cbu01.alicdn.com	44205	2008-06-25	2015-04-17	2024-04-30	1.5 kB	50 kB	163.181.49.229
we.chatsoftly.com	unknown	2020-10-01	2021-03-08	2024-01-25	877 B	13 kB	172.67.194.34
img.fantaskycdn.com	unknown	2023-07-04	2023-07-27	2024-05-04	3.2 kB	1.9 MB	104.18.20.211
img.staticdj.com	53607	2018-11-09	2019-04-04	2024-05-04	455 B	81 kB	104.19.234.103

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed
2024-05-07	medium	rosequake.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (37)

	URL	Size	First Seen	Last Seen
	unknown	247 B	2024-05-07	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 23:50:30 Last Seen2024-05-07 23:50:30 Times Seen1 Hash e5dbc9d5b03467098312dc4c68a7c5a4 39ae83c2d7f9729ec0de5c1e545d123e4eccd2e0 83b2239a9a008b53b157076e19e0347b2a6a1092bece2b7b1fda4323b0cddf3c Loading...

	www.googletagmanager.com/gtag/js?id=AW-16555460204	253 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtag/js?id=AW-16555460204 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 23:50:30 Last Seen2024-05-07 23:50:31 Times Seen2 Hash b281eed0d5b08056197a1d65e346307a 0aba115a1ded0d367d07531cca798e8aee59a6ec d0912efe83f2fd3d0a2086810c56f534a44d24cc6d674cd2a980d7ef7f796aca Loading...

	www.rosequake.com/static/lib/fancybox/fancybox.umd.js?v=cac202405-20240508	105 kB	2023-03-12	2024-05-07
Pretty URL www.rosequake.com/static/lib/fancybox/fancybox.umd.js?v=cac202405-20240508 IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:59:38 Last Seen2024-05-07 23:50:31 Times Seen182 Hash b01da78c5d4905c9961b0f6edfa28c3f e51d3d15baa13e0cda9b2e6637925c74c8655a4c 691ffb9a7ea68f1b92aa89bfd4392bfe7de445a153c28ef4268aa192215d3ef7 Loading...

	www.rosequake.com/theme.js?v=cac202405-20240508	0 B	2023-03-07	2024-05-19
Pretty URL www.rosequake.com/theme.js?v=cac202405-20240508 IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 23:02:32 Times Seen37845948 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.rosequake.com/static/lib/bootstrap/bootstrap.bundle.min.js?v=cac202405-20240508	78 kB	2023-12-04	2024-05-07
Pretty URL www.rosequake.com/static/lib/bootstrap/bootstrap.bundle.min.js?v=cac202405-20240508 IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 05:12:13 Last Seen2024-05-07 23:50:30 Times Seen91 Hash 7c3370c19aed9766605c93574799e4a7 2d6f25f07abdb7c3cf829c0dbcec6604e62fabb8 26d75c48e2dc074b3250f569868f7ee721ab397202d7f1b0e98783ac29024778 Loading...

	cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.min.js	148 kB	2023-11-22	2024-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-22 19:21:36 Last Seen2024-05-10 19:47:19 Times Seen453 Hash 1aba3b60641d8dc579dca329a28d74d8 1a54fa817a49108dfdf2e75ce2ae507f007ac2bd 6942f0873b6a7108e18a983b4192ad469011a8131317f88161d6f0917058da22 Loading...

	www.rosequake.com/js/layer.mobile/layer.js?v=cac202405-20240508	3.3 kB	2023-03-08	2024-05-07
Pretty URL www.rosequake.com/js/layer.mobile/layer.js?v=cac202405-20240508 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:53:50 Last Seen2024-05-07 23:50:30 Times Seen185 Hash dd2d9abc4f31f7e0b5eadde59641632e 98b28a118b5211190bf368bd437d8a26e752fa63 772e7cd4bcdb897178cadf50cd8a97f99fcfc39027c02fb4ff20b7fe053d2af3 Loading...

	www.rosequake.com/Masturbation-Cup-Category-1096.html	240 B	2024-05-07	2024-05-07
Pretty URL www.rosequake.com/Masturbation-Cup-Category-1096.html IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 23:50:30 Last Seen2024-05-07 23:50:30 Times Seen1 Hash 6c91da3c3daf7687430acb6765b4b56f 5929ae82c656db3feb87d8a2811d4292b35f387b 2f18c12fdf4ab78b94acef1f94dc25a14ea2d551c4de6bb144f89a6ed0a916fe Loading...

	www.rosequake.com/static/lib/jquery/jquery.min.js?v=cac202405-20240508	90 kB	2023-03-07	2024-05-19
Pretty URL www.rosequake.com/static/lib/jquery/jquery.min.js?v=cac202405-20240508 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:21 Last Seen2024-05-19 17:01:25 Times Seen6141 Hash 3e4bb227fb55271bfe9c9d4a09147bd8 156837f75f6600ccb602b4efcbd393636c33f35e ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127 Loading...

	www.rosequake.com/static/assets/js/theme.js?v=cac202405-20240508	90 kB	2024-04-14	2024-05-07
Pretty URL www.rosequake.com/static/assets/js/theme.js?v=cac202405-20240508 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 17:07:32 Last Seen2024-05-07 23:50:30 Times Seen9 Hash c5469e9f0e448739e77e540bd0f1d8f5 8527e3f640254d4b9c23d5cc4f9cb205298eec58 dbabd00d3fa2893d1bef0085bc67ddb5624e3cfd72064d07f4b67bd63a011ba0 Loading...

	www.rosequake.com/Masturbation-Cup-Category-1096.html	139 B	2023-12-04	2024-05-07
Pretty URL www.rosequake.com/Masturbation-Cup-Category-1096.html IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 05:12:13 Last Seen2024-05-07 23:50:30 Times Seen85 Hash d888b7dce91313ad0e18328e56ea960e e8dfb007865f0cb0eab1dfcb8c6b26257edfa5d4 77e0e4c16a2b35f0a7914440333d62bc43e022894f01f7eee10b508b41916c5d Loading...

	global.akating.com/files/Country_list.js	55 kB	2023-06-05	2024-05-07
Pretty URL global.akating.com/files/Country_list.js IP 104.21.11.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 16:31:36 Last Seen2024-05-07 23:50:31 Times Seen269 Hash 3dd00c1468c48f40ac11cf9715d34831 98691de8e84697877dfdbf2f9e87149621c64656 0512d7cec7a4d88356a2b50d5254c7884ad61cd7f343c8add98a4c8a4ca77eb2 Loading...

	www.rosequake.com/js/video.min.js	626 kB	2023-10-25	2024-05-07
Pretty URL www.rosequake.com/js/video.min.js IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-25 18:32:24 Last Seen2024-05-07 23:50:30 Times Seen3203 Hash f50c31011e4900174758bb688253b0b3 f15c8636f7dcd7f25798dd2d4a710f4f5fbcfd1a 0990b905d2a411a8f29c0502458419b91932e740cc66b1aca128179cbede5867 Loading...

	global.akating.com/static/js/pixel2023.js?v=cac202405-20240508	15 kB	2024-04-14	2024-05-07
Pretty URL global.akating.com/static/js/pixel2023.js?v=cac202405-20240508 IP 104.21.11.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 17:07:33 Last Seen2024-05-07 23:50:30 Times Seen8 Hash 55caa443ca265ca0fb1ae279f2a1424a 910a9db14412df58603904d833221539e97f49a9 2d2cc3835eafb7da2b1e9f081a829ebaedd3884fec4678c0f959240f0148259a Loading...

	www.rosequake.com/Masturbation-Cup-Category-1096.html	580 B	2023-12-04	2024-05-07
Pretty URL www.rosequake.com/Masturbation-Cup-Category-1096.html IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 05:12:13 Last Seen2024-05-07 23:50:30 Times Seen82 Hash fa21ca3a1077139321e2ec87955b1b37 853d0421f8583fbc3590a811f47c26bb37fa4d30 19d13b8c90c45b4123133652777fd0b8d1587620791fba3e6dade212123a20a1 Loading...

	www.rosequake.com/Masturbation-Cup-Category-1096.html	514 B	2024-01-26	2024-05-07
Pretty URL www.rosequake.com/Masturbation-Cup-Category-1096.html IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-26 08:07:04 Last Seen2024-05-07 23:50:30 Times Seen25 Hash 483f0e24a33019e509445763cbb41ca2 3fbdebb21701379d1f1837a7b9d50cf9f9b80696 097e2dc1bfd556c4fa972f9f9b1a84a10948815ed025815547d832a7e4bba58e Loading...

	global.akating.com/files/js/chosen_v1.8.7/chosen.jquery.js?v=cac202405-20240508	48 kB	2023-06-05	2024-05-07
Pretty URL global.akating.com/files/js/chosen_v1.8.7/chosen.jquery.js?v=cac202405-20240508 IP 104.21.11.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 01:53:35 Last Seen2024-05-07 23:50:31 Times Seen329 Hash 89081048f3bf7c9d5985d79e4976f359 50bb8dde91c4f95c98716d7d702617dbea18bbc7 811ec63ebf47f8ccdafdc6c39280dff6c51b980b2a94547a8b78a3e6cc0b853f Loading...

	www.rosequake.com/static/lib/imagesloaded/imagesloaded.pkgd.min.js?v=cac202405-20240508	5.5 kB	2023-03-07	2024-05-13
Pretty URL www.rosequake.com/static/lib/imagesloaded/imagesloaded.pkgd.min.js?v=cac202405-20240508 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:01 Last Seen2024-05-13 20:39:23 Times Seen208 Hash 919bcd36ba45f4ae408e47ad200e0cc9 de12adeba034b0e200f9a13623852f1e2cdadb4a 86dacb15f649eafe6e74e1bede434b20d20a87682fa0aab01211d87d34cc2027 Loading...

	www.rosequake.com/js/shop-section.js?v=cac202405-20240508	6.2 kB	2024-01-26	2024-05-07
Pretty URL www.rosequake.com/js/shop-section.js?v=cac202405-20240508 IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-26 08:07:04 Last Seen2024-05-07 23:50:30 Times Seen89 Hash f4951f4e71c1c1bb2f827cdf67a8c776 78b2c4dbb590cd7c48631d122811f5771f7aa144 2c48f56878c7993437b89b5301553b57a355d2a78d10189ac741ac863403d2ae Loading...

	we.chatsoftly.com/agents/free.aspx?im_web_plugin_id=9&session_key=&callback=udesk_jsonp1	37 B	2023-06-05	2024-05-07
Pretty URL we.chatsoftly.com/agents/free.aspx?im_web_plugin_id=9&session_key=&callback=udesk_jsonp1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 01:53:35 Last Seen2024-05-07 23:50:30 Times Seen69 Hash 2340270b44c4f2964eb0e17206b3a582 8309674514d49077801f890267f8ac288a4568a0 52503cf89f8cbacfa024c499e1c360d8af8e91e125fdb5b0266e20f0e9361167 Loading...

	www.rosequake.com/static/lib/jquery.cookie/jquery.cookie.min.js?v=cac202405-20240508	1.7 kB	2023-12-04	2024-05-07
Pretty URL www.rosequake.com/static/lib/jquery.cookie/jquery.cookie.min.js?v=cac202405-20240508 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 05:12:13 Last Seen2024-05-07 23:50:30 Times Seen112 Hash c2eb525e61d576ee386ba1adfaf736a7 db0ace78f4a6a2591545eeacb92c02d2022846d3 ab1ee99f22f107c9ae1559c920a1b7fe6cf89ec0c355a27be23669f688bf0350 Loading...

	global.akating.com/files/js/CBDCurrency.js?v=cac202405-20240508	44 kB	2024-01-26	2024-05-07
Pretty URL global.akating.com/files/js/CBDCurrency.js?v=cac202405-20240508 IP 104.21.11.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-26 08:07:03 Last Seen2024-05-07 23:50:30 Times Seen89 Hash c73913b780929827b9a190789a20629b 1f3e6c1a79937ad912d7a6eb89ec8ee360b08891 d8e48467b7f74e788ac4ddc0bf5b68c0d84029c0de3f50e3f61b5f9e8fa79045 Loading...

	www.rosequake.com/static/base.js?v=cac202405-20240508	87 kB	2024-05-07	2024-05-07
Pretty URL www.rosequake.com/static/base.js?v=cac202405-20240508 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 23:50:30 Last Seen2024-05-07 23:50:30 Times Seen1 Hash 03c39bdefd00d4363963415fcad67bb2 5b9354b74d268baa326571d113f563e5a56eb4c0 3b99b86fb3c855ce0c9d8465b6907fba62bf29d277b9b3a0f82aa58f7f8869fa Loading...

	we.chatsoftly.com/js/im_load.js	6.9 kB	2023-10-18	2024-05-07
Pretty URL we.chatsoftly.com/js/im_load.js IP 172.67.194.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-18 00:57:13 Last Seen2024-05-07 23:50:30 Times Seen56 Hash 05370ad5f996d6599c6cffd4c5573b60 e4ff70b8b25df55ce5b59feec6e8ac2ceeb3edb6 c3574b06ff865ce5eee8b5165c241490ec648b4cfc634c44925e8a46dfe2d084 Loading...

	www.rosequake.com/static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac202405-20240508	36 kB	2023-03-07	2024-05-18
Pretty URL www.rosequake.com/static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac202405-20240508 IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2024-05-18 19:30:13 Times Seen1717 Hash 5fb7c19c9c51cfb99f5ff942629f0f21 14c7f59e73d2a99aa688c2443a9a9b24acbff43c a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc Loading...

	we.chatsoftly.com/spa1/im_web_plugins/out_config.aspx?id=9&company_code=RoseQuake&language=en-us&session_key=&callback=udesk_jsonp0	2.9 kB	2024-04-18	2024-05-07
Pretty URL we.chatsoftly.com/spa1/im_web_plugins/out_config.aspx?id=9&company_code=RoseQuake&language=en-us&session_key=&callback=udesk_jsonp0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:24:57 Last Seen2024-05-07 23:50:30 Times Seen7 Hash 6c3948ad373d8ae7a243a0e281a54ba4 5dbac628298993c2842f8cbe0af10dabd9eae976 47f52bbc5d89e0fd25786a55e8bfb2907e72afaa00a0ae8f69dc8da30ff324b9 Loading...

	www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac202405-20240508	38 kB	2023-06-05	2024-05-07
Pretty URL www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac202405-20240508 IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 01:53:35 Last Seen2024-05-07 23:50:31 Times Seen329 Hash b74c18de0056ed87c5e712eb21074f98 fc1fa797cac8bb89a1416aa2662b2cd74d851d60 4502cf3c096b98c6ed963242ce158fce517d3afd00982d2a8daddce91f30375a Loading...

	we.chatsoftly.com/im_client/js/udeskApi.js	122 kB	2023-06-05	2024-05-07
Pretty URL we.chatsoftly.com/im_client/js/udeskApi.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 01:53:35 Last Seen2024-05-07 23:50:30 Times Seen111 Hash c3413a3ebda904b58eb82daf145ba474 4b4f909b034b4816e57915560fcd2df55e29885c b7a49d36850d3d1b0602e9be2e7489d109787bd66dc9445ceeb23b7254d73b9a Loading...

	www.rosequake.com/static/lib/bootstrap/popper.min.js?v=cac202405-20240508	19 kB	2023-12-04	2024-05-07
Pretty URL www.rosequake.com/static/lib/bootstrap/popper.min.js?v=cac202405-20240508 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 05:12:13 Last Seen2024-05-07 23:50:30 Times Seen178 Hash 777f8a32fe7ad62a6c5f1e649bc3616e 41feeaacdff5f9714848b7bbe55739185462f2ab 7a409fd037337862ad8373afd1e77781984d6961c90c00d901ae04664768b01b Loading...

	www.rosequake.com/static/lib/slick-carouse/slick.min.js?v=cac202405-20240508	44 kB	2023-03-07	2024-05-18
Pretty URL www.rosequake.com/static/lib/slick-carouse/slick.min.js?v=cac202405-20240508 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:48 Last Seen2024-05-18 16:50:22 Times Seen1153 Hash 04f7e97a54f61407f230196b17a3b5c8 e3d1d3bdc40c2e3788e2b83b1cf70084e330eaa3 254d80a49d0c9fced2fd0c272e7b868ca726df8189dc9c5735c56a33e7853dfc Loading...

	global.akating.com/files/ExchangeRate.js?v=cac202405-20240508	11 kB	2023-11-28	2024-05-07
Pretty URL global.akating.com/files/ExchangeRate.js?v=cac202405-20240508 IP 104.21.11.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 17:07:54 Last Seen2024-05-07 23:50:31 Times Seen199 Hash fc715516fb030cd6858f16981ad2650c 9dc67c87ac8e4933d978c9b11a57b61d0755c6a2 c17ded04681c173e9e34c83d8666542405c276bf078da5ec06adf12ac815bbe7 Loading...

	www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z	306 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 23:50:30 Last Seen2024-05-07 23:50:31 Times Seen2 Hash 9a9b5ee83594f00fbb7f2779da13d64a cd784a3d46f70d292a954d1645681fd9a0c2eb1a 3a46bffe9e557cca2b04766f5345226578261122a29a4c4ee76c8c0112017bf6 Loading...

	www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c	306 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 23:50:30 Last Seen2024-05-07 23:50:31 Times Seen2 Hash df6ebefe866995e9dded328ea55ce85d ff22454df03b5197b3e45cd20683b2208f50649e b0da42468f7d53d01a0df56b1ff72646adbedceda8fdbe13dda190cdca598857 Loading...

	www.rosequake.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-05-07	2024-05-07
Pretty URL www.rosequake.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 23:38:43 Last Seen2024-05-07 23:50:31 Times Seen4 Hash f93e06d4c4341cefd6d145257712828f e60a1097f9e822d37f5bfde4b037bf8e714d916a 57b43dee0b1805c7fa1efb99296ddbd4446b36ae5d834ac9955da6b3f5f4951a Loading...

	www.rosequake.com/static/lib/jquery.elevateZoom/jquery.elevateZoom.min.js?v=cac202405-20240508	3.3 kB	2023-12-04	2024-05-07
Pretty URL www.rosequake.com/static/lib/jquery.elevateZoom/jquery.elevateZoom.min.js?v=cac202405-20240508 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 05:12:13 Last Seen2024-05-07 23:50:30 Times Seen111 Hash c4ab6fa36490a0cccc26ac7bbdd04c89 84c2e019f93a8db7c1607d6d9a74e3f2f9f11e00 f83b8845cc1020d205c0e74e9d68882bdda292334a8d4e4c9cddf5d7ce07e3d7 Loading...

	www.rosequake.com/Masturbation-Cup-Category-1096.html	278 B	2024-01-26	2024-05-07
Pretty URL www.rosequake.com/Masturbation-Cup-Category-1096.html IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-26 08:07:04 Last Seen2024-05-07 23:50:30 Times Seen24 Hash c8a325392a15beecab0220489ef51af3 99eb5dd7e5e1a0e2af406717c02889be82a95076 c3b8f2d81e8070a71e6f5ddb9775b0169f79a7f2677f672b074f74030469ba3e Loading...

	www.rosequake.com/Masturbation-Cup-Category-1096.html	1.1 kB	2024-05-07	2024-05-07
Pretty URL www.rosequake.com/Masturbation-Cup-Category-1096.html IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 23:50:30 Last Seen2024-05-07 23:50:30 Times Seen1 Hash 27e8eb1dbf1f95ac9c4adeeaf680135c d0c98f37d6a18f1d805b37fac8c3dee9dde0496e 9ece9e8da304e0ff189ada29a4ff34bdd8058b7e35d2a06481dbcec3b40d0486 Loading...

HTTP Transactions (72)

URL IP Response Size

www.rosequake.com/images/RoseQuake.png

172.67.157.116

200 OK

114 kB

URL GET HTTP/3
www.rosequake.com/images/RoseQuake.png
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
PNG image data, 540 x 410, 8-bit/color RGBA, non-interlaced
Size
114 kB (113985 bytes)
Hash
b997cd9eaa87e5814d06814c9b8dff7a
20769ae44e304fde943d84b3cbc8c6137630a6ec
75a534c6e3aacab57d49bc39fe6abc0f96b6e71461da7c9337e7d9b49967d916

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/RoseQuake.png HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: image/png
content-length: 113985
last-modified: Sat, 07 Oct 2023 23:46:41 GMT
etag: "b2b35f8578f9d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bx49b5WmRcW2Srv2Lz09WYG0OjIZhtkQtBPBbCpiSxxX11CfV4d40RbsjAZhqOUc6U9JCG7oPe9Fptekvq%2FqQ3NI8seaxK4iP%2BlIKkymH6ry7QmPFoS5Q5HFAbzyBIS5mApoxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c5cd8b80b69-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/images/banner/ForHim.jpg

172.67.157.116

16 kB

URL
www.rosequake.com/images/banner/ForHim.jpg
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JPEG image data, progressive, precision 8, 250x370, components 3
Size
16 kB (16225 bytes)
Hash
0bcb0688e586ccd6e854a96e1a6d3735
fab6cdd1c8a300cca54be5949e81be0f7a8d1240
ec731030ef100326fa916f2d77806ff11285cd9568ae227c160b207709ff5f4e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/banner/ForHim.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: image/jpeg
content-length: 16225
last-modified: Wed, 06 Dec 2023 18:13:34 GMT
etag: "b6d238ed6f28da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iv0oE8EWYtsAmOiEyl4iHyuucbuGGxrtX43G8ix8KrQapptb0V9yQA6z5RH53si5GBTlSd3wC5McHlig%2F0CFf%2BCVsBa%2B90%2FSszOqkUrQLjM4xfPwnwYF69SZfeB%2BgE%2FFKpCEZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c5cd8b90b69-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/images/banner/ForHer.jpg

172.67.157.116

200 OK

16 kB

URL GET HTTP/3
www.rosequake.com/images/banner/ForHer.jpg
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JPEG image data, progressive, precision 8, 250x370, components 3
Size
16 kB (15810 bytes)
Hash
8781648f65a20f75389e7d4087a1f125
52fa3cd0a42e4817ca66784c6e221da3f812d862
fc7e4d8c9b6226b2c4036191a0e0b154903adfe269086ea2e958d303eb33768e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/banner/ForHer.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: image/jpeg
content-length: 15810
last-modified: Wed, 06 Dec 2023 18:14:06 GMT
etag: "8ce12807028da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yUYdjoh9%2BAa6J4sXboOGeDuDhI78WGOMgECUtauCYdwNZ%2B3F4%2BvCU5tj6UEmxDd7QHqcudKtZfkKl4NWhAasEaZ2ljQA8jDezsGpjdaDOcZOByl%2BVWl%2Bq7RnSc0Vpz%2BxiG%2FD6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c5cd8c40b69-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/images/banner/Couple.jpg

172.67.157.116

16 kB

URL
www.rosequake.com/images/banner/Couple.jpg
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JPEG image data, progressive, precision 8, 250x370, components 3
Size
16 kB (16499 bytes)
Hash
ec033fa43120a42803c965454f25ddea
6d4779f8b929123af1a8984271093b3c3e43a091
f4de491f8f691d2554bbbfb1aa7fd479aa50fdcb133486889cfe4776f57e54df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/banner/Couple.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: image/jpeg
content-length: 16499
last-modified: Wed, 06 Dec 2023 18:14:19 GMT
etag: "6e7f1387028da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g918qDrwttpjW0SfXZej6Jw1I924aC7idbJphpQn%2Bn8i7mnoUzOUGA7i4VZ2c5C%2F0IbTceWu1czqd9kTvLb2hCKtpvjCEoJmBMltUVTBvUs03FgktLbVbTIg%2FXWmvTBtEMaQeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c5cd8c80b69-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.min.js

104.17.24.14

200 OK

36 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65278)
Size
36 kB (35885 bytes)
Hash
1aba3b60641d8dc579dca329a28d74d8
1a54fa817a49108dfdf2e75ce2ae507f007ac2bd
6942f0873b6a7108e18a983b4192ad469011a8131317f88161d6f0917058da22

HTTP Headers

GET /ajax/libs/Swiper/11.0.5/swiper-bundle.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 35885
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "655ecea0-8c2d"
last-modified: Thu, 23 Nov 2023 04:01:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 104426
expires: Sun, 27 Apr 2025 21:50:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NKbzj6LmqfussCXwPh6Ymn7AmB7%2FRUqMkE8SBtaaq9IHuj9Tk4CuKFqCp3UbQVTtx7DQXZeGEK5U1YlmNVdLpbEm%2BBeJ8xRxOm62XAYsIHrjhApyrzLaF6STPR0s7WwHBtsP4gce"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88046c5d3b480b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/images/banner/Lubes.jpg

172.67.157.116

26 kB

URL
www.rosequake.com/images/banner/Lubes.jpg
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=250], progressive, precision 8, 250x370, components 3
Size
26 kB (26501 bytes)
Hash
a9b60d0957a594aef6c5308ee1a7e7a3
7e8cf1b57078bd4a4ea67f9d6c9d6e6e71eab8c7
27850d7149f91cb4d4ddc03826a99af23ad2d111023d3cf6627f4c652a035d63

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/banner/Lubes.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: image/jpeg
content-length: 26501
last-modified: Wed, 06 Dec 2023 18:28:52 GMT
etag: "22fd64107228da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZzfWL%2F57ALTh%2BvJmBC3R8i7m5046%2BrraDPwVJ3WL76%2Fvnk%2B0kX7o8xMAJaXYJ4Idlgz3KIpL%2FXht%2BLFkDhyOGuri5YVt13q%2FW84Nq8guIE0r%2BR2Sd9rL4kWFU9CzeAd8tfAYBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c5cd8ca0b69-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/images/payments.png?v=2024

172.67.157.116

20 kB

URL
www.rosequake.com/images/payments.png?v=2024
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
PNG image data, 802 x 40, 8-bit/color RGBA, non-interlaced
Size
20 kB (20419 bytes)
Hash
39272cb90c4d5b581e46ace951fb3a0d
a390a20b0d1ed93e2ffea8cd618dd8a64f109589
6789019e8fd57ad764abdb5c85151ba653c590ab2c794f4bad63624779d19ca6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/payments.png?v=2024 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: image/png
content-length: 20419
last-modified: Fri, 03 May 2024 09:24:38 GMT
etag: "23975b83b9dda1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6X4wQV2%2Fnfg05I2RVAD0o3WT%2B0MhXNcnGYEBPrXMNZWODvVfkhfnyLcBGc5zrsBTrNqJYesjoub60WlHBKE0LMu%2BHLo3s6uKC1ZQE6nhLZg7REQTCBU1%2FrVyu%2Bz%2Bsy%2FyRBa1NA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c5ce8cc0b69-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/images/loading4.gif

172.67.157.116

6.6 kB

URL
www.rosequake.com/images/loading4.gif
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
GIF image data, version 89a, 60 x 60
Size
6.6 kB (6581 bytes)
Hash
ee3e67267342c680d45aa26e7a766e0a
456c0413f2d2d7b41218ecc02207c05c31ab4737
ddaf92bbcc4785ceb3b77454898fae6603a82a75ff1b646dd8c387e9bbeb9922

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/loading4.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: image/gif
content-length: 6581
last-modified: Wed, 13 May 2015 02:06:07 GMT
etag: "7c219c5f218dd01:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CCQFMdTqqDl6R%2BRVa%2BVKCL3GW5hpAHXzHm6YG2r52cGOUJeQFcsYIpuHGCNNssXMIinkEdu3O3m2laSJGtykJm7sN9IAT5zDzywGtl7YmrVkbFKlJVOogai0ti2dTuY%2BmTwxLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c5ce8cd0b69-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.css

104.17.24.14

200 OK

4.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2240)
Size
4.6 kB (4646 bytes)
Hash
dedb655afa22e72add3bc9f46bdbed8c
da69cab8478bbc98bd3f8cd3a75b8ca99ea2ff31
587a037b9ee024fa8e83e1a90c05cc0dcc4359c47a93173ea657f25d0480129c

HTTP Headers

GET /ajax/libs/Swiper/11.0.5/swiper-bundle.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/css; charset=utf-8
content-length: 4646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "655ecea0-1226"
last-modified: Thu, 23 Nov 2023 04:01:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 624328
expires: Sun, 27 Apr 2025 21:50:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3nFAoRtHXzsnIjZ4EcQdM5c%2BDAOt7h7e7ggK96Ts9o7rDr0Jy0VZVMxS63Wo%2FoIeCajRDmV6zrsD3vmf%2Bn1%2BT0A%2FMX48KRdTUF2Tj1AMuEOJXz8RGgHljW4OiX9m8FptzlZbf2z8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88046c5ddba20b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/theme.js?v=cac202405-20240508

172.67.157.116

0 B

URL
www.rosequake.com/theme.js?v=cac202405-20240508
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme.js?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: application/x-javascript
content-length: 0
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3cA50dilX9BCR%2BhC6Ph%2BR5TGBfaaYBYdHHuHxMBNtJIhj8h2OCYnjAU9PYuMKEWsJQsDOO8MJdxHssz16hsAhRUjvgp70%2FmSgf%2BUkyQTGNCGj9RUvNhzqZ2r95m0uDPIQkoo%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c5cd8b50b69-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=55&linkID=2564&to=https://www.rosequake.com/Masturbation-Cup-Category-1096.html&userID=0&em=cristian.stefanov@slurpmail.net&taskItemID=44805985

172.67.157.116

301 B

URL
www.rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=55&linkID=2564&to=https://www.rosequake.com/Masturbation-Cup-Category-1096.html&userID=0&em=cristian.stefanov@slurpmail.net&taskItemID=44805985
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
data
Size
301 B (301 bytes)
Hash
21c5bff7d0b3b9a171a130e4cdcf8736
5d1c382fd0befe718f7637323ad0239a9481c310
1d614c72e1c50f3b9ca61bb27638ae8dd4476f639e2df86f1baab8e7437ffef7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /PageCMS/NewsLetter_Click.aspx?edmID=55&linkID=2564&to=https://www.rosequake.com/Masturbation-Cup-Category-1096.html&userID=0&em=cristian.stefanov@slurpmail.net&taskItemID=44805985 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 07 May 2024 21:50:00 GMT
content-type: text/html; charset=utf-8
location: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
cache-control: private
set-cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; path=/; HttpOnly; SameSite=Lax
SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1; expires=Sun, 07-May-2034 21:50:00 GMT; path=/
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iYY78gQ8Y4wYrsscrpWMThXZljefNPMu1W%2B%2FKoNgHo1pmJZSFWFUPmhQ9uOCVaJ6DT61FIiQ0RoxlraUaBdEvxlbIM%2FLeVDgf3FgzbThhDIyZwas3apJnca72HCDsgiTt3pdcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c50989fb527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-16555460204

142.250.74.168

88 kB

URL
www.googletagmanager.com/gtag/js?id=AW-16555460204
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
88 kB (87509 bytes)
Hash
b281eed0d5b08056197a1d65e346307a
0aba115a1ded0d367d07531cca798e8aee59a6ec
d0912efe83f2fd3d0a2086810c56f534a44d24cc6d674cd2a980d7ef7f796aca

HTTP Headers

GET /gtag/js?id=AW-16555460204 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 21:50:02 GMT
expires: Tue, 07 May 2024 21:50:02 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87509
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.rosequake.com/theme.css?v=cac202405-20240508

172.67.157.116

200 OK

0 B

URL GET HTTP/3
www.rosequake.com/theme.css?v=cac202405-20240508
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme.css?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:02 GMT
content-type: text/css
content-length: 0
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FjR77ZsHEqlHs9Sf7GJ8ad1HJFhWceBXQ%2FY4LQynfhF9CAMCiG7xwqB81rN9JIHakTLFQ777%2FCGzjbcRRWufTQk5GufTmR6BS7Al6r%2F2gg%2Fia3PkpTnMMbqEsrVBsnJS%2Fz%2FSag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c5cc8b20b69-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z

142.250.74.168

200 OK

102 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
102 kB (101716 bytes)
Hash
9a9b5ee83594f00fbb7f2779da13d64a
cd784a3d46f70d292a954d1645681fd9a0c2eb1a
3a46bffe9e557cca2b04766f5345226578261122a29a4c4ee76c8c0112017bf6

HTTP Headers

GET /gtag/js?id=G-B1QS3P765Z HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 21:50:02 GMT
expires: Tue, 07 May 2024 21:50:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101716
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1210 bytes)
Hash
a5f97b45f01f034d4fce629eaa5e6a30
193d28494ffe2332c6e9140d578b8aa84c3bdf73
07cc68c56688877fe043fbbd1f00456cbc5a53302a0d2a369d69bed0202a4c5b

HTTP Headers

GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 21:50:02 GMT
date: Tue, 07 May 2024 21:50:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.css?v=cac202405-20240508

172.67.157.116

200 OK

9.5 kB

URL GET HTTP/3
www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.css?v=cac202405-20240508
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (15422)
Size
9.5 kB (9456 bytes)
Hash
b82ec717898908396b42e0c1a61913aa
fc446948bfed0cb2907aed714f9a4babf4a246aa
f6414e82ba7213ea861cdc0c5bff7b72a82a5e1fd484ee456dc6d4f8e4e0d795

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery-ui-1.13.1.custom/jquery-ui.min.css?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/css
last-modified: Tue, 05 Apr 2022 13:25:12 GMT
etag: W/"0ec294f048d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ah6BSuC7B%2BvQGN15QzzXvJlZbpUYLL1y6%2BR0SR1mmvoqJHn4%2FmFZQuJeg2WJrNKSb947MOhHFXiT41GpyH4Aj1gs2eVA2CucvqtBUZMDxuV9KIBqeN6EsB%2BInhKFVKQb9Fj1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5cf8e40b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac202405-20240508

172.67.157.116

16 kB

URL
www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac202405-20240508
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (37264)
Size
16 kB (16501 bytes)
Hash
b74c18de0056ed87c5e712eb21074f98
fc1fa797cac8bb89a1416aa2662b2cd74d851d60
4502cf3c096b98c6ed963242ce158fce517d3afd00982d2a8daddce91f30375a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: application/javascript
last-modified: Tue, 05 Apr 2022 21:33:12 GMT
etag: W/"d4c2c3c03449d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FeNxr5do2dkOqCgz6dDqGkRROTQH5lMsk0m8f2nov2tPpxzhsyiBpFQdqTVDXT3lTb9P%2FilruH5SQteRc%2FEuzuPPMz79qRjpF3Xy1SraWx8DbfahouSOaD3yUBfmm8F9WFFsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5cf8e00b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c

142.250.74.168

200 OK

102 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
102 kB (101703 bytes)
Hash
df6ebefe866995e9dded328ea55ce85d
ff22454df03b5197b3e45cd20683b2208f50649e
b0da42468f7d53d01a0df56b1ff72646adbedceda8fdbe13dda190cdca598857

HTTP Headers

GET /gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 21:50:03 GMT
expires: Tue, 07 May 2024 21:50:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101703
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.227

7.8 kB

URL
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:53:08 GMT
expires: Fri, 02 May 2025 01:53:08 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 503815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.rosequake.com/static/assets/sass/sidebar/sidebar.css?v=cac202405-20240508

172.67.157.116

200 OK

7.5 kB

URL GET HTTP/3
www.rosequake.com/static/assets/sass/sidebar/sidebar.css?v=cac202405-20240508
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (41614), with no line terminators
Size
7.5 kB (7490 bytes)
Hash
30514b5eb429ab4f3e8b766d6c6ac06c
a5c42cda1bb44a83c4fe9ca5221825ca1d0e53cb
31d5a65ed4f290361fa9f6431b3fda6ec771b90d0f7cc1403576637af527b9bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/sass/sidebar/sidebar.css?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fk1sE7IKpV%2B8LRWdgrO9VJ%2FTpdFZigTM1L98XNabcC8NpqgJHa9CbuYopwUli%2F7UCWBWYhRnbgVHcCxdxeUhKL5oTtPonBRf8Kml349Tyr85cB%2F0x2rlN9kn46hID9uA4aYiUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5c68600b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:57:12 GMT
expires: Fri, 02 May 2025 19:57:12 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 438771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2

216.58.207.227

200 OK

8.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8596, version 1.0
Size
8.6 kB (8596 bytes)
Hash
858549c2cb50c37c733cfa191fdb07ea
50900cbabf4ae9e1e174162f091404e343585c65
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2

HTTP Headers

GET /s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 20:44:07 GMT
expires: Tue, 06 May 2025 20:44:07 GMT
cache-control: public, max-age=31536000
age: 90356
last-modified: Fri, 22 Mar 2024 00:00:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.rosequake.com/static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac202405-20240508

172.67.157.116

18 kB

URL
www.rosequake.com/static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac202405-20240508
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (32019), with CRLF line terminators
Size
18 kB (18315 bytes)
Hash
5fb7c19c9c51cfb99f5ff942629f0f21
14c7f59e73d2a99aa688c2443a9a9b24acbff43c
a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:48 GMT
etag: W/"0c22346db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5UnqWpwzG%2F51ozIPIWlrYPsJLcRmaTqNkzFD1MVzqr1f53Z61%2FNhNXlr%2B9INqEtLayFn3lsM3OzJP6gBrC9AklCY0wHE3P%2BM3Xyd9HzcUqyCEypMhKu2jN7elaiDVDS2OaH0IA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5cf8dc0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/images/bg.png

172.67.157.116

90 kB

URL
www.rosequake.com/images/bg.png
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
PNG image data, 750 x 900, 8-bit/color RGBA, non-interlaced
Size
90 kB (89690 bytes)
Hash
ccf77e016e248189f1010ef460854b41
ba7980d6188a7581acc6e8e38c7bb3d3377af87b
58eab8be48f2cdd0eff40a5c8834dee3df3295020cc35104611ea2d0346357f9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bg.png HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac202405-20240508
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1; _gcl_au=1.1.479750213.1715118603
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:03 GMT
content-type: image/png
content-length: 89690
last-modified: Mon, 16 Oct 2023 18:33:27 GMT
etag: "82b653415f0da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7xIMnglSeUaaeKaKKmI9PEd%2BsFCBSn5eFontyUa1mq227KGuYtOr8xc437gZS3SSshX6HNCS84fNl2e1VUboD92x7wBYjA9ks30hfjZE3IyhwB80QasiBmYTjdo8b9zviv%2Btkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c659fad0b69-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/Images/country_list.png?v=dw11211221

172.67.157.116

200 OK

151 kB

URL GET HTTP/3
www.rosequake.com/Images/country_list.png?v=dw11211221
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
PNG image data, 48 x 9428, 8-bit/color RGBA, non-interlaced
Size
151 kB (151317 bytes)
Hash
161094bc7dd657d7e721cb097797d48b
46239a5b5d7a4c0c0139e75389356d9a72cc0928
6f97ccec9e464f5cf66d78ad6713a62bb949d02ec98ba7fa4cfcf4587dae7ae5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Images/country_list.png?v=dw11211221 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/css/country-flag.css?v=cac202405-20240508
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1; _gcl_au=1.1.479750213.1715118603
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:03 GMT
content-type: image/png
content-length: 151317
last-modified: Fri, 04 Aug 2023 21:08:11 GMT
etag: "fe4e7dc617c7d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2506
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=32%2B1JQuCXJMTlxy%2FiHQ74jhTvqqv0RVU4XuUIbcB4xyf9ld2%2FKPj5GRXIjcmiUymld9dfrORKxeMU%2Blx5zQUIgHNN8n7u9sq14vVt3G7labCh95p661ShbqftRQMqB2RSprZxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c6708980b69-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/js/layer.mobile/need/layer.css?2.0

172.67.157.116

74 kB

URL
www.rosequake.com/js/layer.mobile/need/layer.css?2.0
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (5260), with no line terminators
Size
74 kB (73871 bytes)
Hash
633915e62d14a714594b95b974ee0836
e11ebb64a70272c4f35b92fea064f27c4b87efad
eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/layer.mobile/need/layer.css?2.0 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1; _gcl_au=1.1.479750213.1715118603
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:02 GMT
content-type: text/css
last-modified: Fri, 26 Aug 2016 09:35:36 GMT
etag: W/"024e0327dffd11:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v68I7KwHXySNo%2FphTfCfO3I13QTZQxT%2Fx%2B8sl40RkWGz8GIEwalXmsp9y2vYqngPrXVE2dZO1GjvtHFSMZYy4Lpbcr%2BKzZeU1lEv0LZNa4HKct3ckTDL%2FTyfUihfyjH8FCFI4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c649f180b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/image/loading-0.gif

172.67.157.116

5.8 kB

URL
www.rosequake.com/static/image/loading-0.gif
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
GIF image data, version 89a, 60 x 24
Size
5.8 kB (5793 bytes)
Hash
a72011ccdc2bcd23ba440f104c416193
ba81388bbac5bc223f94489b97a95a13f3c78e47
07236f6814a40623bab43f2043860c97678bc7deedbf06feff92f0d6e6673bf5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/loading-0.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac202405-20240508
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1; _gcl_au=1.1.479750213.1715118603
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:03 GMT
content-type: image/gif
content-length: 5793
last-modified: Tue, 05 Dec 2017 03:57:25 GMT
etag: "5ac952297d6dd31:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2506
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fqr0YxD5cgIT%2FnbIVg2dRiMT%2F5lcKZM0yszwX5lJjq9WxJnvB4IlLsdPBdBMiKKUt5wtnVdJNFMMYuvnOeOYmHOGDZSofgfthCyyUllzRelBSrBWaOckHJz4PRf%2FX2c%2FRMGYLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c6758cc0b69-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/lib/bootstrap/bootstrap-grid.min.css?v=cac202405-20240508

172.67.157.116

200 OK

16 kB

URL GET HTTP/3
www.rosequake.com/static/lib/bootstrap/bootstrap-grid.min.css?v=cac202405-20240508
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with CRLF line terminators
Size
16 kB (15728 bytes)
Hash
7dbc3c16a7a1e0d4941608290b1cb218
d9fcde029ae22c446ced020bd143bc4c47eb7d9c
871f218ccbc29aea08acee4ff6164888af936d0b6f604c1658e3b19094660e9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/bootstrap/bootstrap-grid.min.css?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sIQXrvt5tXCYiVq2VdN%2B%2FfzEGL45ZEEr2uKNb3kgS1CiBH7zgjwZXq53sapc46EQRArcAOC3MVe558e3oaEfrAMqCTpEQUu2NHaawxjt%2B8EzaO2zHEs28OCykTtlL9RfFl56uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5c58450b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/assets/sass/style.css?v=cac202405-20240508

172.67.157.116

200 OK

24 kB

URL GET HTTP/3
www.rosequake.com/static/assets/sass/style.css?v=cac202405-20240508
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with CRLF line terminators
Size
24 kB (23750 bytes)
Hash
9ecdc5fe4c25c939533d5613a560b7b3
c432fd1eff96051da782463f392531d7e25f8f80
1c84f82609078a0639992c996a8b7c55f2d5b75508494cfa58deee2dbef06a21

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/sass/style.css?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/css
last-modified: Wed, 27 Dec 2023 10:52:08 GMT
etag: W/"021fbdb238da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FyVemyhcqi6lnpRlXsbENjoQpX91ffu4xSq%2BtyJlm%2F4WUIPP8gj%2BXF%2BMYBHAUcQF1yp3cooyuuf6jwUD%2FlZNy5Sl%2FGJeKX2XXogTGT7K0y1tX5G%2FnM3INLWhOe0XFKNmJWkOXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5c584c0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/lib/bootstrap/bootstrap.min.css?v=cac202405-20240508

172.67.157.116

26 kB

URL
www.rosequake.com/static/lib/bootstrap/bootstrap.min.css?v=cac202405-20240508
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
Unicode text, UTF-8 text, with very long lines (65302), with CRLF line terminators
Size
26 kB (26089 bytes)
Hash
c4d1ceed37c00ce45e73ad3eff7b3b11
8b02ab01b53a5cac0461a2fe0c0737e88691f5a5
096047f56d97ec5b954f7488aed28f752fb2b71edd8808e28ab1a5f2fe68b3d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/bootstrap/bootstrap.min.css?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:20 GMT
etag: W/"09671236db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmIqlmdB5n7tHz3yN6zukTg9lBpQdlPzx7F00NHbKlAjyQOBVHYXV8U9FYgt5fV6OfkIOuSHiqRgpOQ8gPYjjjrocDaiAOsPyCPtI5IFSKjcSXIa812GiJiN52NlQD%2B11ds%2Brw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5c483f0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.157.116

0 B

URL
www.rosequake.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1; _gcl_au=1.1.479750213.1715118603
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Tue, 07 May 2024 21:50:03 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GCV9zFjbGWYnYxveaatmyLFUwIVdt36kH7JqyN2DQOa56V%2FubRdwaCL6vZC85VFSx6tEn8r54ifXEDVFcE7p16TlV%2F9HbSkU7I6sBabrEgP8Io83IASV0bdgeZspF7hRCD4Gtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c692a570b69-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/css/iconfont/iconfont.woff2?t=1657020896111

172.67.157.116

200 OK

38 kB

URL GET HTTP/3
www.rosequake.com/css/iconfont/iconfont.woff2?t=1657020896111
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 37788, version 1.0
Size
38 kB (37788 bytes)
Hash
fda53bb64e7c76c9fd7a3feece87baf9
85ea2d508fa5da02d79f393b5779d61e1f3e0d46
868fa7e9273b2874aaa642ace965973f6ec2fba27d5da30211d42f299e54ea74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/iconfont/iconfont.woff2?t=1657020896111 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac202405-20240508
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1; _gcl_au=1.1.479750213.1715118603
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:03 GMT
content-type: application/font-woff2
content-length: 37788
last-modified: Sun, 31 Jul 2022 07:35:49 GMT
etag: "80b86b27b0a4d81:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2F%2Fu2CBfSVWlIezLqfZB1jVNNheNKe1Zrv3azheMLU17M28NVp2TqVC1HdjSzfaWQZOdXXUEXPmu2OnCA4Cl4Kcye6u5jVOFXlPyqMXf2HRGhTxpf%2BewfsuiMQekvmYxSLrzUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c67b9160b69-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/cdn-cgi/challenge-platform/h/b/jsd/r/88046c57df37b527

172.67.157.116

0 B

URL
www.rosequake.com/cdn-cgi/challenge-platform/h/b/jsd/r/88046c57df37b527
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/88046c57df37b527 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12185
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1; _gcl_au=1.1.479750213.1715118603; _ga_B1QS3P765Z=GS1.1.1715118603.1.0.1715118603.0.0.0; _ga=GA1.1.798036068.1715118604
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:04 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=AxkvC9edksSQZmDsOOan4BrLKT0bKLCcqtdW02jydi8-1715118604-1.0.1.1-h_FNCh.CvNjW2BRGc3t7P8tQ2o5ZdXcEfziHGpeKeYVWfEU8Shkc3F2DObLCwkpcx3zDNtdiLOlibxJqJDxs9w; path=/; expires=Wed, 07-May-25 21:50:04 GMT; domain=.rosequake.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8NylVshIKYnnakgFvHVKzmMFvz%2BNSoErOQzS3VVA40ddTZTrTkMrSJ4mC52vzbPWzSlUofzbRvJqSMJ2lFK1TOAqFVgYzS7CxIZAR2J94EaaCleiIvgU4jBgKPzUDU0eNemgCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c6bcbe90b69-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/ajax/index.aspx?action=UserInfo

172.67.157.116

15 B

URL
www.rosequake.com/ajax/index.aspx?action=UserInfo
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JSON text data
Size
15 B (15 bytes)
Hash
00d746e4b7a743d7815f126764dbf5c0
46247b4f29333cdfdf067dc2c5d449fffab7f77c
786a593906565372853a05afa202cc6228dd70e479befba3096965a06682529a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/index.aspx?action=UserInfo HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1; _gcl_au=1.1.479750213.1715118603; _ga_B1QS3P765Z=GS1.1.1715118603.1.0.1715118603.0.0.0; _ga=GA1.1.798036068.1715118604; cf_clearance=AxkvC9edksSQZmDsOOan4BrLKT0bKLCcqtdW02jydi8-1715118604-1.0.1.1-h_FNCh.CvNjW2BRGc3t7P8tQ2o5ZdXcEfziHGpeKeYVWfEU8Shkc3F2DObLCwkpcx3zDNtdiLOlibxJqJDxs9w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:04 GMT
content-type: application/json; charset=utf-8
content-length: 15
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hIm3sfbc1o2x4P7u%2FmjjYCD1nsdlzPeQLDUsYXCZMgbESsZ8Vt6cle501GiIG2XAWYredrH5sRATsUFBVVwl9QXXJbdCUR3QztF9XI6fzjWm%2BQ1l66pu8Zvgq6B3cfs6emrWpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c6c8c870b69-OSL
alt-svc: h3=":443"; ma=86400

img.fantaskycdn.com/27f5ef3fd702b0845bc211b2d4c69523_100x.png

104.18.20.211

200 OK

7.2 kB

URL GET HTTP/2
img.fantaskycdn.com/27f5ef3fd702b0845bc211b2d4c69523_100x.png
IP
104.18.20.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfantaskycdn.com
Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E
ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.2 kB (7228 bytes)
Hash
97cd907d248fbc89132ef6b7fcd3ec36
54650fbf50a242f7b1f5755eb538e95d7513812b
c1de8ca442526efbca3311c5757188dc0d09017e50dde341ae1a55b68b6e7514

HTTP Headers

GET /27f5ef3fd702b0845bc211b2d4c69523_100x.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:04 GMT
content-type: image/webp
content-length: 7228
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=11346
content-disposition: inline; filename="27f5ef3fd702b0845bc211b2d4c69523_100x.webp"
expires: Thu, 08 May 2025 03:50:04 GMT
request-id: f6571fd0-e83e-46c6-9e0c-e8660229e0d8
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: f6571fd0-e83e-46c6-9e0c-e8660229e0d8
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2024 22:36:20 GMT
cf-cache-status: HIT
age: 397024
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 88046c6d3b351c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.fantaskycdn.com/4d8e5abb163d9aac348bca71f6be038b_600x.gif

104.18.20.211

200 OK

103 kB

URL GET HTTP/2
img.fantaskycdn.com/4d8e5abb163d9aac348bca71f6be038b_600x.gif
IP
104.18.20.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfantaskycdn.com
Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E
ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
103 kB (102752 bytes)
Hash
d49237261f42c0ee76dedae99b0ded19
39d14660776b9cd84c4e82daa6b6c815b42e25f1
9eafa188ecab3b6b7d2fd618e84a3d32e5ed661439ab6b66c159365ae7ef47fa

HTTP Headers

GET /4d8e5abb163d9aac348bca71f6be038b_600x.gif HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:04 GMT
content-type: image/webp
content-length: 102752
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=392897
content-disposition: inline; filename="4d8e5abb163d9aac348bca71f6be038b_600x.webp"
request-id: 5c722b63-dcbb-420a-bdbf-f4552b02f655
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 02 May 2024 19:36:42 GMT
cf-cache-status: HIT
age: 397027
expires: Thu, 08 May 2025 03:50:04 GMT
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 88046c6d3b331c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.fantaskycdn.com/855e4282e3436c08cf720fd630782468_600x.gif

104.18.20.211

550 kB

URL
img.fantaskycdn.com/855e4282e3436c08cf720fd630782468_600x.gif
IP
104.18.20.211:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectfantaskycdn.com
Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E
ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
550 kB (550144 bytes)
Hash
934d2fbda9f53973d6602c563f489a04
97a0fad036389316b1611c5034101695868f7bed
9db1eff926caca1048e2aeee0891b9651e023194a5941e742af37797b5b6d24c

HTTP Headers

GET /855e4282e3436c08cf720fd630782468_600x.gif HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:04 GMT
content-type: image/webp
content-length: 550144
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=2692908
content-disposition: inline; filename="855e4282e3436c08cf720fd630782468_600x.webp"
request-id: 2138e5f3-9305-4d62-93e4-31eb0d7cb4a1
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 02 May 2024 23:11:30 GMT
cf-cache-status: HIT
age: 397027
expires: Thu, 08 May 2025 03:50:04 GMT
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 88046c6d5b511c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.fantaskycdn.com/04a749bd51f2493021792831d8db3dff_100x.png

104.18.20.211

200 OK

5.7 kB

URL GET HTTP/2
img.fantaskycdn.com/04a749bd51f2493021792831d8db3dff_100x.png
IP
104.18.20.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfantaskycdn.com
Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E
ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.7 kB (5720 bytes)
Hash
cb9699fbf74feaa49294f3aafc598215
cabe30c1c1e98395736fc2e5eaab3c2b00aa7264
7a5177449f3171058dab17eb9af0ee6bbe6e2d7e32929d7a75a9e65999dc01ca

HTTP Headers

GET /04a749bd51f2493021792831d8db3dff_100x.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:04 GMT
content-type: image/webp
content-length: 5720
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=8201
content-disposition: inline; filename="04a749bd51f2493021792831d8db3dff_100x.webp"
expires: Thu, 08 May 2025 03:50:04 GMT
request-id: d88a78ee-daa1-4164-abc5-2f3bb27d33c2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: d88a78ee-daa1-4164-abc5-2f3bb27d33c2
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2024 21:25:21 GMT
cf-cache-status: HIT
age: 397025
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 88046c6dcbc91c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.fantaskycdn.com/0362c9d688ff836958754b1791d1e7f8_600x.gif

104.18.20.211

1.1 MB

URL
img.fantaskycdn.com/0362c9d688ff836958754b1791d1e7f8_600x.gif
IP
104.18.20.211:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectfantaskycdn.com
Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E
ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.1 MB (1085330 bytes)
Hash
9aca8926b66ab3bbf468652fec7cda46
a55615bca7bc30cf4e0c2aba8fb7d2607ad0e716
ed96f25e938ffb92d55137ee067f2a402720bfbfe734efbc61db43d1405a6ba2

HTTP Headers

GET /0362c9d688ff836958754b1791d1e7f8_600x.gif HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:04 GMT
content-type: image/webp
content-length: 1085330
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=2119450
content-disposition: inline; filename="0362c9d688ff836958754b1791d1e7f8_600x.webp"
request-id: ceafc267-55de-4362-bcb7-4a9a2d43f2f2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 02 May 2024 19:36:44 GMT
cf-cache-status: HIT
age: 397027
expires: Thu, 08 May 2025 03:50:04 GMT
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 88046c6d3b371c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/static/assets/sass/base/product/component-product.css?v=cac202405-20240508

172.67.157.116

76 kB

URL
www.rosequake.com/static/assets/sass/base/product/component-product.css?v=cac202405-20240508
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (39193), with no line terminators
Size
76 kB (75748 bytes)
Hash
1044c3cef197bf3574a60b7f321c86f5
be9c4ea7b19a183eec748eae25808d6e1d4b7289
c236d51685d99df1c5646a27f259badae7c284190dcff88487a6e63ff89578b2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/sass/base/product/component-product.css?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MeBPQQTkWF0o5%2F6JQRZepYf9xfUlTCw8%2BVUa9LrolaJp8IJa2dFJb0g3iyc%2F8CWZipIsDm%2FuV05bap5JmR4oRryekLNXSsGn%2BctbCSdyqTdFuquMHaPKdyAKxlS61m8B1h275g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5c685e0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.staticdj.com/4d6a3c8272e499f927c78ab94da3e17e_600x.gif

104.19.234.103

80 kB

URL
img.staticdj.com/4d6a3c8272e499f927c78ab94da3e17e_600x.gif
IP
104.19.234.103:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
80 kB (80142 bytes)
Hash
2ff0823157a115d12e0a1b2e9ccd0d91
f80e2dd286d26446f8915c5efce5c088cd0673d5
44e8d80c0bbe34af2d92176ab3aa3879d8c6a696506c5b4c122487e4b7bf42fe

HTTP Headers

GET /4d6a3c8272e499f927c78ab94da3e17e_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:04 GMT
content-type: image/webp
content-length: 80142
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=433571
content-disposition: inline; filename="4d6a3c8272e499f927c78ab94da3e17e_600x.webp"
request-id: 811ff36e-4498-4886-bbc3-d740933df639
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 10:35:13 GMT
cf-cache-status: HIT
age: 565715
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QOBP02giniD%2FwQMGa5HTkaMt3xKSoArq1lnyeRquC5YQfOq6HrNLfp%2BYaN0NrtREK3OLSZWLalcO7%2BeS6pdSu1DxJgxGzNKuUMjvydny1a27ss9SIm9KKVKX2fHxpwDXHms%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=16.999960
access-control-allow-origin: *
server: cloudflare
cf-ray: 88046c6e6c0456ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cbu01.alicdn.com/img/ibank/O1CN01ZCtZpG1zhimUYcizv_!!2213263426746-0-cib.jpg_500x500.jpg

163.181.49.229

23 kB

URL
cbu01.alicdn.com/img/ibank/O1CN01ZCtZpG1zhimUYcizv_!!2213263426746-0-cib.jpg_500x500.jpg
IP
163.181.49.229:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x500, components 3
Size
23 kB (22708 bytes)
Hash
be21a319855309a7519c12d8dabcb494
b19b6cad952043bdf2c25b0ed7ac2182b6dad0cd
6e973589c6c2798dbea185b4797875157ea2f945d0acd3f8923efeb0378e332d

HTTP Headers

GET /img/ibank/O1CN01ZCtZpG1zhimUYcizv_!!2213263426746-0-cib.jpg_500x500.jpg HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 22708
date: Thu, 01 Feb 2024 09:18:11 GMT
last-modified: Mon, 22 Jan 2024 11:00:28 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.032
traceid: 2ff6329b17067790902482870e
x-powered-by: Picasso
picasso-image-type: normal
picasso-fmt: jpg2
cache-control: max-age=31536000
ali-swift-global-savetime: 1706779091
via: cache4.l2fr1[0,0,200-0,H], cache36.l2fr1[1,0], ens-cache4.es5[0,0,200-0,H], ens-cache9.es5[1,0]
access-control-allow-origin: *
age: 8339514
x-cache: HIT TCP_HIT dirn:11:116122321
x-swift-savetime: Tue, 07 May 2024 19:12:14 GMT
x-swift-cachetime: 23205957
timing-allow-origin: *
eagleid: a3b5319d17151186050328687e
X-Firefox-Spdy: h2

cbu01.alicdn.com/img/ibank/O1CN01ZOlm8v1zhiilKSOPu_!!2213263426746-0-cib.jpg_120x120.jpg

163.181.49.229

2.7 kB

URL
cbu01.alicdn.com/img/ibank/O1CN01ZOlm8v1zhiilKSOPu_!!2213263426746-0-cib.jpg_120x120.jpg
IP
163.181.49.229:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x120, components 3
Size
2.7 kB (2717 bytes)
Hash
040b2cb6b4a42d0089cd8044b9347b15
e02a467d898ef2415fff7bf0a42032c6b9e28e7e
63687ff8bf1b5415c6dd6a801d48b623c81862b2cfba75040ddddea46f071744

HTTP Headers

GET /img/ibank/O1CN01ZOlm8v1zhiilKSOPu_!!2213263426746-0-cib.jpg_120x120.jpg HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 2717
date: Thu, 01 Feb 2024 09:18:10 GMT
last-modified: Mon, 17 Jul 2023 09:02:33 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.024
traceid: 2ff6329b17067790902482872e
x-powered-by: Picasso
picasso-image-type: normal
picasso-fmt: jpg2
cache-control: max-age=31536000
ali-swift-global-savetime: 1706779090
via: cache28.l2fr1[0,0,200-0,H], cache15.l2fr1[1,0], ens-cache9.es5[0,0,200-0,H], ens-cache9.es5[1,0]
access-control-allow-origin: *
age: 8339515
x-cache: HIT TCP_HIT dirn:12:121817878
x-swift-savetime: Tue, 07 May 2024 19:12:14 GMT
x-swift-cachetime: 23205956
timing-allow-origin: *
eagleid: a3b5319d17151186050358694e
X-Firefox-Spdy: h2

img.fantaskycdn.com/d50066444cf9050404faf5afdd8cedb1_100x.png

104.18.20.211

4.3 kB

URL
img.fantaskycdn.com/d50066444cf9050404faf5afdd8cedb1_100x.png
IP
104.18.20.211:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectfantaskycdn.com
Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E
ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.3 kB (4254 bytes)
Hash
e3389b88d6d831d331e747f5c39f8439
6fb67d275c599b50d14aabb3c7ac65aa47882b53
bcbe7ea36c72cebd4c8e043ddcaecdec2e2a5fcb2c00030655e5b825132cb58a

HTTP Headers

GET /d50066444cf9050404faf5afdd8cedb1_100x.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:05 GMT
content-type: image/webp
content-length: 4254
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=8642
content-disposition: inline; filename="d50066444cf9050404faf5afdd8cedb1_100x.webp"
expires: Thu, 08 May 2025 03:50:05 GMT
request-id: 48e7129e-b42d-45a2-9203-524e4e44ef0f
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 48e7129e-b42d-45a2-9203-524e4e44ef0f
x-xss-protection: 1; mode=block
last-modified: Thu, 02 May 2024 19:36:43 GMT
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 88046c6d3b391c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cbu01.alicdn.com/img/ibank/O1CN01ZOlm8v1zhiilKSOPu_!!2213263426746-0-cib.jpg_500x500.jpg

163.181.49.229

200 OK

23 kB

URL GET HTTP/2
cbu01.alicdn.com/img/ibank/O1CN01ZOlm8v1zhiilKSOPu_!!2213263426746-0-cib.jpg_500x500.jpg
IP
163.181.49.229:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint29:04:BE:E6:49:30:F7:DC:C0:BE:56:8F:B4:AC:24:9B:50:1A:F7:E2
ValidityTue, 26 Dec 2023 03:36:04 GMT - Tue, 30 Jul 2024 02:26:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x500, components 3
Size
23 kB (22708 bytes)
Hash
be21a319855309a7519c12d8dabcb494
b19b6cad952043bdf2c25b0ed7ac2182b6dad0cd
6e973589c6c2798dbea185b4797875157ea2f945d0acd3f8923efeb0378e332d

HTTP Headers

GET /img/ibank/O1CN01ZOlm8v1zhiilKSOPu_!!2213263426746-0-cib.jpg_500x500.jpg HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 22708
date: Thu, 01 Feb 2024 09:18:10 GMT
last-modified: Mon, 17 Jul 2023 09:02:33 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.033
traceid: 2ff6329b17067790902472865e
x-powered-by: Picasso
picasso-image-type: normal
picasso-fmt: jpg2
cache-control: max-age=31536000
ali-swift-global-savetime: 1706779090
via: cache37.l2fr1[0,12,200-0,H], cache10.l2fr1[13,0], ens-cache2.es5[0,0,200-0,H], ens-cache9.es5[1,0]
access-control-allow-origin: *
age: 8339515
x-cache: HIT TCP_HIT dirn:12:115169823
x-swift-savetime: Tue, 07 May 2024 19:12:15 GMT
x-swift-cachetime: 23205955
timing-allow-origin: *
eagleid: a3b5319d17151186050448708e
X-Firefox-Spdy: h2

img.fantaskycdn.com/04a749bd51f2493021792831d8db3dff_600x.png

104.18.20.211

200 OK

106 kB

URL GET HTTP/2
img.fantaskycdn.com/04a749bd51f2493021792831d8db3dff_600x.png
IP
104.18.20.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfantaskycdn.com
Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E
ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
106 kB (106094 bytes)
Hash
f57976448ad54a813a9b9c2a8bee6ca9
dc7dc68276b2cc306aa497150d28554d46230020
28f5155f7cf4d9dce50b744ed720be53297a39892012bc554678c7391c6292eb

HTTP Headers

GET /04a749bd51f2493021792831d8db3dff_600x.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:05 GMT
content-type: image/webp
content-length: 106094
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=219132
content-disposition: inline; filename="04a749bd51f2493021792831d8db3dff_600x.webp"
expires: Thu, 08 May 2025 03:50:05 GMT
request-id: 488e3f97-44f0-4e79-a088-4d76c26d6f93
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 488e3f97-44f0-4e79-a088-4d76c26d6f93
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Apr 2024 01:08:15 GMT
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 88046c6d3b3f1c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

we.chatsoftly.com/agents/images/cbdshop/agent_offline.png

172.67.194.34

4.5 kB

URL
we.chatsoftly.com/agents/images/cbdshop/agent_offline.png
IP
172.67.194.34:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Size
4.5 kB (4458 bytes)
Hash
f31b27f2dd78d85a52e0588a7e7698ec
a601d2b2098b159d3ebe1508ff87b76131a691d6
585a9c155c15c0ba3be761b5ea54fa8fa897e888ad1d415edacf1792d7ee2c54

HTTP Headers

GET /agents/images/cbdshop/agent_offline.png HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:06 GMT
content-type: image/png
content-length: 4458
last-modified: Wed, 14 Apr 2021 15:07:35 GMT
etag: "54f5cbe63f31d71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2506
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UKDP4Q3BcFd%2F11zn9Ebd19LkIlnmBpKBQVF%2BC9NMa1bor4HiuKMCQDowoncHAmuUcaP6fmDo1uhfx9Tpt5DTbNZyNpDTDRBQpQH9qHjt3%2FlAPQLS%2Bcpb1MI0%2B107caBwFhVVWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c7cad1e5691-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/apis/ImConnectInfo.aspx?guid=

172.67.157.116

7.2 kB

URL
www.rosequake.com/apis/ImConnectInfo.aspx?guid=
IP
172.67.157.116:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JSON text data
Size
7.2 kB (7232 bytes)
Hash
eef46a984feb77ddb78d6051ccfc06fe
637d23ea2224e006c17eb81427747a9ba303d43b
24b6af53525d1fa2ef22c11b1d7ff83bebc54a4347b17591ffc264c43674aea6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /apis/ImConnectInfo.aspx?guid= HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1; _gcl_au=1.1.479750213.1715118603; _ga_B1QS3P765Z=GS1.1.1715118603.1.0.1715118603.0.0.0; _ga=GA1.1.798036068.1715118604; cf_clearance=AxkvC9edksSQZmDsOOan4BrLKT0bKLCcqtdW02jydi8-1715118604-1.0.1.1-h_FNCh.CvNjW2BRGc3t7P8tQ2o5ZdXcEfziHGpeKeYVWfEU8Shkc3F2DObLCwkpcx3zDNtdiLOlibxJqJDxs9w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:06 GMT
content-type: application/json; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d9U26DQ0WjM2wTH1MXi3h8yD4sQN%2FI%2F4Ty0vewmUjcaFzh96bIXVtWF%2BdSX2c%2BdkowbyeEQg7RPH2PqeSWFJ0FMCQkit0oUVkNhNzKIKjXKwl62pypDrzuejghGVmSlwNSuiSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c796e220b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/css/country-flag.css?v=cac202405-20240508

172.67.157.116

200 OK

29 kB

URL GET HTTP/3
www.rosequake.com/css/country-flag.css?v=cac202405-20240508
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
29 kB (28734 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/country-flag.css?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/css
last-modified: Fri, 04 Aug 2023 21:08:05 GMT
etag: W/"2662cc317c7d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oDgqRXSp%2FLy1QXXm6N%2Bwnurnp52tpLbVwLwz%2BMkzAAht%2BV2ONoT9UJem6E02NKWwdp5KDp0byOsZBpAcVevhzIqtOQyIiSfBuXzk4MhmkaXTkRBFHBEuZvHd6rqvebsILFDsGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5c98800b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

global.akating.com/Images/country_list_bg.png?v=d

104.21.11.35

200 OK

73 kB

URL GET HTTP/3
global.akating.com/Images/country_list_bg.png?v=d
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type
PNG image data, 20 x 5477, 8-bit/color RGBA, non-interlaced
Size
73 kB (72595 bytes)
Hash
6c82c39a53d564744f41787731157fe9
c1ed91eb19f49725887d7b8b5d72607500744b5a
0584c02871ac6487ab8a93f4d6a5c1d1b8100061d7485cae1de3e7dcab8ad347

HTTP Headers

GET /Images/country_list_bg.png?v=d HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://global.akating.com/files/css/countryFlag_s.css?v=cac202405-20240508
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:03 GMT
content-type: image/png
content-length: 72595
last-modified: Sun, 03 Jul 2022 14:09:02 GMT
etag: "0d36072e68ed81:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=907j1SiUR20vMTtQiorhgISerQEintfpCx03LpOsJ%2ByDEXXu2rFeEN1VtJuprlLXEsp0YgXXtrDJbvWHQcjBudl9Qmx10pUKlDXuUV4a7iBhR4vKM78Ejo7dV5Per6B8yPNPl4M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c659b01569a-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/lib/slick-carouse/slick.min.css?v=cac202405-20240508

172.67.157.116

200 OK

1.9 kB

URL GET HTTP/3
www.rosequake.com/static/lib/slick-carouse/slick.min.css?v=cac202405-20240508
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (2061), with no line terminators
Size
1.9 kB (1851 bytes)
Hash
bac3dc30e9484fc7e0b6f6dec44f02fd
4eb290e5d2c33def861e0e19aab1e7d772763afe
46e0bdf70be56f64327fdb7544a76067120f8551ae4237a3d7598aed9d3ccdb8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/slick-carouse/slick.min.css?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cSQ89u%2B8iaQ4OHIlvNdVnzlintmSJhureDtk6ETELW8PWPWE2tPrZWqsv9j5wzhbftP%2BbqlCjMv1bpz1S37ad9pOT2hESsJ0EJ%2F5v0eVhoO5XufaQtnCCiauZHQCw09Wpy1ASA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5c68580b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/js/layer.mobile/need/layer.css?v=cac202405-20240508

172.67.157.116

200 OK

5.3 kB

URL GET HTTP/3
www.rosequake.com/js/layer.mobile/need/layer.css?v=cac202405-20240508
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (5260), with no line terminators
Size
5.3 kB (5260 bytes)
Hash
633915e62d14a714594b95b974ee0836
e11ebb64a70272c4f35b92fea064f27c4b87efad
eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/layer.mobile/need/layer.css?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/css
last-modified: Fri, 26 Aug 2016 09:35:36 GMT
etag: W/"cffb58337dffd11:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dtv7qaLUioJ%2Bn%2BeYxENZ4Lbdu0yD2IeMSSthFVdPiStKqAFU7GBdlTXt1xnIVokcVBiIEVClb7giZzwTxulrEhmTW9XyPlc6BXs7vqCAd1LwdTB5jbq8O272kE8XIWRF2cLgjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5cb89c0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

we.chatsoftly.com/js/im_load.js

172.67.194.34

200 OK

6.9 kB

URL GET HTTP/2
we.chatsoftly.com/js/im_load.js
IP
172.67.194.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerLet's Encrypt
Subjectchatsoftly.com
Fingerprint7D:CA:44:6D:74:CE:73:D2:86:C2:56:71:1E:C1:5F:90:EE:BE:14:F4
ValiditySat, 04 May 2024 06:25:01 GMT - Fri, 02 Aug 2024 06:25:00 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (7328), with no line terminators
Size
6.9 kB (6857 bytes)
Hash
bc3213e815a0316646713a392be2afef
dc43e99d2b928ad821edb603499ebe3d431bb3c2
51f4c6c600b6dc7d7fe96cf1f7c7f8266f26195cdd49a5e9a322b52627ba0cd8

HTTP Headers

GET /js/im_load.js HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:02 GMT
content-type: application/javascript
last-modified: Wed, 13 Sep 2023 15:41:56 GMT
etag: W/"07a42d358e6d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2F1w0hcRnL8WBudUEfdeDOIvncbPvKAfg42rs9PO8EsvuBVnbF1aX8Du5xiUUisEVinxZ3nrXWjnPo0swXYKnTXsu1dNQqz4rduHKA0GC%2BZ%2BiWeGhjfaP1EggVFiOm6JFGxuRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5e7e835694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

global.akating.com/files/js/chosen_v1.8.7/chosen.jquery.js?v=cac202405-20240508

104.21.11.35

200 OK

48 kB

URL GET HTTP/2
global.akating.com/files/js/chosen_v1.8.7/chosen.jquery.js?v=cac202405-20240508
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type
JavaScript source, ASCII text, with very long lines (326), with CRLF, LF line terminators
Size
48 kB (48043 bytes)
Hash
89081048f3bf7c9d5985d79e4976f359
50bb8dde91c4f95c98716d7d702617dbea18bbc7
811ec63ebf47f8ccdafdc6c39280dff6c51b980b2a94547a8b78a3e6cc0b853f

HTTP Headers

GET /files/js/chosen_v1.8.7/chosen.jquery.js?v=cac202405-20240508 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: application/javascript
last-modified: Sat, 20 Jul 2019 16:38:39 GMT
etag: W/"80115e95193fd51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A1S39hrr0P9oup3oQRxkcjwVzjcku5jnIyplthqlt94A%2FA0YYKR4GSUb8Oti%2BRtHSvOmwHeVpaTd10Mkr4e4w3Src4dSyVEen4WzUOBjo%2Bnz9atUWezXlg6NBGqW4n%2BCVhXO06s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5e2f1a5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/ajax/Index.aspx?action=SaveAnalytics&referrer=directly&utm_source=&utm_medium=&utm_campaign=&utm_content=&utm_term=&gad_source=&gclid=

172.67.157.116

200 OK

36 B

URL GET HTTP/3
www.rosequake.com/ajax/Index.aspx?action=SaveAnalytics&referrer=directly&utm_source=&utm_medium=&utm_campaign=&utm_content=&utm_term=&gad_source=&gclid=
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
36 B (36 bytes)
Hash
4ce01c23de0eb28af5c372be7e29b66e
14ba530ca36bc6d672a2fbaa7f1cef34dc048804
f52b22c98cb426a3c7f14f190992fc921dd09d6dca146d08166f1a5435e5f52c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/Index.aspx?action=SaveAnalytics&referrer=directly&utm_source=&utm_medium=&utm_campaign=&utm_content=&utm_term=&gad_source=&gclid= HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1; _gcl_au=1.1.479750213.1715118603; _ga_B1QS3P765Z=GS1.1.1715118603.1.0.1715118603.0.0.0; _ga=GA1.1.798036068.1715118604; cf_clearance=AxkvC9edksSQZmDsOOan4BrLKT0bKLCcqtdW02jydi8-1715118604-1.0.1.1-h_FNCh.CvNjW2BRGc3t7P8tQ2o5ZdXcEfziHGpeKeYVWfEU8Shkc3F2DObLCwkpcx3zDNtdiLOlibxJqJDxs9w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:04 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SCCugKFXhcGh1EDQ2gr60b%2FtC70JA%2Bt29ixZfgLvoV2LQ%2BYx47xMJyZBN6U%2Bsga79R5%2FabkjFxWTJEpeMwBpOezcGZGjCy7GDEfFTDt9kHIPG%2FJb%2BQ51yh4zlEaw6XM%2FEyWWCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c6d0ce40b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

global.akating.com/files/ExchangeRate.js?v=cac202405-20240508

104.21.11.35

200 OK

11 kB

URL GET HTTP/2
global.akating.com/files/ExchangeRate.js?v=cac202405-20240508
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type
ASCII text, with very long lines (10593), with no line terminators
Size
11 kB (10593 bytes)
Hash
fc715516fb030cd6858f16981ad2650c
9dc67c87ac8e4933d978c9b11a57b61d0755c6a2
c17ded04681c173e9e34c83d8666542405c276bf078da5ec06adf12ac815bbe7

HTTP Headers

GET /files/ExchangeRate.js?v=cac202405-20240508 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 20:40:27 GMT
etag: W/"f460c31e3b22da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1FilyGkjq9dprOEncdw1HqGzvLrIewGPzGmZnTe2AVLv4Rn%2Fuw2wPXMwAxsxF%2Bd6lsdqWMAruQTAQAhjNeQGzzl7hnO4WO2U9rvmfzVrvkDSX4w6sC%2FAymSUW%2FjyyQWSIUodoqE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5e3f245691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/css/shop-section.css?v=cac202405-20240508

172.67.157.116

200 OK

20 kB

URL GET HTTP/3
www.rosequake.com/css/shop-section.css?v=cac202405-20240508
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
20 kB (19907 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/shop-section.css?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/css
last-modified: Thu, 28 Dec 2023 19:18:46 GMT
etag: W/"d79fd0adc239da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yR9pmZl%2BTLkmH%2B%2B8858cmkeJwMaE4klJ6rCScKJK8iCYxy05Y90tLm6rqw5wBhTFb2nvPaalYMjcha17otaDxN4hbsWC3lNUZ%2F%2B9sXGUVIq3f7B4A5PlwiOZbWqH3%2FCNOCDLtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5cb8a10b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

global.akating.com/static/js/pixel2023.js?v=cac202405-20240508

104.21.11.35

200 OK

15 kB

URL GET HTTP/2
global.akating.com/static/js/pixel2023.js?v=cac202405-20240508
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type

Size
15 kB (14884 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/js/pixel2023.js?v=cac202405-20240508 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: application/javascript
last-modified: Sat, 10 Feb 2024 17:00:24 GMT
etag: W/"495bf2a3425cda1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78uccdD8qUR8eptCxaQEjzsqm9h3JAgP1wG73YwS7GiQS7RSKXTE%2FDMxHE2iWBXpvMZivK0HtqzehkgQRRooHAHPY%2FTdHf2FzX%2Fd98Mh3vQYJ1S8KubiwJ3gEjMvZyuRPmwZxPQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5e2f1d5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/js/shop-section.js?v=cac202405-20240508

172.67.157.116

200 OK

6.2 kB

URL GET HTTP/3
www.rosequake.com/js/shop-section.js?v=cac202405-20240508
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (6664), with no line terminators
Size
6.2 kB (6245 bytes)
Hash
30646f583611251216ba6744265c3b53
3ebf48e6c5d758c2848df18970f2a914cb01f624
7ed4c532b51119ff2c8dc8ffdd31036a1d300070bf16c9abca3816ba5a56157c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/shop-section.js?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: application/javascript
last-modified: Sun, 17 Dec 2023 19:47:57 GMT
etag: W/"73b511ef2131da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Beu7J0hwLlc0UwemNeEJ7%2Fo1IDvk5vuu3LxVFK84iO7nk3g4AkpGH5uey4hTcUea4yqw5eFoiNCggXkX%2BsiZCupoMx8n6%2BFQ2Awn6L0XAjGUXbuqx5uEiBM%2FfGvrgL5TsTiFtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5cc8af0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/Masturbation-Cup-Category-1096.html

172.67.157.116

200 OK

252 kB

URL User Request GET HTTP/2
www.rosequake.com/Masturbation-Cup-Category-1096.html
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
252 kB (251904 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Masturbation-Cup-Category-1096.html HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EU%2BQMmoP7qbVBHV5vZH6VuD1MWeQIlAFoy9cLPR6VNSc0jnkSrEfigJOKtFc5qo4WVldi2Xw9NwSEakJxRKuTHh1r%2Br771ENdh2NaDPKNyMh6N6HL2RfbRByIoLCS2F7g38CLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c57df37b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

global.akating.com/files/css/CBDCurrency.css?v=cac202405-20240508

104.21.11.35

200 OK

12 kB

URL GET HTTP/2
global.akating.com/files/css/CBDCurrency.css?v=cac202405-20240508
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type

Size
12 kB (11892 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /files/css/CBDCurrency.css?v=cac202405-20240508 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:02 GMT
content-type: text/css
last-modified: Sat, 23 Sep 2023 14:39:28 GMT
etag: W/"09068c12beed91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KcUhNaPErTY51P%2FkBEDS4fSKT%2F4lz20DYQv1pie52Vg2Hjm5VgXzSbMxvhejJQC%2FjWg%2FDOK7RYmR1GcoL24kjLNRHPTjmTr%2FtdrkiWyudbdJByAkusTz%2BJ1yixOGuuold37JH84%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5e7f655691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/static/lib/bootstrap/bootstrap.bundle.min.js?v=cac202405-20240508

172.67.157.116

200 OK

78 kB

URL GET HTTP/3
www.rosequake.com/static/lib/bootstrap/bootstrap.bundle.min.js?v=cac202405-20240508
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65226), with CRLF line terminators
Size
78 kB (78187 bytes)
Hash
831c0d53f60fd798a1954bab7fa67a88
e6c20115332ee2e46ac5f604850b56e551bfa547
0f97c4d4ed48b57ceb649f3fc47fbc99fab591298da09507861af8b7efbe99ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/bootstrap/bootstrap.bundle.min.js?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:23:40 GMT
etag: W/"0fe548f6fb0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yVg%2BgfcfHKE%2B8LZ%2Fh4q4MddikO4qzjAF%2BQnotuikISgspSkn2IFGgtEOUwv5xkbllmsabnOt1d%2Fj2fh6nUDP%2FjUkGUJtk8kjnxnqrXw2L8QKSkATxwZpSSEAchPsfigblbHaDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5c88750b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/js/video.min.js

172.67.157.116

200 OK

626 kB

URL GET HTTP/3
www.rosequake.com/js/video.min.js
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
626 kB (625751 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/video.min.js HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: application/javascript
last-modified: Thu, 26 Oct 2023 05:20:34 GMT
etag: W/"e255b25cc7da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HPmvByrDCetUjugCQxoMujittl%2BUMj1U5KykIpHaMtRG6nxoQMygynagBfYVXYhvG0q867RbiNjsdNBr67y7psSzR6cBP3KWH3zDnRvetFKw%2FI0%2FRXERO%2Bjo7itmdgVuxmdCkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5cc8b10b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

global.akating.com/files/js/CBDCurrency.js?v=cac202405-20240508

104.21.11.35

200 OK

44 kB

URL GET HTTP/2
global.akating.com/files/js/CBDCurrency.js?v=cac202405-20240508
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type

Size
44 kB (43494 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /files/js/CBDCurrency.js?v=cac202405-20240508 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: application/javascript
last-modified: Wed, 20 Dec 2023 13:12:33 GMT
etag: W/"4ecd3314633da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YYKNTmvieByXInGjxmAJLY7ZHaVPJXdUeepQvJlcT4c%2BwezQl%2Bm3Gm6HDyy6E7iq2O2wzPH5l4PZ3Gq5woeQB6PNI7oOJjdZcZ%2FEXzb%2F5nR92KMstFSZw6Fh1NPXZcXNomjlTY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5e3f1f5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/js/video-js.min.css

172.67.157.116

200 OK

46 kB

URL GET HTTP/3
www.rosequake.com/js/video-js.min.css
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (45950), with no line terminators
Size
46 kB (45950 bytes)
Hash
fbc92259a04709e2f8a10960e574e5fc
c03562e5c2c407426076f7f844f0c634631ea0f0
48876176ecb5cf6cdb8e7d91c8d63b89f6bc3fa8fb4b67a595c0a59940a433a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/video-js.min.css HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/css
last-modified: Thu, 26 Oct 2023 05:20:16 GMT
etag: W/"50afb71acc7da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e9RoJysS%2BbR6XkXAfEgnehXNVTlUxfCdUKgd1xGr40Qn6QbASR6My6tRWqd5lBESIFaoqBtvrezZpd9b3uiOwOFeSV3b%2FvqwGbMWvmnCCORd5NFX4dvViG3lzj3jpUF3ev4idQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5cc8b00b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

global.akating.com/files/Country_list.js

104.21.11.35

200 OK

55 kB

URL GET HTTP/2
global.akating.com/files/Country_list.js
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type
ASCII text, with very long lines (55293), with no line terminators
Size
55 kB (55293 bytes)
Hash
3dd00c1468c48f40ac11cf9715d34831
98691de8e84697877dfdbf2f9e87149621c64656
0512d7cec7a4d88356a2b50d5254c7884ad61cd7f343c8add98a4c8a4ca77eb2

HTTP Headers

GET /files/Country_list.js HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 20:39:55 GMT
etag: W/"e08f8ab3b22da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBtBLojRiCyLHMOlyBMB2dJoLr2NikNv0PN95o3pbenoTQeFLHb2HkouH5bJ17e5fBKx31CDg%2Fo6joLYRNNOqaB%2FF8oAl2RCS4FljXJhaCm48JtfGrvTMoEm3y5kP0prPG9ULjU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5e3f235691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/images/loading.gif

172.67.157.116

200 OK

781 B

URL GET HTTP/3
www.rosequake.com/images/loading.gif
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
GIF image data, version 89a, 16 x 16
Size
781 B (781 bytes)
Hash
21ab0717cf57aea00e222e6570678b35
d76c0624c7598ffa603475a1ece2ba4e18355879
82d0c69a839a750eeb6bd5d94b7a94ab87b006924e97479ce8c55dc13b39ee11

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/loading.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac202405-20240508
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1; _gcl_au=1.1.479750213.1715118603
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:03 GMT
content-type: image/gif
content-length: 781
last-modified: Wed, 13 May 2015 02:03:29 GMT
etag: "c16ee41218dd01:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5FrXxka4zPGW20E%2BtNcvKFsC4qSrkcZkLTOWbgYzJacwjTSW62%2BHJttUIwEl68HO30uDOFUM1aTAcB26fO8XUd8dU6BxbAcwsMdUpCNgUKGDSHktlKc9Sr4jSWBZTp5mAMPbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c67089a0b69-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/images/favicon_RoseQuake/favicon.ico

172.67.157.116

200 OK

15 kB

URL GET HTTP/3
www.rosequake.com/images/favicon_RoseQuake/favicon.ico
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
15 kB (15406 bytes)
Hash
f033c0b4ab01e492fb3fadb6ca951f06
33e214cc88ca96bb5ab7e5bab69ff93f0f67aa43
26b0ccd197318f6eafe8f4edb28a004830152274194774fe6821c6c3abdb38b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/favicon_RoseQuake/favicon.ico HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1; _gcl_au=1.1.479750213.1715118603
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:03 GMT
content-type: image/x-icon
last-modified: Tue, 03 Oct 2023 09:59:06 GMT
etag: W/"091d83ee0f5d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F21OjJCgkgsUipC5BHkFoKtJ9s53DhAn82R0hpj9V4X35BQCUJ0ysqViMT5zps5a3h44COt2eEsfnDhb1ChlDm55kBtQmt5F%2FjDJg4UedjIlc2q6%2FGdzm9hRseRW3%2ByKeEud1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c695a6c0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

global.akating.com/files/js/chosen_v1.8.7/chosen.css?v=cac202405-20240508

104.21.11.35

200 OK

12 kB

URL GET HTTP/2
global.akating.com/files/js/chosen_v1.8.7/chosen.css?v=cac202405-20240508
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type
ASCII text
Size
12 kB (12210 bytes)
Hash
f9e4f602d90605d2dae0d32979c69029
d8c7700cbf92f6100c9aa5de69ac6d4390802ee7
89945fcb95372714ec719cfed9a0ad20f35bc6f0d1d471662dba38c6f46b0f75

HTTP Headers

GET /files/js/chosen_v1.8.7/chosen.css?v=cac202405-20240508 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/css
last-modified: Sat, 25 Jun 2022 10:07:28 GMT
etag: W/"0f0f95f7b88d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fv0%2BYsXrGbY8pB%2F2BscBslH7bceOIErqrVXoa9kYS%2FKhKfv7TkgFsaIPlI%2FnPbtt%2BUuXYHWadowVBCdrerEPjSURS894LZEOVZ2WpgJd9JZDNZzt%2BpslpVHiz1FEdzdNCIBn%2BU8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5e2f1b5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/static/assets/sass/base/animation/animation.css?v=cac202405-20240508

172.67.157.116

200 OK

588 B

URL GET HTTP/3
www.rosequake.com/static/assets/sass/base/animation/animation.css?v=cac202405-20240508
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (588), with no line terminators
Size
588 B (588 bytes)
Hash
ae3be075920a0f6383941a562ca1d463
f69e0cf75305a350af184bfb68c8a76a4e04241b
a9689c4c62542817e9915a50df62020a909a63b566cd09af80f42bd5d427b33d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/sass/base/animation/animation.css?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dIsVvOvUdsGLSibsYGcfZ6DFqUY6L1BWnZTaSmhoOyDXM8zrjKRECfo1kYepPS1Ow%2BJuURgpGPa%2Fv8Eqe1GpyPi37Gof9Dqf58AY7hgo9ce51Hmlst8ABVoC0zyIF%2BOMuOzuIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5c68590b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/lib/fancybox/fancybox.umd.js?v=cac202405-20240508

172.67.157.116

200 OK

105 kB

URL GET HTTP/3
www.rosequake.com/static/lib/fancybox/fancybox.umd.js?v=cac202405-20240508
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (65501), with CRLF line terminators
Size
105 kB (105164 bytes)
Hash
b01da78c5d4905c9961b0f6edfa28c3f
e51d3d15baa13e0cda9b2e6637925c74c8655a4c
691ffb9a7ea68f1b92aa89bfd4392bfe7de445a153c28ef4268aa192215d3ef7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/fancybox/fancybox.umd.js?v=cac202405-20240508 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:01 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:46 GMT
etag: W/"0dff0326db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKFqS5%2F3reZSysCG6TNv0ZEN9w7LSNh8Xse41naGUXD8bATy1B6OLroCp%2BqN0gfvwv%2BgOcSlOT%2FJ5BMvX7kSjYXhRAGnCQrA%2FuAL6cCkj7Yn%2BP7Mfwrh0mkOHbP46Myg40NDuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046c5c987c0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js

172.67.157.116

200 OK

7.8 kB

URL GET HTTP/3
www.rosequake.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/Masturbation-Cup-Category-1096.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (7843), with no line terminators
Size
7.8 kB (7843 bytes)
Hash
f93e06d4c4341cefd6d145257712828f
e60a1097f9e822d37f5bfde4b037bf8e714d916a
57b43dee0b1805c7fa1efb99296ddbd4446b36ae5d834ac9955da6b3f5f4951a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=zakdyuxkmfdgkeof2cr3gw0n; SiteUserGuid=db5d1f0c-daa4-4e66-b6c7-c549bb3fbcf1; _gcl_au=1.1.479750213.1715118603
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 21:50:03 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ocWkTvXHF1skNJxyymnXROwbEkeTX47SrcnPcklRd5ARFTFRCh%2FGqbZnMe3PRtYgwbKaQdClvWNcX6E3bLQKz4sV%2Fc%2F38pVNall7MIrcuWk%2Fuw6s%2Fz3IU4khI9xi0tV%2BK6MSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046c699a8c0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (37)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL