Report - shbzek.com/gosl/InNpZCI6MTIxMjUwNiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=122&si2=05demos

Report Overview

Submitted URL
shbzek.com/gosl/InNpZCI6MTIxMjUwNiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=122&si2=05demos
IP
185.56.234.205
ASN
#39572 DataWeb Global Group B.V.
Submitted
2023-05-15 22:57:54
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
alvsx.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-15	1.3 kB	501 kB	104.21.7.3
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-15	2.2 kB	51 kB	142.250.74.35
shbzek.com	unknown	2023-02-03	2023-02-03	2023-05-15	577 B	12 kB	185.56.234.205
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-15	666 B	1.4 kB	142.250.74.131
a.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-15	2.6 kB	526 kB	104.21.7.3
js.streampsh.top	unknown	2022-11-18	2023-05-01	2023-05-15	632 B	20 kB	172.67.169.207
goto.trackpshgoto.win	unknown	2023-02-17	2023-02-19	2023-05-15	592 B	1.3 kB	20.113.188.243
c.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-15	2.6 kB	528 kB	104.21.7.3
www.highcpmrevenuenetwork.com	unknown	2022-12-23	2022-12-23	2023-05-15	1.1 kB	1.1 kB	173.233.137.60
azkcqs.com	22208	2021-08-04	2021-08-04	2023-05-15	527 B	184 B	185.162.85.1
ecrwqu.com	577459	2021-11-09	2021-11-09	2023-05-14	551 B	2.4 kB	185.162.85.14
alvsx.cloudpsh.top	unknown	2023-01-18	2023-01-23	2023-05-15	578 B	614 B	5.75.133.219
b.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-15	2.0 kB	516 kB	104.21.7.3
d.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-15	1.3 kB	510 kB	104.21.7.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-15 22:57:38	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-05-15	medium	highcpmrevenuenetwork.com
2023-05-15	medium	highcpmrevenuenetwork.com

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (30)

URL IP Response Size

azkcqs.com/rpe?a=1&s=1&act=17&src=2&p=1054030&st=1212506&wd=451919&d=shbzek.com&tpl=32&rnd=0.8178660202037498&sbid=122&sbid2=05demos

185.162.85.1

0 B

URL
azkcqs.com/rpe?a=1&s=1&act=17&src=2&p=1054030&st=1212506&wd=451919&d=shbzek.com&tpl=32&rnd=0.8178660202037498&sbid=122&sbid2=05demos
IP
185.162.85.1:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rpe?a=1&s=1&act=17&src=2&p=1054030&st=1212506&wd=451919&d=shbzek.com&tpl=32&rnd=0.8178660202037498&sbid=122&sbid2=05demos HTTP/1.1
Host: azkcqs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shbzek.com
DNT: 1
Connection: keep-alive
Referer: https://shbzek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 15 May 2023 22:57:37 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2

shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTksInNyYyI6Mn0=eyJ&si1=122&si2=05demos

185.56.234.205

12 kB

URL
shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTksInNyYyI6Mn0=eyJ&si1=122&si2=05demos
IP
185.56.234.205:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21571)
Size
12 kB (11563 bytes)
Hash
b4140cddcee8ba4f6aae1c5ee0d9f592
8aa8d637edefa5d367137c926f3893cf3cba8edf
877f02f29decfb4335a4359b34a7440d4e09b158f8a1563e836e432954e9da16

HTTP Headers

GET /great?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTksInNyYyI6Mn0=eyJ&si1=122&si2=05demos HTTP/1.1
Host: shbzek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.1
date: Mon, 15 May 2023 22:57:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: truniq=1; expires=Tue, 16-May-2023 22:57:36 GMT; Max-Age=86400; path=/; domain=shbzek.com
x-zone: eu3
content-encoding: gzip
X-Firefox-Spdy: h2

ecrwqu.com/cuclc?aid=1980345421355106617&t=1684191457&s=198

185.162.85.14

1.2 kB

URL
ecrwqu.com/cuclc?aid=1980345421355106617&t=1684191457&s=198
IP
185.162.85.14:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1185), with no line terminators
Size
1.2 kB (1185 bytes)
Hash
4cc8db2b7613695bf93c2e1eb5b34df9
a813334026f0a4d9fe68685022701fa8e8734d79
806342ad09d2b19303509bd26e8ffac0d902ea386557bd9ca30ebb65aec839c8

HTTP Headers

GET /cuclc?aid=1980345421355106617&t=1684191457&s=198 HTTP/1.1
Host: ecrwqu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3iyc.shbzek.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.18.0
date: Mon, 15 May 2023 22:57:37 GMT
content-type: text/html; charset=utf-8
content-length: 1185
location: https://s.viiian.com/h/1524/m2aeuqm24v4vvrfvuovytlgjwktuk56pskpixcg5wb5hqgd2n57hyeduafrcpdf3yl2u4kquzm33su7mk2h7o7osgovms6xiohfo5rxmsd5pl7g2nsbesonaipay5hhflo2fn4nm37fdd4tqzo2kpplm2zxffyklmm4sf6skp2cua42tgzziqrswwnzxjgrqopzhxhe46vx44342u73gbn3os7dpd3saufidoteai65jtmxinpjhdwd2xbzux3scrwq4d2th2vuva6laob3ee2qhpfwxgzduincfgcscijagmsl4k52fwyh3jvqjk2ki2bnlartd3mzuzscbkzi7m53kw3hig6saq3deqxtnobrrc2yxrnbcbp2p5jzilrsf5bczxrlztvr6jat2qjivgkiagbmgg6lzavcfu4zjgavcoedhkmxd443ppjducvcwiqlry2ivfrpx73csjlawh46rxnfm4sswzzisd6ujpsjece6l3yfko4dp46qxfhsewkj2ln44rgy63c2xvja7yus6hewdi3lmlyja2rq5lqgceejjau3b6obmeykrqqz5ee4go42gcrrcsm33gqrbybk7araemsteizwb2lyygv3hqvkgljzhqz36ovdgmbt4mfzggziscqlfofi5biuu2623obohmkbgcibva43gmygw6r3vkm2syijffuibspk3czhrwpqgpzoxixbupb7fqfqlfawtk7bhca2qc5lbojrxkfkda5lewfy6mfevau2mmzrxg6cuifoxw63gpnjp5pgjtxa4jqm6xn2evmvgtkrfkigo4we62vytzhf75icbfc3phcxyvpe3fj53kyvxfzldzk5prw2wkj5wnxtajjrccfiddvygo6jngqjdovz3a42dqmycfiaueeiue4yripycgizwc6lyknbf27dgguts6q52gfsvu5fwwl55mzailb5hssfgxjtgnigwinsjxgqg6b67gws4jfvdmtkyatud4pgkepiaqzxgaszasuiopaaf6===?u=
X-Firefox-Spdy: h2

goto.trackpshgoto.win/15GTdk?camp=624246&site=1417801675501964&category=1560&cost=9.0E-4&external_id=cnv4320d379afbec4ecf789646d6ed9ef19

20.113.188.243

320 B

URL
goto.trackpshgoto.win/15GTdk?camp=624246&site=1417801675501964&category=1560&cost=9.0E-4&external_id=cnv4320d379afbec4ecf789646d6ed9ef19
IP
20.113.188.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document, ASCII text, with very long lines (320), with no line terminators
Size
320 B (320 bytes)
Hash
bce40d805f145f30ac46f50b9063acff
e448aba5aaaad77e00b4a2194ef8fec884612dad
ab11aedc697f83a4f2c58658aa342f2774aa50a842c8d4845796e4f5812ba596

HTTP Headers

GET /15GTdk?camp=624246&site=1417801675501964&category=1560&cost=9.0E-4&external_id=cnv4320d379afbec4ecf789646d6ed9ef19 HTTP/1.1
Host: goto.trackpshgoto.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Mon, 15 May 2023 22:57:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 320
Connection: keep-alive
X-Powered-By: Express
Set-Cookie: 15GTdko=20230516011684191464522; domain=.goto.trackpshgoto.win; path=/;expires=Tue, 16 May 2023 22:57:38 GMT;  httpOnly=true;SameSite=None; Secure;
_pc_lc_id=15GTdk; domain=.goto.trackpshgoto.win; path=/;expires=Tue, 16 May 2023 22:57:38 GMT;  httpOnly=true;SameSite=None; Secure;
peerclickcid=5edf130ccc3728f6352fb37d9163fa96-42510-0516; domain=.goto.trackpshgoto.win; path=/;expires=Tue, 16 May 2023 22:57:38 GMT;  httpOnly=true;SameSite=None; Secure;
_norg=1; domain=.goto.trackpshgoto.win; path=/;expires=Tue, 16 May 2023 22:57:38 GMT;  httpOnly=true;SameSite=None; Secure;
Location: https://alvsx.cloudpsh.top/?pl=gX8SmuT53Uat0GJjeCpaXQ&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964
Vary: Accept

alvsx.cloudpsh.top/?pl=gX8SmuT53Uat0GJjeCpaXQ&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964

5.75.133.219

0 B

URL
alvsx.cloudpsh.top/?pl=gX8SmuT53Uat0GJjeCpaXQ&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964
IP
5.75.133.219:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pl=gX8SmuT53Uat0GJjeCpaXQ&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964 HTTP/1.1
Host: alvsx.cloudpsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Mon, 15 May 2023 22:57:38 GMT
content-length: 0
location: https://alvsx.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
set-cookie: gX8SmuT53Uat0GJjeCpaXQ=15; max-age=345600; path=/; samesite=lax
__pl=74670fd1-8911-4df9-b1ca-47f0c408aeef; expires=Thu, 15 May 2025 22:57:38 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2

alvsx.crystalcrafter.top/adult-video/assets/video.gif

104.21.7.3

500 kB

URL
alvsx.crystalcrafter.top/adult-video/assets/video.gif
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 320 x 180\012- data
Size
500 kB (500082 bytes)
Hash
2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433

HTTP Headers

GET /adult-video/assets/video.gif HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:38 GMT
content-type: image/gif
content-length: 500082
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-7a172"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4439
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rgh51Th4cO%2Fchj7v%2FH2BdwuucLubDTCT9HnM25UvPLrM8NH0mg970gM8jbE3fJ%2BosQeF7K3wv4z%2BwLfSpcX3nWXGkN7eCbSQrHjH%2BokjYnzgRo3Ys3qfX5XKD397SM1m3L0k3eTw1HiuwOc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb2a58c20afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/favicon.ico

104.21.7.3

0 B

URL
alvsx.crystalcrafter.top/favicon.ico
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Mon, 15 May 2023 22:57:39 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 190
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nqndx8CziZlvZ6E4h0yosn8SKlk6JW5UCBl0rHg8oZ%2BiWyOUiGDHt2EMtg%2Bx8cc2RG71vf4mWFeYf6tHM9HO1WS6IleFrmXQFo6QBqAS5%2F1x3l7zebQ2NxApO5HCSd5NTT0ugnT1ih%2BC4AM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb2c29880afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f4fea5cf544471669f24229f47d96622
e21aa81232c02d605863b3193c4ce0d27eba07ec
216eb082f9386c239a730dfe8d0414192c3af67ccba8db2865a250d2e13ed7d4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 15 May 2023 22:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/firebasejs/8.4.1/firebase-app.js

142.250.74.35

6.8 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21158)
Size
6.8 kB (6763 bytes)
Hash
e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2

HTTP Headers

GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 May 2023 06:18:54 GMT
expires: Fri, 10 May 2024 06:18:54 GMT
cache-control: public, max-age=31536000
age: 405525
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f4fea5cf544471669f24229f47d96622
e21aa81232c02d605863b3193c4ce0d27eba07ec
216eb082f9386c239a730dfe8d0414192c3af67ccba8db2865a250d2e13ed7d4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 15 May 2023 22:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

142.250.74.35

11 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40976)
Size
11 kB (10908 bytes)
Hash
a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

HTTP Headers

GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 May 2023 00:16:42 GMT
expires: Thu, 09 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 513657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

a.crystalcrafter.top/adult-video/assets/video.gif

104.21.7.3

500 kB

URL
a.crystalcrafter.top/adult-video/assets/video.gif
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 320 x 180\012- data
Size
500 kB (500082 bytes)
Hash
2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433

HTTP Headers

GET /adult-video/assets/video.gif HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:39 GMT
content-type: image/gif
content-length: 500082
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-7a172"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4439
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V98HSHf4XjhyDjgYQGpC4LsCV9wFS2A6aG7NEwhaElpyfjQ2sNUh3ej6oapSyp41oFN2oERFX1S%2Bu3RvS%2FgS9R0vIBeT3ag6dEApTWQl1Jzdwu8xyeRUPHEQtgvB1MQf0UfNE4Ppsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb2ffb9d0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

a.crystalcrafter.top/favicon.ico

104.21.7.3

0 B

URL
a.crystalcrafter.top/favicon.ico
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Mon, 15 May 2023 22:57:40 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1665
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0dD0jdcFUgifNv7AfeMmWMQdjALLUiOv9bE8oTU3uWycmeSRw%2FS%2BgJC19zcYEwsMoNZA1ACtL1HsV11qKhcy6%2Fd8q1U9p86dcmFVdk%2FpigghHlxhSnCJ252rBAGhbU4XcUc5NLpiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb312c3e0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

a.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758

104.21.7.3

12 kB

URL
a.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2076), with CRLF line terminators
Size
12 kB (11943 bytes)
Hash
aec10c280b563360924273b2a911e635
1905d806efc15be78c699590b1b9a2651bc2263c
ef053c01691e965b2c29ab2d0a15583b01c7e8c9be02ad9bbedd3a3d039766ea

HTTP Headers

GET /adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758 HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:39 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmNqCBiupwBbuIwzuUUEhnlAQ3qZ%2BhaAxY18EPHyTcZUpdrFphOhYAZ3MyV%2BJszl0c50syHUrDZ2xrO2jYrgkKW3lnqDjpjsTAeG03xrZ%2B9c1oO2NsbferfT0MoWrQR9Y1dLgO%2FXTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c7efb2f4b470afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

a.crystalcrafter.top/adult-video/assets/spinning-circles2.svg

104.21.7.3

11 kB

URL
a.crystalcrafter.top/adult-video/assets/spinning-circles2.svg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
11 kB (11232 bytes)
Hash
14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

HTTP Headers

GET /adult-video/assets/spinning-circles2.svg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:39 GMT
content-type: image/svg+xml
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-1f7"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28hHjIIkaHP2NfQw1n1l3xOP3C0KKRbcbnX1yRjQAqymJH9%2BUCiGElKi5OdpucoZ8mG1H0BLw4En4XpzPO7u77Y38AD77BB8pAQcZ%2BUo4MKKQfAma4CSwi95Vz43zI1MbIqPXtokjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb2feb9b0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

b.crystalcrafter.top/adult-video/assets/video.gif

104.21.7.3

500 kB

URL
b.crystalcrafter.top/adult-video/assets/video.gif
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 320 x 180\012- data
Size
500 kB (500082 bytes)
Hash
2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433

HTTP Headers

GET /adult-video/assets/video.gif HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:40 GMT
content-type: image/gif
content-length: 500082
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-7a172"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1066
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMWhNke2Hb6354Jp4vlCnzZJc5zv%2BHHSUTB%2BLLndEgvEiQbeIx0hRxaC%2BU84kY63nv8VWDxE4PLhD83tJ%2FVEQ%2F5bZsNtgflzTWbl8OGDLbFPzMV5qt6M6yHbVnB6DTMaItx6%2FJ0tTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb331d2e0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

b.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758

104.21.7.3

5.2 kB

URL
b.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2076), with CRLF line terminators
Size
5.2 kB (5180 bytes)
Hash
aec10c280b563360924273b2a911e635
1905d806efc15be78c699590b1b9a2651bc2263c
ef053c01691e965b2c29ab2d0a15583b01c7e8c9be02ad9bbedd3a3d039766ea

HTTP Headers

GET /adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758 HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:40 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRdfLDiWvFQFki3fp6a9VG8ieKj2ZmeMKW%2B6klCJzD5ryIxO1DwCY6ESdrKvNCnrgO4zpaWm54yeqMXwoGJV8CCkDyCOe9g4obYGZKWNNdIYcirpbj0lUHsjA1gOd4d8NojWwuwl8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c7efb327cdd0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

b.crystalcrafter.top/adult-video/assets/style.css

104.21.7.3

8.3 kB

URL
b.crystalcrafter.top/adult-video/assets/style.css
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
8.3 kB (8258 bytes)
Hash
4282caba1d544b2d6164f7a67fb9306c
1a043cc45756075f239d7ccd13999b7d16ac665d
dbe57e2d6acc8c6850ad81fbfb538593e4faa98d011e2867abcdfa094dbbaf86

HTTP Headers

GET /adult-video/assets/style.css HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:40 GMT
content-type: text/css
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-1eb1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ud6iOhdcIo7WGhaPJV0N%2B1s7AqRgwtKREDtjq43Tlg1ho7QbbAJjDKCsViU5us60%2BO17aWYy6jgtQT31R8Zj1e7A31ul9QC4lfQuY29VQVZlamtGJ23EKWIIRQ9ysUEr20pVNvQIBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb331d2b0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

142.250.74.35

11 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40976)
Size
11 kB (10908 bytes)
Hash
a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

HTTP Headers

GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 May 2023 00:16:42 GMT
expires: Thu, 09 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 513658
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

c.crystalcrafter.top/adult-video/assets/video.gif

104.21.7.3

500 kB

URL
c.crystalcrafter.top/adult-video/assets/video.gif
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 320 x 180\012- data
Size
500 kB (500082 bytes)
Hash
2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433

HTTP Headers

GET /adult-video/assets/video.gif HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:40 GMT
content-type: image/gif
content-length: 500082
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-7a172"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1062
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUqVfOjQerNC7adIeYVPc4YM8HGp09NGWtgiMzVb9%2FIXUCZ8PBep27LJAlfJCMnRmqTfpBvN%2FbJjbwI7YPfoo2yevrhAH0jNkXZQJrm0nxcARezYM22JNw9sqoaBxDiSkZacVOut9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb361e630afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

c.crystalcrafter.top/favicon.ico

104.21.7.3

0 B

URL
c.crystalcrafter.top/favicon.ico
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Mon, 15 May 2023 22:57:40 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3061
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCX92J6fB02e5BPaXb614PkcCQGOiw%2Baz3wrkYL7RoJ8O8iITbNWgP7gto4J1kDhbEZSrYBadh%2FTR0B39gBYXQglzqhVFfzNfjGus5JqeLS2ERrLIlnW%2BWPOUpulPKjU4XQApfYgLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb372edd0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

c.crystalcrafter.top/adult-video/assets/style.css

104.21.7.3

17 kB

URL
c.crystalcrafter.top/adult-video/assets/style.css
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
17 kB (16768 bytes)
Hash
4282caba1d544b2d6164f7a67fb9306c
1a043cc45756075f239d7ccd13999b7d16ac665d
dbe57e2d6acc8c6850ad81fbfb538593e4faa98d011e2867abcdfa094dbbaf86

HTTP Headers

GET /adult-video/assets/style.css HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:40 GMT
content-type: text/css
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-1eb1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1065
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgNnzpLDEtSdvQYwokAI422yGBx%2BXQLxpVjq8LsulQ9G%2FMg535Mu5jiCDAIkUS0E2yKo4aNUDR8GKQVRh7TRJukwzSZbDWOBJgfwTAdUduacNqjMuO%2FuXUYzJ5FmQRjeAo9Zh9NGpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb361e610afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

142.250.74.35

11 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40976)
Size
11 kB (10908 bytes)
Hash
a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

HTTP Headers

GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 May 2023 00:16:42 GMT
expires: Thu, 09 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 513659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

d.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758

104.21.7.3

505 kB

URL
d.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2076), with CRLF line terminators
Size
505 kB (505262 bytes)
Hash
aec10c280b563360924273b2a911e635
1905d806efc15be78c699590b1b9a2651bc2263c
ef053c01691e965b2c29ab2d0a15583b01c7e8c9be02ad9bbedd3a3d039766ea

HTTP Headers

GET /adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758 HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:41 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNVowoMcI5VIQpAx3OEDbnrQh47%2FJ5a%2B1iIholL8R5JEYT1XbIqNBntL7Xpqqmgzm08PpcMRbMFc%2Bj5Dt13%2FmSe3LRSKdPBfYSEgNSvgNyLUoJQl6mF9c%2FdITbCCn3yQ0yC%2FICRsgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c7efb386f640afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

c.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758

104.21.7.3

8.1 kB

URL
c.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2076), with CRLF line terminators
Size
8.1 kB (8097 bytes)
Hash
aec10c280b563360924273b2a911e635
1905d806efc15be78c699590b1b9a2651bc2263c
ef053c01691e965b2c29ab2d0a15583b01c7e8c9be02ad9bbedd3a3d039766ea

HTTP Headers

GET /adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758 HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:40 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxMvl3yyOPp7FC5gHYfuihfxMl6gzN5gfHKOcFY4EysIgSvBomBYj3HSAwaqPD3JqR2b5dGGLTBgH%2FpsEAIeyetJKtJtX6OxrY9BTlP9qI5d0oVGf98alNHIdDThQNaeBgVkSYVfRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c7efb356e1c0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-app.js

142.250.74.35

6.8 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21158)
Size
6.8 kB (6763 bytes)
Hash
e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2

HTTP Headers

GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 May 2023 06:18:54 GMT
expires: Fri, 10 May 2024 06:18:54 GMT
cache-control: public, max-age=31536000
age: 405527
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&appspot=

172.67.169.207

19 kB

URL
js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&appspot=
IP
172.67.169.207:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (23357), with no line terminators
Size
19 kB (19418 bytes)
Hash
42e7a7722cf95b2c6e6c8d7a328288fe
d36d8c1a8a7e6d35ad38944bf05c2ad196c81a68
0601db7a2100537587d0a65805d2f21cdc0a75a69f268abc7c83665ad860e594

HTTP Headers

GET /ps/ps.js?edg=true&fullscreen=true&pl=true&id=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&appspot= HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Cookie: __psu=89f936e0-6753-4092-bcf5-06fa2cc9ab80
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:41 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0MDg%2F6QZCcEUqnneU1dU6PiRoypiRcdlwL7OFm7lL9uRZhely2oJXeVRWZi3PMo2RhPt95F%2FSMYGML%2F6YlAkx7LNWGc4yMfUaxBoucmMN%2BvfKZmb2uWiFW25yO9vlRzNtvQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb396f57b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f

173.233.137.60

200 OK

115 B

URL User Request GET HTTP/1.1
www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Certificate
IssuerLet's Encrypt
Subjecthighcpmrevenuenetwork.com
Fingerprint4A:B9:EF:7A:95:F5:EB:F1:0F:44:6B:99:79:4A:95:32:BE:12:C7:AB
ValiditySat, 22 Apr 2023 06:23:55 GMT - Fri, 21 Jul 2023 06:23:54 GMT

File type
ASCII text, with no line terminators
Size
115 B (115 bytes)
Hash
16579cc322e9e105427ecfa57890ef69
8bb47ec30cf894ab49032d7271a45f0c778baa05
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 15 May 2023 22:57:41 GMT
Content-Type: text/html
Content-Length: 115
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17984642; expires=Tue, 16 May 2023 22:57:41 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eca483d749736426ed04bf073c3799c4
Strict-Transport-Security: max-age=0; includeSubdomains

d.crystalcrafter.top/adult-video/assets/trls.js

104.21.7.3

2.9 kB

URL
d.crystalcrafter.top/adult-video/assets/trls.js
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Size
2.9 kB (2917 bytes)
Hash
4bf00604db1b3695385cfd297af0ef46
6d6652fcbefb4a5ea4fba578a2532c7e1b16e2c6
7e023b60f8f33a43f89f344e37ea814c93e69e82bb4ddb90b5b0467d9d82ac05

HTTP Headers

GET /adult-video/assets/trls.js HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:41 GMT
content-type: application/javascript
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-1da4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1062
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwOOtgOlIlYEVIDyaefZ1rb%2F77g4FNmsjywwlkQPBse4EJcMHNYj4lw6JyLRGywt770rQFw8QL6Ar3cc1LUoa2Gonwi2GohxeFx8xdhFDDTxhBV8yQFe4m1pAs4d%2FZVtaVyIqGjSqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb38ffab0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.highcpmrevenuenetwork.com/favicon.ico

173.233.137.60

200 OK

0 B

URL GET HTTP/1.1
www.highcpmrevenuenetwork.com/favicon.ico
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f
Certificate
IssuerLet's Encrypt
Subjecthighcpmrevenuenetwork.com
Fingerprint4A:B9:EF:7A:95:F5:EB:F1:0F:44:6B:99:79:4A:95:32:BE:12:C7:AB
ValiditySat, 22 Apr 2023 06:23:55 GMT - Fri, 21 Jul 2023 06:23:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f
Cookie: u_pl=17984642
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 15 May 2023 22:57:42 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b81c93a0d2a47d9a5a468fe1e16c34a4
Strict-Transport-Security: max-age=0; includeSubdomains

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (30)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type