Report - www.twpornstars.com/LeoLulu

Report Overview

Visited public
2023-11-28 08:48:22
Tags
URL
www.twpornstars.com/LeoLulu_XXX
Finishing URL
www.twpornstars.com/LeoLulu_XXX
IP / ASN
104.21.235.200
#13335 CLOUDFLARENET
Title
(1) New Message!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
proceedglad.com	unknown	2023-09-23	2023-09-23 03:50:16	2023-11-09 17:45:50	5.3 kB	7.8 kB	173.233.137.52
cdn.barscreative1.com	25648	2021-09-08	2021-09-16 13:14:42	2023-11-27 20:32:59	508 B	6.3 kB	45.133.44.3
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04 17:12:50	2023-11-27 22:51:36	431 B	841 B	172.67.219.12
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-28 07:50:39	534 B	17 kB	216.58.207.227
syndication.realsrv.com	9112	2019-02-07	2019-07-03 23:39:52	2023-11-28 05:11:38	491 B	3.8 kB	95.211.229.245
u3y8v8u4.aucdn.net	unknown	2022-06-27	2022-08-08 15:30:47	2023-11-23 22:54:01	552 B	1.8 MB	185.76.9.17
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-11-27 20:33:00	466 B	68 kB	45.133.44.9
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2023-11-27 18:32:50	1.5 kB	846 B	192.243.59.20
a.realsrv.com	10080	2019-02-07	2019-07-03 18:12:14	2023-11-27 20:29:16	839 B	83 kB	185.76.9.21
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-11-27 18:55:43	902 B	852 B	18.185.201.157
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15 17:46:22	2023-11-27 20:32:59	3.3 kB	187 kB	172.64.108.10
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-11-27 11:39:00	834 B	173 kB	104.21.234.33
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-28 07:52:06	430 B	7.5 kB	142.250.74.106
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-28 07:59:41	440 B	239 kB	142.250.74.168
www.twpornstars.com	856502	2015-08-11	2015-09-28 23:19:12	2023-11-12 00:35:47	6.5 kB	355 kB	104.21.235.199
straitssoak.com	unknown	2023-08-23	2023-08-25 21:49:27	2023-11-11 06:43:03	900 B	40 kB	192.243.59.20
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-11-27 08:01:03	700 B	1.9 kB	54.230.218.11
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24 16:34:56	2023-11-28 05:09:25	514 B	7.2 kB	104.16.57.101

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-27	medium	straitssoak.com	Sinkholed
2023-11-27	medium	straitssoak.com	Sinkholed
2023-11-28	medium	proceedglad.com	Sinkholed
2023-11-28	medium	proceedglad.com	Sinkholed
2023-11-28	medium	proceedglad.com	Sinkholed
2023-11-28	medium	unseenreport.com	Sinkholed
2023-11-28	medium	unseenreport.com	Sinkholed
2023-11-28	medium	proceedglad.com	Sinkholed
2023-11-28	medium	proceedglad.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (23)

	URL	From	Size	First Seen	Last Seen
	www.twpornstars.com/LeoLulu_XXX	ScriptElement	185 B	2023-03-09	2024-10-11
Pretty URL www.twpornstars.com/LeoLulu_XXX IP 104.21.235.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 05:33 Last Seen2024-10-11 08:59 Times Seen31 Hash e7b01f16e6cb7ae875628cd276e6d37c 081b03c7fd136a9f1ff581855e7eb5a42c9c2747 707cdb3683251dbafc819455a94a0b6a8755d3b5072986055764a7c645b10942 Loading...

	www.twpornstars.com/LeoLulu_XXX	ScriptElement	268 B	2023-03-09	2025-02-19
Pretty URL www.twpornstars.com/LeoLulu_XXX IP 104.21.235.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 05:33 Last Seen2025-02-19 05:18 Times Seen12 Hash b28dd390f0d6b42b975844531ce75fac 8f40a315bbaf8fb17633fa4d92e4ae9c55602866 e19b113f463c53a56549ddbf72953a9afc03b5e9e4f79e841d4dfa464794e843 Loading...

	a.realsrv.com/ad-provider.js	ScriptElement	122 kB	2023-11-16	2023-11-30
Pretty URL a.realsrv.com/ad-provider.js IP 185.76.9.21 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 16:24 Last Seen2023-11-30 09:31 Times Seen81 Hash d49a008c1ebc345a45c82d3568b74a57 a3a4ec9261ccc398f73e0a7ae180432d955f8f5f 16c49ebd0602f212c42aa872a47149de690000186578416857ce78c95b46fb3e Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-11-23	2024-08-20
Pretty URL friendshipmale.com/sfp.js IP 104.21.234.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 18:35 Last Seen2024-08-20 18:08 Times Seen6307 Hash 924e967bca1d599992556a8d139b1c5a 222b09dbf164ddc03d39100fd0524a22018d28b2 ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95 Loading...

	cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/js/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-05-07
Pretty URL cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/js/jquery.min.js IP 172.64.108.10 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04 Last Seen2025-05-07 13:51 Times Seen2286 Hash 561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc Loading...

	www.googletagmanager.com/gtag/js?id=G-V4D62Y39MW	ScriptElement	238 kB	2023-11-28	2023-11-28
Pretty URL www.googletagmanager.com/gtag/js?id=G-V4D62Y39MW IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 09:48 Last Seen2023-11-28 09:48 Times Seen1 Hash 523e0b7e6142f527cd8ff72a4ffb8977 df1d5af561e5d88b48a17dc46e71cbf3b2d541da c620d48429cb766de97dd3b68d76f27e13f469447ea683b70da669aa0e94cd38 Loading...

	www.twpornstars.com/LeoLulu_XXX	ScriptElement	680 B	2023-06-15	2025-03-05
Pretty URL www.twpornstars.com/LeoLulu_XXX IP 104.21.235.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-15 22:39 Last Seen2025-03-05 16:09 Times Seen33 Hash 8585d7cfc9e845e97594962c7a98b6c2 2c1c78370558c8e9f40fdfa91820819d82fa4be5 7f666b80a2c64cbd17c21738482a7906186667025be081d74620c1148c81a1f4 Loading...

	www.twpornstars.com/LeoLulu_XXX	ScriptElement	18 B	2023-03-09	2025-02-19
Pretty URL www.twpornstars.com/LeoLulu_XXX IP 104.21.235.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 05:33 Last Seen2025-02-19 05:18 Times Seen19 Hash 198e2bf4e9a4b10efa1b30ba3f9441fe d916f37a1c6b1bf1399e4496066b13e6d58a2da1 6f5aa6791222667ea60a3f33df8f5b55ed447cc5e49c3516c9224549513adfd7 Loading...

	www.twpornstars.com/LeoLulu_XXX	ScriptElement	182 B	2023-03-09	2025-04-19
Pretty URL www.twpornstars.com/LeoLulu_XXX IP 104.21.235.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 05:33 Last Seen2025-04-19 07:12 Times Seen42 Hash 7b477f4b2dfa1b808fe15d8c30620c0e 42cb277b4892d118fb7012a8dd218d1b27b7c15c 35f5e70c088e5ccc2d0d5102d158c676fd47d1b3179d89a4b2a34e988e349423 Loading...

	www.twpornstars.com/LeoLulu_XXX	ScriptElement	2.6 kB	2023-11-03	2025-03-05
Pretty URL www.twpornstars.com/LeoLulu_XXX IP 104.21.235.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 02:34 Last Seen2025-03-05 16:09 Times Seen35 Hash ad2e0be66b71830b01d817f3941ad029 9fb6284ddfd3201aaca91d4df1105f7b6ca8474e e81b3f84c81e119c1bfae123d0cdae46687c16f6b81cecd3f5cc0d150d3600b6 Loading...

	www.twpornstars.com/build/755.1a058989.js	ScriptElement	86 kB	2023-11-03	2025-03-05
Pretty URL www.twpornstars.com/build/755.1a058989.js IP 104.21.235.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 02:34 Last Seen2025-03-05 16:09 Times Seen36 Hash affbe8acda8b1e956e8e16a1a2f34456 f922a64aaeba12c3efb26450618ce5e4aa25f2e4 5bdc905dcf38a6798384a3c8089387bca04d5bbcb4ebe79e4ed29dfd46de2d05 Loading...

	www.twpornstars.com/build/234.61c95dd6.js	ScriptElement	13 kB	2023-11-03	2025-03-05
Pretty URL www.twpornstars.com/build/234.61c95dd6.js IP 104.21.235.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 02:34 Last Seen2025-03-05 16:09 Times Seen36 Hash 85ae003e483c2bbbbb5bcb092824aa99 46762a9bf6808ef1716eac71d4d8b845ce1ab2ab 9a14e3232aeb2d592ce1616914e100022d923406ecad03d18cd93f8d863265f5 Loading...

	www.twpornstars.com/build/index.636164b9.js	ScriptElement	15 kB	2023-11-03	2024-10-11
Pretty URL www.twpornstars.com/build/index.636164b9.js IP 104.21.235.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 02:34 Last Seen2024-10-11 08:59 Times Seen29 Hash c28d52d30d19cf7b54cfce5614a643d7 37c35b4e09cb39ea62817895f438048c7dee0c45 2a84fbb7ffb3f430699a70187566aa2d24e30159491b88313274759a2d3fa78c Loading...

	straitssoak.com/35/fd/86/35fd862a211871130a720a8040aa9aa6.js	ScriptElement	60 kB	2023-11-28	2023-11-28
Pretty URL straitssoak.com/35/fd/86/35fd862a211871130a720a8040aa9aa6.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 09:48 Last Seen2023-11-28 09:48 Times Seen1 Hash 95fe8449dec7635daf64403c24781a2f 6258b8a5cbd58ede23a5b6214cde7cf447ab4ffb a0bda9070dd716a5eb96d88607f6c1b56c905fa4090d02d4aa434ad7c3a1c2fb Loading...

	a.realsrv.com/video-slider.js	ScriptElement	47 kB	2023-07-07	2024-08-21
Pretty URL a.realsrv.com/video-slider.js IP 185.76.9.21 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-07 16:31 Last Seen2024-08-21 09:42 Times Seen309 Hash a38be8c74d8421883308b2410fa2fac3 1c6f186699a5f677bd3fa8bba391d91adf867d5e b81f999546684e41d3a3af3c24b8f7a11e10ad8dcd79983de67568f618a99a69 Loading...

	unknown	ScriptElement	1.2 kB	2023-11-27	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 23:39 Last Seen2024-08-20 17:40 Times Seen2 Hash 99a03d6f1bf05f361310f9735219df2d 3710d7cd88f0bebc35a970c558bbd6d7d99fb233 e7dc36024699f689d01af01ebf0ed02e45d738de6ba8b78469f050d89040cea0 Loading...

	www.twpornstars.com/LeoLulu_XXX	ScriptElement	455 B	2023-03-09	2025-04-19
Pretty URL www.twpornstars.com/LeoLulu_XXX IP 104.21.235.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 05:33 Last Seen2025-04-19 07:12 Times Seen42 Hash 12633f9632772009efc1b63b5267c0ba 1dc603b25824976c5ef9dd0fc1802cc30f4593f9 623b58d12abbe78495cc31addcd47486e637b6b4bb1d19e574bd2a306781ba9b Loading...

	straitssoak.com/8b/c5/a4/8bc5a4feb5928590482f8376a67e6ba5.js	ScriptElement	43 kB	2023-11-28	2023-11-28
Pretty URL straitssoak.com/8b/c5/a4/8bc5a4feb5928590482f8376a67e6ba5.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 09:48 Last Seen2023-11-28 09:48 Times Seen1 Hash 71e8d9b2d04e1610f54c4761990c7a39 f1c72abecb84d683f7807c29ca54c635b7bde147 ea4662bd62ec5166d5bc8a70ef08d45c5d376976f940e6e174bc11058207e136 Loading...

	static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317	ScriptElement	20 kB	2023-10-13	2025-05-09
Pretty URL static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 IP 104.16.57.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 06:51 Last Seen2025-05-09 03:38 Times Seen17151 Hash dd1d068fdb5fe90b6c05a5b3940e088c 0d96f9df8772633a9df4c81cf323a4ef8998ba59 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Loading...

	www.twpornstars.com/LeoLulu_XXX	ScriptElement	59 B	2023-03-07	2025-05-03
Pretty URL www.twpornstars.com/LeoLulu_XXX IP 104.21.235.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01 Last Seen2025-05-03 07:03 Times Seen230 Hash 401d2c296bf9da0e58234e1de5a6b3a7 723cbe5943c5a3d4f2938afd6823d96c51bd98ea 4ea595e23e7787a0ed176e9eec16f0a34ca57450e74a2224bc7cab5156c68aca Loading...

	www.twpornstars.com/build/runtime.602a9af0.js	ScriptElement	1.4 kB	2023-03-10	2025-03-05
Pretty URL www.twpornstars.com/build/runtime.602a9af0.js IP 104.21.235.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:55 Last Seen2025-03-05 16:09 Times Seen37 Hash aff23c41d7875c2c7b4859bbb4eddc0f 92c8b95c5527b541220e9094f4509a492ba317b6 6e4db5cf8b6bb488fef73b08bce8271204c038204b16058bccaf366012872038 Loading...

	www.twpornstars.com/build/774.20b593a7.js	ScriptElement	27 kB	2023-11-03	2025-03-05
Pretty URL www.twpornstars.com/build/774.20b593a7.js IP 104.21.235.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 02:34 Last Seen2025-03-05 16:09 Times Seen36 Hash d22744a40f2e0aebbfc7303da32c597a 5f652a643be14ffa99d8ebf06c5558a53a1874da 3feb8f619be686031fefc98a2aedaf2c9999f4d19141867ddb420c342169235d Loading...

	banquetunarmedgrater.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL banquetunarmedgrater.com/advertisers.js IP 172.67.219.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 09:03 Times Seen4635019 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (45)

URL IP Response Size

www.twpornstars.com/LeoLulu_XXX

104.21.235.199

200 OK

94 kB

URL User Request GET HTTP/2
www.twpornstars.com/LeoLulu_XXX
IP
104.21.235.199:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjecttwpornstars.com
FingerprintEB:76:FE:F7:DB:B4:77:BC:3A:CF:C0:C5:84:41:DC:91:D7:84:EE:9F
ValidityMon, 30 Oct 2023 12:52:22 GMT - Sun, 28 Jan 2024 12:52:21 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5982)
Size
94 kB (94020 bytes)
Hash
ec6d10b54e3677d5a7a213598ab308db
f14829d0ed26ac762c0d0697e669951519478bea
ab2ed05c867e1b853b470ff20d9e21700ee58ac4cf3513888017b83b89e7fdf8

HTTP Headers

GET /LeoLulu_XXX HTTP/1.1
Host: www.twpornstars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:03 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0EFbuYBbAFYiuy0nSEoYZnqT3ydvSAJpbOiw6dEUiW61OhOodsB5HTzZnDhdBRVA4sU7wMrjNGedvH4q9bkqHOChxmdhM1cCuKEHW3OtPQSvZSgBhzlhH9J1hU9eQ8Yad4SHltQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d159837fd27100-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.twpornstars.com/cf-fonts/s/open-sans/5.0.15/latin/700/normal.woff2

104.21.235.199

200 OK

16 kB

URL GET HTTP/3
www.twpornstars.com/cf-fonts/s/open-sans/5.0.15/latin/700/normal.woff2
IP
104.21.235.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjecttwpornstars.com
FingerprintEB:76:FE:F7:DB:B4:77:BC:3A:CF:C0:C5:84:41:DC:91:D7:84:EE:9F
ValidityMon, 30 Oct 2023 12:52:22 GMT - Sun, 28 Jan 2024 12:52:21 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16372, version 1.0\012- data
Size
16 kB (16372 bytes)
Hash
e45478d4d6f15dafda1f25d9e0fb5fa1
52cb490cd0ee4442ede034085cda9652b206f91c
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72

HTTP Headers

GET /cf-fonts/s/open-sans/5.0.15/latin/700/normal.woff2 HTTP/1.1
Host: www.twpornstars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/LeoLulu_XXX
Cookie: a_delay=1701161287794
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:48:04 GMT
content-length: 16372
cf-cache-status: HIT
cache-control: public, max-age=31536000, immutable
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Plv4UyfuTuGr6LpcGV9lMBiCGurxSI6sU8S0pb9sKl7JGWF85zjPDMFq5jVBaKcjeJX%2FmsbNK237Mj9ZWVngNbKNhJfV6sTJME8AvifneFuE1r2WP03Y6F2qtV0aJ%2FNHlkYNxreG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d15989ec64df68-HEL
alt-svc: h3=":443"; ma=86400

www.twpornstars.com/cf-fonts/s/open-sans/5.0.15/latin/400/normal.woff2

104.21.235.199

200 OK

17 kB

URL GET HTTP/3
www.twpornstars.com/cf-fonts/s/open-sans/5.0.15/latin/400/normal.woff2
IP
104.21.235.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjecttwpornstars.com
FingerprintEB:76:FE:F7:DB:B4:77:BC:3A:CF:C0:C5:84:41:DC:91:D7:84:EE:9F
ValidityMon, 30 Oct 2023 12:52:22 GMT - Sun, 28 Jan 2024 12:52:21 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /cf-fonts/s/open-sans/5.0.15/latin/400/normal.woff2 HTTP/1.1
Host: www.twpornstars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/LeoLulu_XXX
Cookie: a_delay=1701161287794
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:48:04 GMT
content-length: 16740
cf-cache-status: HIT
cache-control: public, max-age=31536000, immutable
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2rz3t0EiwtJFZ68Wa4pqlOXb1q0ZYLoXZYpA%2BgDjVD9U9MXFRWrIhusSCdUYvxLrULtAZzKDAJoYnSeNbtDKxOjq2trrWm6%2B5jLulL9831jLWBYlWWYwGm40N%2F5%2F4vCyWSZUeC7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d15989ec62df68-HEL
alt-svc: h3=":443"; ma=86400

straitssoak.com/35/fd/86/35fd862a211871130a720a8040aa9aa6.js

192.243.59.20

200 OK

23 kB

URL GET HTTP/1.1
straitssoak.com/35/fd/86/35fd862a211871130a720a8040aa9aa6.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subjectstraitssoak.com
FingerprintE6:5C:6B:61:18:5E:50:29:BB:88:97:9F:84:33:F6:89:80:E4:6A:42
ValiditySun, 22 Oct 2023 07:22:21 GMT - Sat, 20 Jan 2024 07:22:20 GMT

File type
ASCII text, with very long lines (59729), with no line terminators
Size
23 kB (23371 bytes)
Hash
95fe8449dec7635daf64403c24781a2f
6258b8a5cbd58ede23a5b6214cde7cf447ab4ffb
a0bda9070dd716a5eb96d88607f6c1b56c905fa4090d02d4aa434ad7c3a1c2fb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /35/fd/86/35fd862a211871130a720a8040aa9aa6.js HTTP/1.1
Host: straitssoak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 08:48:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 424557615128d6ec7f55b7e6b29d5146
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

straitssoak.com/8b/c5/a4/8bc5a4feb5928590482f8376a67e6ba5.js

192.243.59.20

200 OK

15 kB

URL GET HTTP/1.1
straitssoak.com/8b/c5/a4/8bc5a4feb5928590482f8376a67e6ba5.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subjectstraitssoak.com
FingerprintE6:5C:6B:61:18:5E:50:29:BB:88:97:9F:84:33:F6:89:80:E4:6A:42
ValiditySun, 22 Oct 2023 07:22:21 GMT - Sat, 20 Jan 2024 07:22:20 GMT

File type
ASCII text, with very long lines (42771), with no line terminators
Size
15 kB (15416 bytes)
Hash
71e8d9b2d04e1610f54c4761990c7a39
f1c72abecb84d683f7807c29ca54c635b7bde147
ea4662bd62ec5166d5bc8a70ef08d45c5d376976f940e6e174bc11058207e136

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8b/c5/a4/8bc5a4feb5928590482f8376a67e6ba5.js HTTP/1.1
Host: straitssoak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 08:48:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 77336e2df4c686d4085e9d0eadf1748e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ab08b21b37480bf609deaf73dcbf1e34
4121333c3a37ff481b30918ce3a1aa643cf813c2
d8c99d9c9d12731615d29afd9aba86e213ce6c7dfb8938334de50d3edfd78fcd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 Nov 2023 08:48:04 GMT
Last-Modified: Tue, 28 Nov 2023 08:04:32 GMT
Server: ECAcc (ska/F7A7)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: R1eVHW4v9Pz1niFoGBgxzv_diExkDgO-W1j7uhMNNYt0eLJs0VUxqQ==
Age: 2612

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ab08b21b37480bf609deaf73dcbf1e34
4121333c3a37ff481b30918ce3a1aa643cf813c2
d8c99d9c9d12731615d29afd9aba86e213ce6c7dfb8938334de50d3edfd78fcd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 Nov 2023 08:48:04 GMT
Last-Modified: Tue, 28 Nov 2023 08:05:30 GMT
Server: ECAcc (ska/F7A5)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SgPZFGDhZfwRukvJMNhqBrfCKf1n2IDhLWAw3-3kx2z_-jAGqXte9g==
Age: 2554

proftrafficcounter.com/stats

18.185.201.157

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.201.157:443
ASN
#16509 AMAZON-02

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
0bbfa7709c9a9507070fc81afb1010fa
b88b55dfab76f961ef9160f38fba75d408c60b6d
da1e16c2c4061b88d7af0628ae22849d5e365b1112c1d523ba21d9ce2a71cf36

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.twpornstars.com
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:04 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.twpornstars.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=c3bf67e1-553c-44c8-96a1-86bc423459ca:1:1; expires=Fri, 25 Nov 2033 08:48:04 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.201.157

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.201.157:443
ASN
#16509 AMAZON-02

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ed3d840181363a10c57d5075d1bb99be
ce068b3bbd6c2f86a4b5e2f7b900e7c84bf1759a
f67f7c352f8873cfe0dffe9afb1685c79a7b9b80659978e81618545ed6de57f3

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.twpornstars.com
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:04 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.twpornstars.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=d3e5fb19-5570-463b-88f1-3c827194f41a:2:1; expires=Fri, 25 Nov 2033 08:48:04 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

104.16.57.101

200 OK

6.9 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
IP
104.16.57.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (19986), with no line terminators
Size
6.9 kB (6854 bytes)
Hash
dd1d068fdb5fe90b6c05a5b3940e088c
0d96f9df8772633a9df4c81cf323a4ef8998ba59
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

HTTP Headers

GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.twpornstars.com
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:04 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2023.10.0"
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d15988ed125688-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

proceedglad.com/pixel/purst?dl=0&th=0&sc=0&rs=1755&rd=1755&fd=1000&bv=23.11.v.9&tmpl=70

173.233.137.52

200 OK

0 B

URL GET HTTP/1.1
proceedglad.com/pixel/purst?dl=0&th=0&sc=0&rs=1755&rd=1755&fd=1000&bv=23.11.v.9&tmpl=70
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1755&rd=1755&fd=1000&bv=23.11.v.9&tmpl=70 HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 08:48:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.twpornstars.com/cdn-cgi/rum?

104.21.235.199

204 No Content

0 B

URL POST HTTP/3
www.twpornstars.com/cdn-cgi/rum?
IP
104.21.235.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjecttwpornstars.com
FingerprintEB:76:FE:F7:DB:B4:77:BC:3A:CF:C0:C5:84:41:DC:91:D7:84:EE:9F
ValidityMon, 30 Oct 2023 12:52:22 GMT - Sun, 28 Jan 2024 12:52:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.twpornstars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1051
Origin: https://www.twpornstars.com
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/LeoLulu_XXX
Cookie: a_delay=1701161287794; _ga_V4D62Y39MW=GS1.1.1701161288.1.0.1701161288.0.0.0; _ga=GA1.1.11068152.1701161288; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d3e5fb19-5570-463b-88f1-3c827194f41a%3A2%3A1; sb_main_8bc5a4feb5928590482f8376a67e6ba5=1; sb_count_8bc5a4feb5928590482f8376a67e6ba5=1; pp_main_35fd862a211871130a720a8040aa9aa6=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Tue, 28 Nov 2023 08:48:05 GMT
access-control-allow-origin: https://www.twpornstars.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 82d159921e3bdf68-HEL
x-frame-options: DENY
x-content-type-options: nosniff

proceedglad.com/sbar.json?key=8bc5a4feb5928590482f8376a67e6ba5&uuid=d3e5fb19-5570-463b-88f1-3c827194f41a%3A2%3A1

173.233.137.52

200 OK

4.2 kB

URL GET HTTP/1.1
proceedglad.com/sbar.json?key=8bc5a4feb5928590482f8376a67e6ba5&uuid=d3e5fb19-5570-463b-88f1-3c827194f41a%3A2%3A1
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (5826), with no line terminators
Size
4.2 kB (4231 bytes)
Hash
42b717ca81f7b9e957f56b8d9debefb3
73c2a7f2e2ec12f725247c813a5701c542df7144
5acef86eadfb73e9421ef62ddb7aebc88e9c61dc9e70d82a97ee6623a5aeb007

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=8bc5a4feb5928590482f8376a67e6ba5&uuid=d3e5fb19-5570-463b-88f1-3c827194f41a%3A2%3A1 HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.twpornstars.com
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 08:48:05 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.twpornstars.com
Access-Control-Allow-Origin: https://www.twpornstars.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15413272; expires=Wed, 29 Nov 2023 08:48:05 GMT; secure; SameSite=None
uid_id2=d3e5fb19-5570-463b-88f1-3c827194f41a:2:1; expires=Tue, 05 Dec 2023 08:48:05 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 29 Nov 2023 08:48:05 GMT; secure; SameSite=None
uncs=1; expires=Wed, 29 Nov 2023 08:48:05 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 29 Nov 2023 08:48:05 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 29 Nov 2023 08:48:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a2a78a3a1da4a24d4023f143fdecb0aa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proceedglad.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTvYLXxBEgwc9CHPwEMGd7Z7pnh%2FmIMYkshh3lySy3qR%2B9Wy51V1NVff07J4WAyEnGT157H2zmyUa1PwBosx6kYAw40H24N7Fo5CzzOzA6OfQn8%2Fr94F671U9OCzOiY%2BCnm19aPaV1nQtqvu1q9sqFaZ0tY17tcCv%2B9dq2ypthddqg9nH9t8O%2FKjuv1l7X%2FJds9bwA98P%2FKB2S1kZm8HanIXKnnSDetevh416EIUY2P9iV3hw1IPon5MrUGL6v51fnkLxMdLk%2BxvS7eYme%2BtmUmiaG4u%2BOPko3U1NmSJZjrH1EKcni20YNyXkq0sw6cnCAUz%2FaOYATE2J93sAlp4sZIL1jy%2BUMg2ZgokXUPbHkHoMRcfg5j6UmBCAC2xsIk0ebRhb0r0Lls7YKVl5%2FjdUOSUrf7yCNPn2ulaD2l2ji1yZ1GEQV1CDMVRvjKw4Rb7vQZWn4PlnUOJXsvb8NtLkaNNpAyXO3hBNGcUs6K5GUdtfDVtNttrpxMFqk3ca7aAbxmFA5xEpNYaKx9ByCOouoXAeCuWhiD0UmYdEnNVo1I19vx2zuNnshJzzZpPzqNMSkWiGndhHwWcehsizIbgegtsDZPYAu%2BrLSXRlsuVgi5%2Fgdio44cHlBH1RoZQEpSMoKUGpCMqcoOxXx0K7hqseCe0KFix6Y9Gb1cjkvUN6bPKeTMlhdk5ensf3l%2F8qduVZrcN4RMNYsqjb6ERdP%2Bw04k6z3aKttmwxGsGpCspdAnUe9tUk%2FBGZmpAJGD2F06fg6iXQ4nXQctRu%2BKA7o7DjYz%2F9Li8zY1OXU%2Bvq3CQQpkKWryDf8w71OXltLmN9JYLkz975rTkvcFshsxU%2BVT8T9PTD0R1TkqM7pnTk6WaWq0Tt09kN381pLi9%2F%2FYHcK40V6zfc8PG7fEbMxif3pMtv01SotOfIN9eVENLeMpZL8sO625Zsq3A71wubFtntrfdurSeZlc4pk45B1ZSQz%2F8EV1Py4v8%2Fmb%2Feqw8%2BhrJj2KJCUjwji4IyY%2FDsAC5b6neGwOrlDss8lEU1sg22%2FKkVgZZLTFkF9y%2FMlvOhe4ie9UDz%2B0iTCn1boa8rUD2EKy6P8swuD2faGzFtvSOmrf7iIlynzmoyiv1Y%2Bg3J4i6L29QX3TjsMtoNZJtFNEDuplI%2BvvkPAAAA%2F%2F8BAAD%2F%2F2cBTyyVBAAA

173.233.137.52

200 OK

7 B

URL GET HTTP/1.1
proceedglad.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTvYLXxBEgwc9CHPwEMGd7Z7pnh%2FmIMYkshh3lySy3qR%2B9Wy51V1NVff07J4WAyEnGT157H2zmyUa1PwBosx6kYAw40H24N7Fo5CzzOzA6OfQn8%2Fr94F671U9OCzOiY%2BCnm19aPaV1nQtqvu1q9sqFaZ0tY17tcCv%2B9dq2ypthddqg9nH9t8O%2FKjuv1l7X%2FJds9bwA98P%2FKB2S1kZm8HanIXKnnSDetevh416EIUY2P9iV3hw1IPon5MrUGL6v51fnkLxMdLk%2BxvS7eYme%2BtmUmiaG4u%2BOPko3U1NmSJZjrH1EKcni20YNyXkq0sw6cnCAUz%2FaOYATE2J93sAlp4sZIL1jy%2BUMg2ZgokXUPbHkHoMRcfg5j6UmBCAC2xsIk0ebRhb0r0Lls7YKVl5%2FjdUOSUrf7yCNPn2ulaD2l2ji1yZ1GEQV1CDMVRvjKw4Rb7vQZWn4PlnUOJXsvb8NtLkaNNpAyXO3hBNGcUs6K5GUdtfDVtNttrpxMFqk3ca7aAbxmFA5xEpNYaKx9ByCOouoXAeCuWhiD0UmYdEnNVo1I19vx2zuNnshJzzZpPzqNMSkWiGndhHwWcehsizIbgegtsDZPYAu%2BrLSXRlsuVgi5%2Fgdio44cHlBH1RoZQEpSMoKUGpCMqcoOxXx0K7hqseCe0KFix6Y9Gb1cjkvUN6bPKeTMlhdk5ensf3l%2F8qduVZrcN4RMNYsqjb6ERdP%2Bw04k6z3aKttmwxGsGpCspdAnUe9tUk%2FBGZmpAJGD2F06fg6iXQ4nXQctRu%2BKA7o7DjYz%2F9Li8zY1OXU%2Bvq3CQQpkKWryDf8w71OXltLmN9JYLkz975rTkvcFshsxU%2BVT8T9PTD0R1TkqM7pnTk6WaWq0Tt09kN381pLi9%2F%2FYHcK40V6zfc8PG7fEbMxif3pMtv01SotOfIN9eVENLeMpZL8sO625Zsq3A71wubFtntrfdurSeZlc4pk45B1ZSQz%2F8EV1Py4v8%2Fmb%2Feqw8%2BhrJj2KJCUjwji4IyY%2FDsAC5b6neGwOrlDss8lEU1sg22%2FKkVgZZLTFkF9y%2FMlvOhe4ie9UDz%2B0iTCn1boa8rUD2EKy6P8swuD2faGzFtvSOmrf7iIlynzmoyiv1Y%2Bg3J4i6L29QX3TjsMtoNZJtFNEDuplI%2BvvkPAAAA%2F%2F8BAAD%2F%2F2cBTyyVBAAA
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTvYLXxBEgwc9CHPwEMGd7Z7pnh%2FmIMYkshh3lySy3qR%2B9Wy51V1NVff07J4WAyEnGT157H2zmyUa1PwBosx6kYAw40H24N7Fo5CzzOzA6OfQn8%2Fr94F671U9OCzOiY%2BCnm19aPaV1nQtqvu1q9sqFaZ0tY17tcCv%2B9dq2ypthddqg9nH9t8O%2FKjuv1l7X%2FJds9bwA98P%2FKB2S1kZm8HanIXKnnSDetevh416EIUY2P9iV3hw1IPon5MrUGL6v51fnkLxMdLk%2BxvS7eYme%2BtmUmiaG4u%2BOPko3U1NmSJZjrH1EKcni20YNyXkq0sw6cnCAUz%2FaOYATE2J93sAlp4sZIL1jy%2BUMg2ZgokXUPbHkHoMRcfg5j6UmBCAC2xsIk0ebRhb0r0Lls7YKVl5%2FjdUOSUrf7yCNPn2ulaD2l2ji1yZ1GEQV1CDMVRvjKw4Rb7vQZWn4PlnUOJXsvb8NtLkaNNpAyXO3hBNGcUs6K5GUdtfDVtNttrpxMFqk3ca7aAbxmFA5xEpNYaKx9ByCOouoXAeCuWhiD0UmYdEnNVo1I19vx2zuNnshJzzZpPzqNMSkWiGndhHwWcehsizIbgegtsDZPYAu%2BrLSXRlsuVgi5%2Fgdio44cHlBH1RoZQEpSMoKUGpCMqcoOxXx0K7hqseCe0KFix6Y9Gb1cjkvUN6bPKeTMlhdk5ensf3l%2F8qduVZrcN4RMNYsqjb6ERdP%2Bw04k6z3aKttmwxGsGpCspdAnUe9tUk%2FBGZmpAJGD2F06fg6iXQ4nXQctRu%2BKA7o7DjYz%2F9Li8zY1OXU%2Bvq3CQQpkKWryDf8w71OXltLmN9JYLkz975rTkvcFshsxU%2BVT8T9PTD0R1TkqM7pnTk6WaWq0Tt09kN381pLi9%2F%2FYHcK40V6zfc8PG7fEbMxif3pMtv01SotOfIN9eVENLeMpZL8sO625Zsq3A71wubFtntrfdurSeZlc4pk45B1ZSQz%2F8EV1Py4v8%2Fmb%2Feqw8%2BhrJj2KJCUjwji4IyY%2FDsAC5b6neGwOrlDss8lEU1sg22%2FKkVgZZLTFkF9y%2FMlvOhe4ie9UDz%2B0iTCn1boa8rUD2EKy6P8swuD2faGzFtvSOmrf7iIlynzmoyiv1Y%2Bg3J4i6L29QX3TjsMtoNZJtFNEDuplI%2BvvkPAAAA%2F%2F8BAAD%2F%2F2cBTyyVBAAA HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Cookie: u_pl=15413272; uid_id2=d3e5fb19-5570-463b-88f1-3c827194f41a:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 08:48:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2ca117e59c082bf4af3bb263f6a3a11c
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/img/close.png

172.64.108.10

200 OK

6.0 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/img/close.png
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (5982 bytes)
Hash
c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd

HTTP Headers

GET /sb/ssp/notifications/text_bubble/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:05 GMT
content-type: image/png
content-length: 5982
last-modified: Tue, 12 Jul 2022 10:56:24 GMT
etag: "62cd5358-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1580844
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWvicrhCA4eCf2YXfdC4hEpe90MntTt0emjC56RRBCiACC3dLw9GRNY%2Fkzs58TLo%2BqlOKgXR4UFCGz0JBgGX8iCY%2FHndqoQ%2BpQAk6A%2FzQqgnygLUEoDbeZTFPTxVW2ch42li08usZAnQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1599579117797-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/img/arrow.png

172.64.108.10

200 OK

2.3 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/img/arrow.png
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2332 bytes)
Hash
41109abf05740798aa2e66a3e938c8de
706e93332bf4819e9f4059765340cf97981bd1fe
2fbf669490df5b04badb9886ca664dbd9a0d66e0ecdc951b822feb6089fac0ea

HTTP Headers

GET /sb/ssp/notifications/text_bubble/2/img/arrow.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:06 GMT
content-type: image/png
content-length: 2332
last-modified: Tue, 12 Jul 2022 10:56:23 GMT
etag: "62cd5357-91c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2419161
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aor452AXOwNYtMODo6czbXampcThXefMeQ1cysfnh5kukotssZm2tSdUFd8KeiwbLpfmK8fRj66pXj6vWnTvKPCehemfbb0%2FBD5DaTtYFZcYUHawJMpx8bC0uaS0nI%2Fk97rmFgkZ7TFf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1599579127797-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/img/number.png

172.64.108.10

200 OK

1.1 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/img/number.png
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1138 bytes)
Hash
9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762

HTTP Headers

GET /sb/ssp/notifications/text_bubble/2/img/number.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:06 GMT
content-type: image/png
content-length: 1138
last-modified: Tue, 12 Jul 2022 10:56:23 GMT
etag: "62cd5357-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 11456
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BLVJ60Lxv5nn3R9lDDSBmWj8q3JAtusGEpC9pwc%2F6GfOJDx6T8V4NolVJbNTGmldk0pXp4YcFCipBdIyz%2B%2FtexhAzAxWqfatSC1sxr%2B7on5%2BtsuXf%2BoK7UzDxuRk%2BwgG%2BS4s4lE8quj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1599579147797-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/au/29/79/b6/2979b6cd81afad6251e222515b2d8311/1663145782.html

45.133.44.3

200 OK

5.9 kB

URL GET HTTP/2
cdn.barscreative1.com/sb/au/29/79/b6/2979b6cd81afad6251e222515b2d8311/1663145782.html
IP
45.133.44.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint55:06:B7:F1:EF:E9:55:FB:7C:8C:4F:5D:DB:05:C9:15:19:90:9B:2F
ValiditySat, 11 Nov 2023 03:00:51 GMT - Fri, 09 Feb 2024 03:00:50 GMT

File type
gzip compressed data, from Unix\012- data
Size
5.9 kB (5928 bytes)
Hash
6efb4749d19acb8ae71fff3fbb7fa1a5
7156805a5a7c0bec1c92ea2be5bd305a777b9e76
e992fdb30c42cbfea07f35c17e97c67bb5ae038a0ff996840f777a6ba581d8cd

HTTP Headers

GET /sb/au/29/79/b6/2979b6cd81afad6251e222515b2d8311/1663145782.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.twpornstars.com
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:05 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Wed, 14 Sep 2022 08:56:26 GMT
etag: W/"6321973a-6ef"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 28 Nov 2023 09:48:05 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/fa/41/e4/fa41e4558b816ed7e0ab0552953b2d07/1690854338.png

45.133.44.9

200 OK

67 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/fa/41/e4/fa41e4558b816ed7e0ab0552953b2d07/1690854338.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
67 kB (67165 bytes)
Hash
674efc7161b89ce659afd5b0643930e1
ace5e7c836afc552f82908e8c646c74c66351a6a
7f44e25525d576448d70619c900546bf13f2439c2006808a058bc68c71c35406

HTTP Headers

GET /si/fa/41/e4/fa41e4558b816ed7e0ab0552953b2d07/1690854338.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:06 GMT
content-type: image/png
content-length: 67165
server: nginx/1.21.6
last-modified: Tue, 01 Aug 2023 01:45:47 GMT
etag: "64c863cb-1065d"
expires: Thu, 30 Nov 2023 08:48:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=d3e5fb19-5570-463b-88f1-3c827194f41a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=8bc5a4feb5928590482f8376a67e6ba5&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=d3e5fb19-5570-463b-88f1-3c827194f41a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=8bc5a4feb5928590482f8376a67e6ba5&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=d3e5fb19-5570-463b-88f1-3c827194f41a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=8bc5a4feb5928590482f8376a67e6ba5&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 08:48:06 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1c111758469ea16367b83fccf815731e
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=d3e5fb19-5570-463b-88f1-3c827194f41a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=35fd862a211871130a720a8040aa9aa6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=d3e5fb19-5570-463b-88f1-3c827194f41a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=35fd862a211871130a720a8040aa9aa6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=d3e5fb19-5570-463b-88f1-3c827194f41a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=35fd862a211871130a720a8040aa9aa6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 08:48:06 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 152279077a03dd3e5a7b7064272eeac6
Strict-Transport-Security: max-age=0; includeSubdomains

a.realsrv.com/ad-provider.js

185.76.9.21

200 OK

35 kB

URL GET HTTP/2
a.realsrv.com/ad-provider.js
IP
185.76.9.21:443
ASN
#60068 Datacamp Limited

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint33:54:4D:F8:0E:E4:00:D3:20:90:CA:61:C8:CC:4D:D5:CB:BB:83:57
ValidityThu, 05 Oct 2023 15:34:07 GMT - Wed, 03 Jan 2024 15:34:06 GMT

File type
gzip compressed data, from Unix\012- data
Size
35 kB (34611 bytes)
Hash
5bdb6d2f248f15344e0f8cf2197ac936
7bba959d9cf5627b98f5942931fd61ad8a67c0d9
85eb8d61d0fb73d9b3eba016b846ece4879ee68e5261797543991783065732ce

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:03 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"a3a4ec9261ccc398f73e0a7ae18"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 27 Nov 2023 13:29:31 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3kRAAAAwBuUwKCQH3BAAAAAwB1GY4CQH3xgEAAA
x-77-nzt-ray: af5856300dbfac9443a9656599a47032
x-accel-expires: @1701167842
x-accel-date: 1701157042
x-77-cache: HIT
x-77-age: 4699
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 4, 4241
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.twpornstars.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 04:57:34 GMT
expires: Fri, 22 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 445832
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/css/style.css

172.64.108.10

200 OK

2.2 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/css/style.css
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text
Size
2.2 kB (2236 bytes)
Hash
b05c749cc8b7745331e527f4e91ec73b
640adb0c1d6bb6e008d3c2940c68212a4053578e
e3efdb924dd25d678d2fc85bdc0a0523fc413abb55c8b25edfb40dea9b121d11

HTTP Headers

GET /sb/ssp/notifications/text_bubble/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.twpornstars.com
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:05 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 11:09:04 GMT
etag: W/"62cd5650-23e9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2270736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rt%2BDryvliksCzNxIrkUx67hReOpyoCc9sydWNjm%2FaQrvKWaJ7GsySKVXpFWZteDzXJ8NXFuMw8OndHuYkpHZRGTBdtGWZ2Jt98wum3sSirAKHGOPwLkH9RrB6rShB3oVLFLPTGVvu67p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1599548aa7797-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

proceedglad.com/pixel/sbs?c=1

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
proceedglad.com/pixel/sbs?c=1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Cookie: u_pl=15413272; uid_id2=d3e5fb19-5570-463b-88f1-3c827194f41a:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 08:48:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

syndication.realsrv.com/splash.php?idzone=3449269&cookieconsent=true

95.211.229.245

200 OK

2.8 kB

URL GET HTTP/1.1
syndication.realsrv.com/splash.php?idzone=3449269&cookieconsent=true
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint33:54:4D:F8:0E:E4:00:D3:20:90:CA:61:C8:CC:4D:D5:CB:BB:83:57
ValidityThu, 05 Oct 2023 15:34:07 GMT - Wed, 03 Jan 2024 15:34:06 GMT

File type
XML 1.0 document text\012- XML document, ASCII text, with very long lines (1614)
Size
2.8 kB (2754 bytes)
Hash
78650a1b313f9d922409c97782a0c63b
d163bc18e42194aa037eeb4636f6f0f8d2528ca3
a9ec9e9de5e64b028981b89ff8e645c0751e5a672cde451744e49a1993e0496e

HTTP Headers

GET /splash.php?idzone=3449269&cookieconsent=true HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.twpornstars.com
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 08:48:13 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226565a94def9632.427091442149653260%22%3B%7D; expires=Thu, 27 Nov 2025 08:48:13 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v4%7C%7CNOR%7C3449269%7C82276128%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Ctwpornstars.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1701161293%7Cc6750582838143be4baca81cfab27768%7Cok%22%7D; expires=Mon, 26 Feb 2024 08:48:13 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://www.twpornstars.com
Access-Control-Allow-Credentials: true
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

u3y8v8u4.aucdn.net/library/254774/06296888d5ac0ffaf5a13b9f59f7aa91c5893f02.mp4

185.76.9.17

206 Partial Content

1.8 MB

URL GET HTTP/2
u3y8v8u4.aucdn.net/library/254774/06296888d5ac0ffaf5a13b9f59f7aa91c5893f02.mp4
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
1.8 MB (1774626 bytes)
Hash
5b3309e104ea11efdf5a42a60dfe0f5a
06296888d5ac0ffaf5a13b9f59f7aa91c5893f02
7056cf92d8f03e3f1ec866fdee3df3d397129aa9f91b8280fe2ed22d37e45245

HTTP Headers

GET /library/254774/06296888d5ac0ffaf5a13b9f59f7aa91c5893f02.mp4 HTTP/1.1
Host: u3y8v8u4.aucdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Tue, 28 Nov 2023 08:48:14 GMT
content-type: video/mp4
content-length: 1774626
last-modified: Sun, 14 May 2023 15:55:18 GMT
etag: "64610466-1b1422"
expires: Mon, 13 May 2024 16:08:07 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH395sEAQ
x-77-nzt-ray: c0a4cc28596a632c4ea9656596b5df07
x-accel-expires: @1715618007
x-accel-date: 1684082007
x-cache-lb: HIT
x-age-lb: 17079287
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 17079287
content-range: bytes 0-1774625/1774626
X-Firefox-Spdy: h2

www.twpornstars.com/cdn-cgi/rum?

104.21.235.199

204 No Content

0 B

URL POST HTTP/3
www.twpornstars.com/cdn-cgi/rum?
IP
104.21.235.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjecttwpornstars.com
FingerprintEB:76:FE:F7:DB:B4:77:BC:3A:CF:C0:C5:84:41:DC:91:D7:84:EE:9F
ValidityMon, 30 Oct 2023 12:52:22 GMT - Sun, 28 Jan 2024 12:52:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.twpornstars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 489
Origin: https://www.twpornstars.com
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/LeoLulu_XXX
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Tue, 28 Nov 2023 08:48:20 GMT
access-control-allow-origin: https://www.twpornstars.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 82d159ef78dedf68-HEL
x-frame-options: DENY
x-content-type-options: nosniff

www.twpornstars.com/build/755.1a058989.js

104.21.235.199

200 OK

86 kB

URL GET HTTP/3
www.twpornstars.com/build/755.1a058989.js
IP
104.21.235.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjecttwpornstars.com
FingerprintEB:76:FE:F7:DB:B4:77:BC:3A:CF:C0:C5:84:41:DC:91:D7:84:EE:9F
ValidityMon, 30 Oct 2023 12:52:22 GMT - Sun, 28 Jan 2024 12:52:21 GMT

File type
ASCII text, with very long lines (65466)
Size
86 kB (85749 bytes)
Hash
affbe8acda8b1e956e8e16a1a2f34456
f922a64aaeba12c3efb26450618ce5e4aa25f2e4
5bdc905dcf38a6798384a3c8089387bca04d5bbcb4ebe79e4ed29dfd46de2d05

HTTP Headers

GET /build/755.1a058989.js HTTP/1.1
Host: www.twpornstars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/LeoLulu_XXX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:48:03 GMT
content-type: application/javascript
cache-control: max-age=315360000, public, immutable
etag: W/"65412065-14ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 31 Oct 2023 15:42:29 GMT
cf-cache-status: HIT
age: 464911
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHDvi5SMaI%2FMXqOsSgL%2Fz9gkpW%2B0UU9R%2FI2OoHDp7%2FDghgo16vi3fTYwmHTtUgCw48h1tDgf6ZkLnM9hum1WOaw%2Bgy1qXek0K0x%2BfqP9LaG%2BGV2xMbIVvnvYJjIYj0yg2u6oSmcB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d15988a95edf68-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

banquetunarmedgrater.com/advertisers.js

172.67.219.12

200 OK

0 B

URL GET HTTP/2
banquetunarmedgrater.com/advertisers.js
IP
172.67.219.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint92:8E:AD:72:AC:AD:3B:21:99:CD:21:A0:9F:BD:F2:AF:0D:98:D8:57
ValidityThu, 09 Nov 2023 11:40:15 GMT - Wed, 07 Feb 2024 11:40:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:05 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: 891c1304ac05738fa91cbf513f8951aa
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 28 Nov 2023 08:48:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUYN1JHskjJ7kVt%2F5HB1pIIqhK4yK9OEfWmpOnDPlxezrknzKOK9U3bvyH5AMvxdFToTF%2BIe872vjEMP0U45VD3xKTs3Q9vXgNC1sUD5i27EVToEmnO29STHnlJz4sxoR0R%2FrimDrOZ45J4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1598fec681c0a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/js/jquery.min.js

172.64.108.10

200 OK

90 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/js/jquery.min.js
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text, with very long lines (65451)
Size
90 kB (89492 bytes)
Hash
561acb3e541133bbdd2c0c19f8ee35a1
ffd1353cf3f77d25f801c84d8208613eb0d3d548
9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc

HTTP Headers

GET /sb/ssp/notifications/text_bubble/2/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Jul 2022 10:56:19 GMT
etag: W/"62cd5353-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1746109
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzAsAU3rnNFlwST7AAfotrEDHDrteIA8oVjc8%2F%2FhwbtZVUNQwZl1vWk9eC0AZ8cUPMZ7n5MV0Ux5XDWZ70COeM42XjcXkxXGEAtUIG7LOY9PPwoLGAK3QBbNFlfmH0m4gMfqAfDcokBF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1599579167797-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/js/script.js

172.64.108.10

200 OK

892 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/js/script.js
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text, with very long lines (959), with no line terminators
Size
892 B (892 bytes)
Hash
9d441b1ef0d4f07226844f2a75309fe0
588ed7e74f0c215a09e72131be39b930479dccf9
5df48723b4f69d2ecdd0de387d4233bf720e3c0cac669645d8a5ca6cb31e9bf8

HTTP Headers

GET /sb/ssp/notifications/text_bubble/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.twpornstars.com
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Jul 2022 10:56:18 GMT
etag: W/"62cd5352-37c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1229911
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=455UHVjBFeyqo%2FwrrWgHacG8TVyy54gEpaB71RDqCPyT7xiw%2F37m2vI2%2Fuk2HfhiPYIXJMJhJSgl2Sr5H1aN3wdY9nLLwidgQMaFkN48QCrZhtVkJAwxYtAzKU1rYzY7GSJlQ2UuWzYx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1599669ce7797-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

104.21.234.33

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.33:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:05 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: debb46a2b042993b87bb670cffe76473
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 28 Nov 2023 08:48:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oX%2F6pSPmwr7gm5JurIVhTglcCsu1nXch2kvb%2BPIy8rP1oi6bNlCGmlyNxRqjnmeeh9%2FdYPsjPJrAubyWpsn0XOUelPKUUrckAUmgVOVOAY8Dn83r0h8cbpu8j6Q6U8Xo8mpED%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1598ebbecd987-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.twpornstars.com/build/runtime.602a9af0.js

104.21.235.199

200 OK

1.4 kB

URL GET HTTP/3
www.twpornstars.com/build/runtime.602a9af0.js
IP
104.21.235.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjecttwpornstars.com
FingerprintEB:76:FE:F7:DB:B4:77:BC:3A:CF:C0:C5:84:41:DC:91:D7:84:EE:9F
ValidityMon, 30 Oct 2023 12:52:22 GMT - Sun, 28 Jan 2024 12:52:21 GMT

File type
ASCII text, with very long lines (1370), with no line terminators
Size
1.4 kB (1360 bytes)
Hash
69763ae9b88851deb0f4aeb9bf1dadd8
f2e9546d91429cd15aeae499294a05b2d3ff14a9
6ebd244d046a25a699cba828f4bc442ba8497b73d8914d089bce110c90c09e24

HTTP Headers

GET /build/runtime.602a9af0.js HTTP/1.1
Host: www.twpornstars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/LeoLulu_XXX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:48:03 GMT
content-type: application/javascript
cache-control: max-age=315360000, public, immutable
etag: W/"65412065-550"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 31 Oct 2023 15:42:29 GMT
cf-cache-status: HIT
age: 360658
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKdw%2FyYUz%2BFniV8Mmcom%2BT%2BgAqRJsWKmvhlh9comHHygyzLSQRFwpeLjN%2BxXvuOi7uF5wJt4jtykg4xbZmaHqlruwocfHCoBjSzK7kYobMx6slwOAh1O2grZW4T%2Fj4mukVsTg%2F1K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d15988a959df68-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.realsrv.com/video-slider.js

185.76.9.21

200 OK

47 kB

URL GET HTTP/2
a.realsrv.com/video-slider.js
IP
185.76.9.21:443
ASN
#60068 Datacamp Limited

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint33:54:4D:F8:0E:E4:00:D3:20:90:CA:61:C8:CC:4D:D5:CB:BB:83:57
ValidityThu, 05 Oct 2023 15:34:07 GMT - Wed, 03 Jan 2024 15:34:06 GMT

File type
ASCII text, with very long lines (32704)
Size
47 kB (46760 bytes)
Hash
a38be8c74d8421883308b2410fa2fac3
1c6f186699a5f677bd3fa8bba391d91adf867d5e
b81f999546684e41d3a3af3c24b8f7a11e10ad8dcd79983de67568f618a99a69

HTTP Headers

GET /video-slider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:03 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"1c6f186699a5f677bd3fa8bba39"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 27 Nov 2023 13:30:00 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3gxAAAAwBuUwKCQH3BgAAAAwB1GY4EQH3qQEAAA
x-77-nzt-ray: af5856300dbfac9443a96565b892b338
x-accel-expires: @1701167854
x-accel-date: 1701157056
x-77-cache: HIT
x-77-age: 4658
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 6, 4227
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

104.21.234.33

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.33:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:05 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: b19e7aebfa775b0f83832c8da5ffba67
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 28 Nov 2023 08:48:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P681qSW6hG%2BkOkjvl4dJRl8hd57S7VZ0xEJ1k2D4H6p35sb%2F%2F7xrXcTCn4p4%2FOax8Nm5WylFxqbsmnCqTl5jysKGLsucNoQ5x9BcGIdbDrkJcJsvhgqcyEgyas7vv6XySBJ2ZTQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1598ebbe5d987-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

6.8 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (7013), with no line terminators
Size
6.8 kB (6824 bytes)
Hash
49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 08:48:06 GMT
date: Tue, 28 Nov 2023 08:48:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.twpornstars.com/build/index.80e44d59.css

104.21.235.199

200 OK

76 kB

URL GET HTTP/3
www.twpornstars.com/build/index.80e44d59.css
IP
104.21.235.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjecttwpornstars.com
FingerprintEB:76:FE:F7:DB:B4:77:BC:3A:CF:C0:C5:84:41:DC:91:D7:84:EE:9F
ValidityMon, 30 Oct 2023 12:52:22 GMT - Sun, 28 Jan 2024 12:52:21 GMT

File type

Size
76 kB (76341 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /build/index.80e44d59.css HTTP/1.1
Host: www.twpornstars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/LeoLulu_XXX
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:48:03 GMT
content-type: text/css
cache-control: max-age=315360000, public, immutable
etag: W/"65412065-12a35"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 31 Oct 2023 15:42:29 GMT
cf-cache-status: HIT
age: 377070
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xioS52HDMAEpZ7%2FxE0o%2FYWvJsmWnGw4vMiBPTuK6WTyBGKwhbED4dsNwblR5QOEuhA7%2BnX7lwS2bBqF3ZVJYcYvNqvrMKNpquVRv03WKTblc%2FEsECoaWuFFLJIMXimJOQP5iEl5O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d15987bfbddf68-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.twpornstars.com/build/234.61c95dd6.js

104.21.235.199

200 OK

13 kB

URL GET HTTP/3
www.twpornstars.com/build/234.61c95dd6.js
IP
104.21.235.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjecttwpornstars.com
FingerprintEB:76:FE:F7:DB:B4:77:BC:3A:CF:C0:C5:84:41:DC:91:D7:84:EE:9F
ValidityMon, 30 Oct 2023 12:52:22 GMT - Sun, 28 Jan 2024 12:52:21 GMT

File type
ASCII text, with very long lines (13241)
Size
13 kB (13311 bytes)
Hash
85ae003e483c2bbbbb5bcb092824aa99
46762a9bf6808ef1716eac71d4d8b845ce1ab2ab
9a14e3232aeb2d592ce1616914e100022d923406ecad03d18cd93f8d863265f5

HTTP Headers

GET /build/234.61c95dd6.js HTTP/1.1
Host: www.twpornstars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/LeoLulu_XXX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:48:03 GMT
content-type: application/javascript
cache-control: max-age=315360000, public, immutable
etag: W/"6540ea21-33ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 31 Oct 2023 11:50:57 GMT
cf-cache-status: HIT
age: 543443
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzYSGqRqOXw%2FWtbHEx5ERC0cs60E0pZCWooNv0Hact5oAl%2FMKO1j%2BPQEt%2FJ1d57VHmgqsVJA1iKHfPt023efmPJnwkQDuiIYHLv1JS0NBmeiT1O6xzIdp33JMUNHRlJ9iE9NRflZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d15988b974df68-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.twpornstars.com/favicon.ico

104.21.235.199

200 OK

1.2 kB

URL GET HTTP/3
www.twpornstars.com/favicon.ico
IP
104.21.235.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjecttwpornstars.com
FingerprintEB:76:FE:F7:DB:B4:77:BC:3A:CF:C0:C5:84:41:DC:91:D7:84:EE:9F
ValidityMon, 30 Oct 2023 12:52:22 GMT - Sun, 28 Jan 2024 12:52:21 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
f570e4146c52b287b94576e925ab2eff
1e26f404aff555a187bb408581ece60d34edaa8a
fbdaaaccb6cbf0b4db431a606ad8e64203136e6b9eb4eeb56e568cf6759f5f0e

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.twpornstars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/LeoLulu_XXX
Cookie: a_delay=1701161287794; _ga_V4D62Y39MW=GS1.1.1701161288.1.0.1701161288.0.0.0; _ga=GA1.1.11068152.1701161288; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d3e5fb19-5570-463b-88f1-3c827194f41a%3A2%3A1; sb_main_8bc5a4feb5928590482f8376a67e6ba5=1; sb_count_8bc5a4feb5928590482f8376a67e6ba5=1; pp_main_35fd862a211871130a720a8040aa9aa6=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:48:05 GMT
content-type: image/x-icon
etag: W/"6399f613-47e"
last-modified: Wed, 14 Dec 2022 16:13:07 GMT
cf-cache-status: HIT
age: 1941
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmCK3R69%2B7j4EcN7DeBRO%2BzwsZOIG9sIwomiefyXEn457veEQbNzeYsQ69iQN1QMdI5l8ANlYhBzOEHmp4xwgDCWWn8M8JiyIVbuOgpd7mVYJaNktCBoLug6G4flv7lIi9J4atfJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d15992efcadf68-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

proceedglad.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSwYscxRutTvYHPxBEgwc9CHPwEMGd7Z7unukxBzEmkcW4uySR9SbVVdWz5VZ3NVXd07N7WgyEnGT05LH3zW6WaFDzB4gy60UCwowH2YN7F49CzjKzA6Pfob%2Fv9fug3ntVDw7Lc%2BKipGdbH%2Bp9qRRdC5tu4%2Bq2zLiubGPjXsNzm%2B61xrbM2sG1xmD2Mf23PTdsum823hdsV6%2B1XM91Pddr3JJGJHqwNmch8yddr9l1m0Gr6YUBBua%2F2JYOLHXA%2B%2BfkCiSf%2Fm%2Fnl6eQbIws%2Ff6GsLuFzt%2B6mZaKFtqgz08%2BynYzXWVIl2NiHCTZyWIb2k4J%2BeoSdHaycADdP5o5QCynxPndQ5ydLGQi7h9fKI0VRIaYv4CqP4ZQY0g6BtP3IfmEAIxjYxNZ%2BmhDm4ruXbB0xk7JyvO%2FIaspWfnjFWTpt9eVHDTualUWUmcWg6SGHIwhe2Pk5SmKfQeyOgUrPoPkv5K157eRpUebVmlIfvYG90WYxF53NQw77mrQ9uPVKEq8VZ9FrY7XDZLAo%2FOIpBxDJmMoMQS1l1BaB6V0UCYOytxBys8aNOwmrttJ4sT3o4Ax5vuMhVGbh9wPosRFyWYehijyIZgagpkD5OYAu%2FLLSXhlsmVhyp9gd2pY7sAWBH1eoxIElSWoKEElCaqCoOrXx1zZlq0fcWXL2Fv01qL79UgXvUN6rIueyMhhfk5ensf3l%2FsqdsVZI4pZSINExGG3FYVdN4haSeR32rTdEe2YhrCyhrSXQK2DfTkJfkQuJ2SCmJ7CqlMw%2BRJo%2BTpoNeq0XNCdURC52M%2B%2BK6pcm8wW1Ngm0ym4rpEXKyj2nEN1Tl6by1hfCSHYs3d%2B8%2BcFZmrkpsan8meCnno4uqMrcnRHV5Y83cwLmcp9OrvhuwUtxOWvPxB7lTZ8%2FYYdPn6XzYjZ%2BOSesMVtmnGZ9Sz55rrkXJhb2jBBfli32yLeKu3O9dJkZX57671b62luhLVSZ2NQOSXk8z%2FB5JS8%2BP9P5q%2F36oOPIc0YpqyRls%2FIoiD1GCw%2FgM2X%2Bq0mMGq5E%2BcOqrIemVa8%2FKkkgRJLTOMa9l84Xs6H9iF6xgEt7iNLa%2FRNjb6qQdUQtrw8KnKzPDxWzihWxjmKlVFfXIRr5Vkj9AIRxVGHcR4Lxr1Oy498121xHnS6wuuisFMhHt%2F8BwAA%2F%2F8BAAD%2F%2F3MJwcqVBAAA

173.233.137.52

200 OK

0 B

URL GET HTTP/1.1
proceedglad.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSwYscxRutTvYHPxBEgwc9CHPwEMGd7Z7unukxBzEmkcW4uySR9SbVVdWz5VZ3NVXd07N7WgyEnGT05LH3zW6WaFDzB4gy60UCwowH2YN7F49CzjKzA6Pfob%2Fv9fug3ntVDw7Lc%2BKipGdbH%2Bp9qRRdC5tu4%2Bq2zLiubGPjXsNzm%2B61xrbM2sG1xmD2Mf23PTdsum823hdsV6%2B1XM91Pddr3JJGJHqwNmch8yddr9l1m0Gr6YUBBua%2F2JYOLHXA%2B%2BfkCiSf%2Fm%2Fnl6eQbIws%2Ff6GsLuFzt%2B6mZaKFtqgz08%2BynYzXWVIl2NiHCTZyWIb2k4J%2BeoSdHaycADdP5o5QCynxPndQ5ydLGQi7h9fKI0VRIaYv4CqP4ZQY0g6BtP3IfmEAIxjYxNZ%2BmhDm4ruXbB0xk7JyvO%2FIaspWfnjFWTpt9eVHDTualUWUmcWg6SGHIwhe2Pk5SmKfQeyOgUrPoPkv5K157eRpUebVmlIfvYG90WYxF53NQw77mrQ9uPVKEq8VZ9FrY7XDZLAo%2FOIpBxDJmMoMQS1l1BaB6V0UCYOytxBys8aNOwmrttJ4sT3o4Ax5vuMhVGbh9wPosRFyWYehijyIZgagpkD5OYAu%2FLLSXhlsmVhyp9gd2pY7sAWBH1eoxIElSWoKEElCaqCoOrXx1zZlq0fcWXL2Fv01qL79UgXvUN6rIueyMhhfk5ensf3l%2FsqdsVZI4pZSINExGG3FYVdN4haSeR32rTdEe2YhrCyhrSXQK2DfTkJfkQuJ2SCmJ7CqlMw%2BRJo%2BTpoNeq0XNCdURC52M%2B%2BK6pcm8wW1Ngm0ym4rpEXKyj2nEN1Tl6by1hfCSHYs3d%2B8%2BcFZmrkpsan8meCnno4uqMrcnRHV5Y83cwLmcp9OrvhuwUtxOWvPxB7lTZ8%2FYYdPn6XzYjZ%2BOSesMVtmnGZ9Sz55rrkXJhb2jBBfli32yLeKu3O9dJkZX57671b62luhLVSZ2NQOSXk8z%2FB5JS8%2BP9P5q%2F36oOPIc0YpqyRls%2FIoiD1GCw%2FgM2X%2Bq0mMGq5E%2BcOqrIemVa8%2FKkkgRJLTOMa9l84Xs6H9iF6xgEt7iNLa%2FRNjb6qQdUQtrw8KnKzPDxWzihWxjmKlVFfXIRr5Vkj9AIRxVGHcR4Lxr1Oy498121xHnS6wuuisFMhHt%2F8BwAA%2F%2F8BAAD%2F%2F3MJwcqVBAAA
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSwYscxRutTvYHPxBEgwc9CHPwEMGd7Z7unukxBzEmkcW4uySR9SbVVdWz5VZ3NVXd07N7WgyEnGT05LH3zW6WaFDzB4gy60UCwowH2YN7F49CzjKzA6Pfob%2Fv9fug3ntVDw7Lc%2BKipGdbH%2Bp9qRRdC5tu4%2Bq2zLiubGPjXsNzm%2B61xrbM2sG1xmD2Mf23PTdsum823hdsV6%2B1XM91Pddr3JJGJHqwNmch8yddr9l1m0Gr6YUBBua%2F2JYOLHXA%2B%2BfkCiSf%2Fm%2Fnl6eQbIws%2Ff6GsLuFzt%2B6mZaKFtqgz08%2BynYzXWVIl2NiHCTZyWIb2k4J%2BeoSdHaycADdP5o5QCynxPndQ5ydLGQi7h9fKI0VRIaYv4CqP4ZQY0g6BtP3IfmEAIxjYxNZ%2BmhDm4ruXbB0xk7JyvO%2FIaspWfnjFWTpt9eVHDTualUWUmcWg6SGHIwhe2Pk5SmKfQeyOgUrPoPkv5K157eRpUebVmlIfvYG90WYxF53NQw77mrQ9uPVKEq8VZ9FrY7XDZLAo%2FOIpBxDJmMoMQS1l1BaB6V0UCYOytxBys8aNOwmrttJ4sT3o4Ax5vuMhVGbh9wPosRFyWYehijyIZgagpkD5OYAu%2FLLSXhlsmVhyp9gd2pY7sAWBH1eoxIElSWoKEElCaqCoOrXx1zZlq0fcWXL2Fv01qL79UgXvUN6rIueyMhhfk5ensf3l%2FsqdsVZI4pZSINExGG3FYVdN4haSeR32rTdEe2YhrCyhrSXQK2DfTkJfkQuJ2SCmJ7CqlMw%2BRJo%2BTpoNeq0XNCdURC52M%2B%2BK6pcm8wW1Ngm0ym4rpEXKyj2nEN1Tl6by1hfCSHYs3d%2B8%2BcFZmrkpsan8meCnno4uqMrcnRHV5Y83cwLmcp9OrvhuwUtxOWvPxB7lTZ8%2FYYdPn6XzYjZ%2BOSesMVtmnGZ9Sz55rrkXJhb2jBBfli32yLeKu3O9dJkZX57671b62luhLVSZ2NQOSXk8z%2FB5JS8%2BP9P5q%2F36oOPIc0YpqyRls%2FIoiD1GCw%2FgM2X%2Bq0mMGq5E%2BcOqrIemVa8%2FKkkgRJLTOMa9l84Xs6H9iF6xgEt7iNLa%2FRNjb6qQdUQtrw8KnKzPDxWzihWxjmKlVFfXIRr5Vkj9AIRxVGHcR4Lxr1Oy498121xHnS6wuuisFMhHt%2F8BwAA%2F%2F8BAAD%2F%2F3MJwcqVBAAA HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Cookie: u_pl=15413272; uid_id2=d3e5fb19-5570-463b-88f1-3c827194f41a:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 08:48:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5f8e2d7a67a3a83ca8b700c8b1a9af7d
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/css/animate.css

172.64.108.10

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/css/animate.css
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text
Size
79 kB (79249 bytes)
Hash
e1d8acd5ee9d1a90ea09313cbd8f2b02
8a8327b115d1356715e63270d1ce6d46124c7b1a
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a

HTTP Headers

GET /sb/ssp/notifications/text_bubble/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.twpornstars.com
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:48:05 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 10:56:21 GMT
etag: W/"62cd5355-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1572743
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pq%2FULG9lR0cCGykPMNpYFM52HD7A5XnaoArek1j90ujhtZNIvDCrGvHoH3WaE89R42kD25m3%2BZdlVJMUMsv6oLwYWSyVMfC%2Fq8fTL6MaX8VbtA%2BlP%2Bu365kLtHugUXpZd%2FbXLg9clxL%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1599548ac7797-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.twpornstars.com/build/774.20b593a7.js

104.21.235.199

200 OK

27 kB

URL GET HTTP/3
www.twpornstars.com/build/774.20b593a7.js
IP
104.21.235.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjecttwpornstars.com
FingerprintEB:76:FE:F7:DB:B4:77:BC:3A:CF:C0:C5:84:41:DC:91:D7:84:EE:9F
ValidityMon, 30 Oct 2023 12:52:22 GMT - Sun, 28 Jan 2024 12:52:21 GMT

File type
ASCII text, with very long lines (27095)
Size
27 kB (27165 bytes)
Hash
d22744a40f2e0aebbfc7303da32c597a
5f652a643be14ffa99d8ebf06c5558a53a1874da
3feb8f619be686031fefc98a2aedaf2c9999f4d19141867ddb420c342169235d

HTTP Headers

GET /build/774.20b593a7.js HTTP/1.1
Host: www.twpornstars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/LeoLulu_XXX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:48:03 GMT
content-type: application/javascript
cache-control: max-age=315360000, public, immutable
etag: W/"65412065-6a1d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 31 Oct 2023 15:42:29 GMT
cf-cache-status: HIT
age: 536542
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hXqKp8oUu1eDIJozq5Htlt9QOQ9aEv7qP1KGfMBfqNxfr5OiZ26hR1cORWiDAr8Jkw3qbbbiH0FwyIUW01UsI6xfnhMqoDzJ2PRuTT4rPiyG32pK7QiftKh0LXqX9HBSe40DJs%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d15988b96edf68-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.twpornstars.com/build/index.636164b9.js

104.21.235.199

200 OK

15 kB

URL GET HTTP/3
www.twpornstars.com/build/index.636164b9.js
IP
104.21.235.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subjecttwpornstars.com
FingerprintEB:76:FE:F7:DB:B4:77:BC:3A:CF:C0:C5:84:41:DC:91:D7:84:EE:9F
ValidityMon, 30 Oct 2023 12:52:22 GMT - Sun, 28 Jan 2024 12:52:21 GMT

File type
ASCII text, with very long lines (14606), with no line terminators
Size
15 kB (14606 bytes)
Hash
c28d52d30d19cf7b54cfce5614a643d7
37c35b4e09cb39ea62817895f438048c7dee0c45
2a84fbb7ffb3f430699a70187566aa2d24e30159491b88313274759a2d3fa78c

HTTP Headers

GET /build/index.636164b9.js HTTP/1.1
Host: www.twpornstars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/LeoLulu_XXX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:48:03 GMT
content-type: application/javascript
cache-control: max-age=315360000, public, immutable
etag: W/"65412065-390e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 31 Oct 2023 15:42:29 GMT
cf-cache-status: HIT
age: 199681
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zl8mAr3%2BAVPet2Gh9KN2SS7HGyQtK37%2FcoPalJh%2FH3N%2FrDx6YHSur4xSq73Gkn0obRC0cy7RAlGd3DCwgblTeJ8l%2FPgbpdQnqESUvQEhatGu2K99px1KPryOW7BUrplZXm4%2FTMHA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d15988b978df68-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-V4D62Y39MW

142.250.74.168

200 OK

238 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-V4D62Y39MW
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.twpornstars.com/LeoLulu_XXX
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
238 kB (238190 bytes)
Hash
523e0b7e6142f527cd8ff72a4ffb8977
df1d5af561e5d88b48a17dc46e71cbf3b2d541da
c620d48429cb766de97dd3b68d76f27e13f469447ea683b70da669aa0e94cd38

HTTP Headers

GET /gtag/js?id=G-V4D62Y39MW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.twpornstars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 08:48:03 GMT
expires: Tue, 28 Nov 2023 08:48:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83507
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by