Report - tapepops.com/e/7XAwB41QoYHV3b/

Report Overview

Visited public
2025-07-13 13:01:36
Tags
Submit Tags
URL
tapepops.com/e/7XAwB41QoYHV3b/
Finishing URL
tapepops.com/e/7XAwB41QoYHV3b/
IP / ASN
104.21.7.161
#13335 CLOUDFLARENET
Title
Streamtape.com

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
qa.shboshbok.com	unknown	2025-03-11	2025-04-08	2025-07-09	420 B	1.5 kB	23.109.170.29
www.google.com	7	1997-09-15	2015-05-10	2025-07-09	464 B	1.8 kB	142.250.74.68
www.gstatic.com	unknown	2008-02-11	2012-05-29	2025-07-09	488 B	793 kB	142.250.178.99
thumb.tapecontent.net	98256	2020-01-18	2020-04-25	2025-07-08	468 B	296 kB	172.67.200.239
js.mbidadm.com	unknown	2023-02-20	2023-02-21	2025-07-11	417 B	2.1 kB	45.133.44.52
tapepops.com	unknown	2025-06-05	2025-06-07	2025-07-09	3.2 kB	423 kB	104.21.7.161

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-07-13	medium	tapepops.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	tapepops.com/js/jquery.min.js	ScriptElement	1.0 kB	2023-07-14	2025-07-17
Pretty URL tapepops.com/js/jquery.min.js IP 104.21.7.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-14 18:28 Last Seen2025-07-17 08:35 Times Seen304 Hash 8c8b9b3742de549931386c579d250d31 cc69e7b9b7b24c473f83d35e54d54d7649cca7c0 a449fca4e4e1673d95b76089b4e4bf5ff1f9ef44f8f51f407ce88e8f43d625d5 Loading...

	tapepops.com/prebid.min.js	ScriptElement	20 B	2023-03-07	2025-07-17
Pretty URL tapepops.com/prebid.min.js IP 104.21.7.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24 Last Seen2025-07-17 08:08 Times Seen1606 Hash 69a305bcdc8e061bbd43294a477a3678 506582a1d912d546f5942d95ffae95ec7f4c37ce 8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa Loading...

	tapepops.com/e/7XAwB41QoYHV3b/	ScriptElement	864 B	2024-11-21	2025-07-17
Pretty URL tapepops.com/e/7XAwB41QoYHV3b/ IP 104.21.7.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-21 06:39 Last Seen2025-07-17 08:07 Times Seen79 Hash ba6dca9c0555e01bdfe358f5c6e5f00c 74b4b753fb8b5d8416440a51d0e9e6791156bc35 370afbf6da08283c1915a5852d19149a0ac17e01344baa0088a84c67b7ba181d Loading...

		Size	First Seen	Last Seen
	#1 Write - e1f1c9f54666acb1650465e150d3df1b	44 B	2023-03-07 01:24	2025-07-17 08:07
Pretty Observations First Seen2023-03-07 01:24 Last Seen2025-07-17 08:07 Times Seen575 Hash e1f1c9f54666acb1650465e150d3df1b 6b7251286fa476ae4e0985f8067cc76006a7cf89 490fbee07295a40ddaf64abd25076eb54cd926777e2b307c8a7c537d62f95ec9 Loading...

HTTP Transactions (12)

URL IP Response Size

GET tapepops.com/e/7XAwB41QoYHV3b/

104.21.7.161

200 OK

102 kB

URL User Request GET
tapepops.com/e/7XAwB41QoYHV3b/
IP
104.21.7.161:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecttapepops.com
Fingerprint9D:B1:71:8E:C3:5E:63:C9:9A:75:89:7E:E8:3D:57:12:47:DD:A1:C6
ValidityThu, 05 Jun 2025 18:03:25 GMT - Wed, 03 Sep 2025 19:01:04 GMT

File type
HTML document, ASCII text, with very long lines (19148)
Size
102 kB (101722 bytes)
Hash
8b73dd8774abdf5aa445a5b5df568b13
b2adcd11170653a3abc6731d254109b19c157487
ea9ba668500f3e04da214ee5637c09529a7b7c037a71f1d29761185196f1f225

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /e/7XAwB41QoYHV3b/ HTTP/1.1
Host: tapepops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 13 Jul 2025 13:01:14 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
cache-control: private
x-robots-tag: nofollow, noindex, noimageindex
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=O0w0U0nGvZx3zsiOBNc92X8rb1ZuYoU0x8XKRwZ1l2Iy%2B3Or%2BsMpKCBic6MTzz3W0%2FtlPJJc7zLFmACXvKfnGvpTItyQmmtf04M%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
set-cookie: _b=kube18; Path=/
cf-ray: 95e8f7c47b3ab505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET qa.shboshbok.com/gaES55BKbPXf/58191

23.109.170.29

200 OK

6 B

URL GET
qa.shboshbok.com/gaES55BKbPXf/58191
IP
23.109.170.29:443
ASN
#7979 SERVERS-COM

Requested by
https://tapepops.com/e/7XAwB41QoYHV3b/
Certificate
IssuerLet's Encrypt
Subjectqa.shboshbok.com
Fingerprint9B:A3:5A:06:B3:FA:9D:57:02:9E:84:C9:F2:98:65:20:93:FD:68:9B
ValidityFri, 16 May 2025 09:02:43 GMT - Thu, 14 Aug 2025 09:02:42 GMT

File type
ASCII text, with no line terminators
Size
6 B (6 bytes)
Hash
4fc71bf68a1d477bd1523733e34d1e90
15119105cffbe108b6cf290146ab02c9aa8517ba
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gaES55BKbPXf/58191 HTTP/1.1
Host: qa.shboshbok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapepops.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 13 Jul 2025 13:01:15 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://tapepops.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; expires=Mon, 14-Jul-2025 13:01:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Mon, 14-Jul-2025 13:01:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET tapepops.com/player.svg

104.21.7.161

200 OK

5.5 kB

URL GET
tapepops.com/player.svg
IP
104.21.7.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapepops.com/e/7XAwB41QoYHV3b/
Certificate
IssuerGoogle Trust Services
Subjecttapepops.com
Fingerprint9D:B1:71:8E:C3:5E:63:C9:9A:75:89:7E:E8:3D:57:12:47:DD:A1:C6
ValidityThu, 05 Jun 2025 18:03:25 GMT - Wed, 03 Sep 2025 19:01:04 GMT

File type
SVG Scalable Vector Graphics image
Size
5.5 kB (5548 bytes)
Hash
2c5ea626e326b207c2ab37e330ec798c
73f320fab9bae5aaeaf5724cdff2abde897a1efd
1b0a89316b4c4edfcaecd47b2cd0a992c29219a6bf57a9f6dcda37a3f037a02e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /player.svg HTTP/1.1
Host: tapepops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapepops.com/e/7XAwB41QoYHV3b/
Cookie: _b=kube18
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 13 Jul 2025 13:01:15 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=62uPl%2BAN8xi5SOl3zykEkeAjumf1npkbwuoyJmAv9BHLXIoAclt81aGLTP%2Bt4jdRZTfX8exbKTrQdTu%2BQAuQa%2FkH6i%2F%2FUUE07TNX4u0mcCRwZvx5GPR89HzZwIc5hSM%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 13 Dec 2020 16:27:48 GMT
etag: W/"5fd64104-15ac"
age: 3485
cache-control: max-age=345600
cf-cache-status: HIT
content-encoding: br
cf-ray: 95e8f7cb9efc5695-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3308&min_rtt=0&rtt_var=3937&sent=119&recv=75&lost=0&retrans=0&sent_bytes=91558&recv_bytes=5498&delivery_rate=20949447&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=34596&unsent_bytes=0&cid=b46c4b3cdba26884&ts=923&inflight_dur=67&x=40"

GET tapepops.com/favicon.ico

104.21.7.161

200 OK

42 kB

URL GET
tapepops.com/favicon.ico
IP
104.21.7.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapepops.com/e/7XAwB41QoYHV3b/
Certificate
IssuerGoogle Trust Services
Subjecttapepops.com
Fingerprint9D:B1:71:8E:C3:5E:63:C9:9A:75:89:7E:E8:3D:57:12:47:DD:A1:C6
ValidityThu, 05 Jun 2025 18:03:25 GMT - Wed, 03 Sep 2025 19:01:04 GMT

File type
MS Windows icon resource - 1 icon, 100x100, 32 bits/pixel
Size
42 kB (41662 bytes)
Hash
1f1617bb9d33485e49af9fae638831f9
e245af39fd84866e07b7e177fa0ff6d25221252f
3fe1701b124953220bd71e61910006cb7c3ae36f6c8975075c842101d97cf513

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: tapepops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapepops.com/e/7XAwB41QoYHV3b/
Cookie: _b=kube18
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 13 Jul 2025 13:01:16 GMT
content-type: image/x-icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D5yKdC21X8jwxHAJSbPqkvwPwwIOvtffNVcsdiCEMHSJ6OdmdShize%2BFnaJ08y8L%2BIPlebZDQMJSvyVlZZbf%2FOQ%2BVEYftnADMG1eYRuPHsWphnPZvyGPwcAXu1M3iyE%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 29 Nov 2020 16:24:53 GMT
etag: W/"5fc3cb55-a2be"
age: 3469
cache-control: max-age=345600
cf-cache-status: HIT
content-encoding: br
cf-ray: 95e8f7d1af385695-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3029&min_rtt=0&rtt_var=3511&sent=124&recv=77&lost=0&retrans=0&sent_bytes=94574&recv_bytes=5839&delivery_rate=20949447&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=34596&unsent_bytes=0&cid=b46c4b3cdba26884&ts=1902&inflight_dur=69&x=40"

GET tapepops.com/prebid.min.js

104.21.7.161

200 OK

20 B

URL GET
tapepops.com/prebid.min.js
IP
104.21.7.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapepops.com/e/7XAwB41QoYHV3b/
Certificate
IssuerGoogle Trust Services
Subjecttapepops.com
Fingerprint9D:B1:71:8E:C3:5E:63:C9:9A:75:89:7E:E8:3D:57:12:47:DD:A1:C6
ValidityThu, 05 Jun 2025 18:03:25 GMT - Wed, 03 Sep 2025 19:01:04 GMT

File type
ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
69a305bcdc8e061bbd43294a477a3678
506582a1d912d546f5942d95ffae95ec7f4c37ce
8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prebid.min.js HTTP/1.1
Host: tapepops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapepops.com/e/7XAwB41QoYHV3b/
Cookie: _b=kube18
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 13 Jul 2025 13:01:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 20
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P00GoFPQAOKTHsEDM%2Fs2PWD10zLvoD2fKCGnf6i4DF99YCRFOuYXEbassQ%2BBNjwA7MlGpTlwAh7R6UyHVj4MaRRnVIA2RinbRsVdNUJN1NYaxDChAr9taV00%2BolmZc4%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 13 Nov 2024 21:29:55 GMT
etag: "67351a53-14"
accept-ranges: bytes
age: 3458
cache-control: max-age=345600
cf-cache-status: HIT
cf-ray: 95e8f7c7fee85695-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6847&min_rtt=3657&rtt_var=4931&sent=50&recv=65&lost=0&retrans=0&sent_bytes=7057&recv_bytes=4595&delivery_rate=216739&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=18058&unsent_bytes=0&cid=b46c4b3cdba26884&ts=359&inflight_dur=48&x=40"

GET www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs

142.250.74.68

200 OK

1.1 kB

URL GET
www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs
IP
142.250.74.68:443
ASN
#15169 GOOGLE

Requested by
https://tapepops.com/e/7XAwB41QoYHV3b/
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint18:68:D7:A6:6E:58:DB:F0:4B:B6:53:AF:BA:2B:82:59:4F:36:D8:73
ValidityMon, 23 Jun 2025 08:42:14 GMT - Mon, 15 Sep 2025 08:42:13 GMT

File type
JavaScript source, ASCII text, with very long lines (1051), with no line terminators
Size
1.1 kB (1051 bytes)
Hash
4589b21515508941196a9a2a1e6673e9
502e14f2ccf4d54d98f1a8ba188fe16787f0de32
dd3be5dc8492f67b018f57732a13e8d80d68fdb0d3e9efe7620b8c1b3fc42251

HTTP Headers

GET /recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapepops.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 13 Jul 2025 13:01:15 GMT
date: Sun, 13 Jul 2025 13:01:15 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET tapepops.com/js/player.ec3b7e.js

104.21.7.161

200 OK

148 kB

URL GET
tapepops.com/js/player.ec3b7e.js
IP
104.21.7.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapepops.com/e/7XAwB41QoYHV3b/
Certificate
IssuerGoogle Trust Services
Subjecttapepops.com
Fingerprint9D:B1:71:8E:C3:5E:63:C9:9A:75:89:7E:E8:3D:57:12:47:DD:A1:C6
ValidityThu, 05 Jun 2025 18:03:25 GMT - Wed, 03 Sep 2025 19:01:04 GMT

File type
JavaScript source, ASCII text, with very long lines (57504)
Size
148 kB (148031 bytes)
Hash
1781a0087c11152a2361ca6c84b13fab
87360f858b201c3e28f4af24b2fc7c2d8a8d0232
00c57c8b0121e3c2154bc0c181a5c01ad10550648cc4835a62dc887d5427c656

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/player.ec3b7e.js HTTP/1.1
Host: tapepops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapepops.com/e/7XAwB41QoYHV3b/
Cookie: _b=kube18
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 13 Jul 2025 13:01:15 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CqwS5Tby%2BT6ws2th3oNIpCH3Ix%2Bfc%2FO6DdxZrXmjgjD8ozpm61SgbHDvcdjdU3V6lushhCVjRjL8lrVSG1uWhGnmVhzrxMET5vlHblAbLrcz7%2FUoUWbIjVwrgl264jw%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 04 Feb 2021 09:32:45 GMT
etag: W/"601bbf3d-2423f"
age: 6122
cache-control: max-age=345600
cf-cache-status: HIT
content-encoding: br
cf-ray: 95e8f7ca4ef55695-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3215&min_rtt=0&rtt_var=4569&sent=84&recv=72&lost=0&retrans=0&sent_bytes=47778&recv_bytes=5130&delivery_rate=20949447&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=34596&unsent_bytes=0&cid=b46c4b3cdba26884&ts=716&inflight_dur=55&x=40"

GET www.gstatic.com/recaptcha/releases/_cn5mBoBXIA0_T7xBjxkUqUA/recaptcha__en.js

142.250.178.99

200 OK

792 kB

URL GET
www.gstatic.com/recaptcha/releases/_cn5mBoBXIA0_T7xBjxkUqUA/recaptcha__en.js
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://tapepops.com/e/7XAwB41QoYHV3b/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA
ValidityMon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT

File type
JavaScript source, ASCII text, with very long lines (688)
Size
792 kB (791775 bytes)
Hash
6dbbd249df18061c1db8902b45271648
aa188a6fd94457b382c134d0ab2cf49b3b1ca7ac
c5c7449312a185b3eeaf553524a6229ce91349ba8894b6ac7d99d20ca6980f96

HTTP Headers

GET /recaptcha/releases/_cn5mBoBXIA0_T7xBjxkUqUA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tapepops.com
DNT: 1
Connection: keep-alive
Referer: https://tapepops.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha-scs"
report-to: {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
timing-allow-origin: *
content-length: 337754
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Jul 2025 15:08:39 GMT
expires: Thu, 09 Jul 2026 15:08:39 GMT
cache-control: public, max-age=31536000
age: 337957
last-modified: Tue, 01 Jul 2025 16:48:13 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET tapepops.com/scss/player.ec3b7d.css

104.21.7.161

200 OK

32 kB

URL GET
tapepops.com/scss/player.ec3b7d.css
IP
104.21.7.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapepops.com/e/7XAwB41QoYHV3b/
Certificate
IssuerGoogle Trust Services
Subjecttapepops.com
Fingerprint9D:B1:71:8E:C3:5E:63:C9:9A:75:89:7E:E8:3D:57:12:47:DD:A1:C6
ValidityThu, 05 Jun 2025 18:03:25 GMT - Wed, 03 Sep 2025 19:01:04 GMT

File type
ASCII text, with very long lines (31500), with no line terminators
Size
32 kB (31500 bytes)
Hash
ef06c6005aa0385b099dcfe4cf4c37cb
7375834c8a0d81548fde10ad1c1d14af262b958b
25030a9d025c1e8c6d1bc7a95152b7265ef6eade6ed5d568b4631b828dc5e0db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /scss/player.ec3b7d.css HTTP/1.1
Host: tapepops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapepops.com/e/7XAwB41QoYHV3b/
Cookie: _b=kube18
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 13 Jul 2025 13:01:14 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8TM0J5XaCzW20ulivQMAGGSsbCQo9M68BTyjkjMVbtjSEwpcBLosmg22QotZGm5FLFxRXohaIfIJTL71IPfbG%2FfTFkI3qadFuqbRkHfuN0KeMl7Zq5il9r1h5OVThs8%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 12 Mar 2022 01:25:25 GMT
etag: W/"622bf685-7b0c"
age: 6122
cache-control: max-age=345600
cf-cache-status: HIT
content-encoding: br
cf-ray: 95e8f7c80eea5695-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6847&min_rtt=3657&rtt_var=4931&sent=51&recv=65&lost=0&retrans=0&sent_bytes=7811&recv_bytes=4595&delivery_rate=216739&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=18058&unsent_bytes=0&cid=b46c4b3cdba26884&ts=359&inflight_dur=48&x=40"

GET thumb.tapecontent.net/thumb/7XAwB41QoYHV3b/KgDBRzd6vpS0V8d.jpg

172.67.200.239

200 OK

295 kB

URL GET
thumb.tapecontent.net/thumb/7XAwB41QoYHV3b/KgDBRzd6vpS0V8d.jpg
IP
172.67.200.239:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapepops.com/e/7XAwB41QoYHV3b/
Certificate
IssuerGoogle Trust Services
Subjecttapecontent.net
Fingerprint69:08:D9:4D:A9:14:F5:DD:E9:A3:20:B0:F3:F8:DA:C6:8F:87:F6:CC
ValidityMon, 02 Jun 2025 16:53:33 GMT - Sun, 31 Aug 2025 17:51:17 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1275x715, components 3
Size
295 kB (294919 bytes)
Hash
555c3eb28473972f43487a01d2ead3c8
b62e330e34782aaa19269be44013bf26ea06300b
39d5059dbc8b3fc3102779e2a5b4653bb28c5a73916fbbdff324cb7c387aece6

HTTP Headers

GET /thumb/7XAwB41QoYHV3b/KgDBRzd6vpS0V8d.jpg HTTP/1.1
Host: thumb.tapecontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapepops.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 13 Jul 2025 13:01:15 GMT
content-type: image/jpeg
content-length: 294919
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Sat, 25 Feb 2023 06:43:58 GMT
etag: 5e8150fac3d9
access-control-allow-origin: *
allow: OPTIONS, GET, HEAD, POST
access-control-allow-headers: Upgrade-Insecure-Requests,Range,Content-Type,If-Modified-Since
access-control-expose-headers: ETag,Expires,Location,Content-Length,Accept-Ranges,Content-Encoding,Content-Range
x-robots-tag: nofollow, noindex, noimageindex
content-disposition: inline; filename="KgDBRzd6vpS0V8d.jpg"
cache-control: public, max-age=259200
expires: Tue, 15 Jul 2025 02:38:58 GMT
accept-ranges: bytes
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=QmJ3yYLUsupv92iq50bKBF2ksSjNfwqELnfZVEc0H91kWlL6sXV1a3GSoT%2FxQrxH8rNKhW455uzw0O%2FQOGRQ%2F4qaWCqmE6nK9tu54GD6EM5O%2FOY%3D"}]}
cf-ray: 95e8f7c85d3e56c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET js.mbidadm.com/static/scripts.js

45.133.44.52

200 OK

1.7 kB

URL GET
js.mbidadm.com/static/scripts.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://tapepops.com/e/7XAwB41QoYHV3b/
Certificate
IssuerLet's Encrypt
Subjectjs.mbidadm.com
FingerprintCD:AB:BC:3F:4A:8E:E2:AA:16:37:DE:A6:C1:66:6B:7B:F0:20:1B:2F
ValidityThu, 12 Jun 2025 02:34:24 GMT - Wed, 10 Sep 2025 02:34:23 GMT

File type
JavaScript source, ASCII text, with very long lines (1732), with no line terminators
Size
1.7 kB (1732 bytes)
Hash
7e14d1597d1dd442175d8ee15cb07f07
de55b2463f332f2096d788047f8a7b07a776e437
cf31e107e8cb091c9477fe99de3a57a65486fe87becf0e8f469846949beff9f3

HTTP Headers

GET /static/scripts.js HTTP/1.1
Host: js.mbidadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapepops.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 13 Jul 2025 13:01:15 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 03 Jul 2025 10:06:04 GMT
etag: W/"6866560c-6c4"
content-encoding: gzip
expires: Sun, 13 Jul 2025 13:06:15 GMT
cache-control: max-age=300
x-cdn-host-id: ah1747
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET tapepops.com/js/jquery.min.js

104.21.7.161

200 OK

88 kB

URL GET
tapepops.com/js/jquery.min.js
IP
104.21.7.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tapepops.com/e/7XAwB41QoYHV3b/
Certificate
IssuerGoogle Trust Services
Subjecttapepops.com
Fingerprint9D:B1:71:8E:C3:5E:63:C9:9A:75:89:7E:E8:3D:57:12:47:DD:A1:C6
ValidityThu, 05 Jun 2025 18:03:25 GMT - Wed, 03 Sep 2025 19:01:04 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: tapepops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapepops.com/e/7XAwB41QoYHV3b/
Cookie: _b=kube18
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 13 Jul 2025 13:01:14 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Cc1oxVxBgUUyNy2lruapO%2FzKE7IM41N%2FK%2FhWzA7ZGI5MNlnwO%2F0dWNTT4ajbNw7JGZ5aNbP9Qm0YExGMpvdPXMSDGUImDPUTwLYExVMzItuNp7iBSOCEPK7xkw%2BobQ%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 13 Dec 2020 16:27:48 GMT
etag: W/"5fd64104-15851"
age: 3487
cache-control: max-age=345600
cf-cache-status: HIT
content-encoding: br
cf-ray: 95e8f7c80ee95695-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6847&min_rtt=3657&rtt_var=4931&sent=51&recv=65&lost=0&retrans=0&sent_bytes=7811&recv_bytes=4595&delivery_rate=216739&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=18058&unsent_bytes=0&cid=b46c4b3cdba26884&ts=359&inflight_dur=48&x=40"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (12)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate