Report - www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240

Report Overview

Visited public
2023-11-14 06:54:44
Tags
URL
www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Finishing URL
www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
IP / ASN
13.213.230.75
#16509 AMAZON-02
Title
4D Realistic Vagina

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
w.ladicdn.com	44911	2018-09-19	2019-05-31 05:28:28	2023-11-13 23:25:26	2.8 kB	606 kB	143.204.55.80
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-14 02:28:17	3.3 kB	204 kB	216.58.207.227
s.zzcdn.me	unknown	2023-01-10	2023-01-12 06:35:08	2023-11-14 03:05:16	430 B	8.1 kB	123.30.58.17
www.pleasureshop.xyz	unknown	2022-09-10	2022-09-10 16:33:41	2023-10-31 05:42:50	533 B	147 kB	13.213.230.75
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-14 02:28:17	492 B	11 kB	142.250.74.106
zerossl.ocsp.sectigo.com	4049	2018-08-16	2020-05-09 21:05:29	2023-11-13 18:20:57	338 B	1.2 kB	104.18.38.233
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-14 00:53:54	1.3 kB	220 kB	142.250.74.168
a.ladipage.com	59666	2014-10-11	2020-08-14 04:05:09	2023-11-13 23:25:27	1.4 kB	1.6 kB	13.250.196.120
trk.ero-analytics.com	unknown	unknown	No data	No data	844 B	0 B	0.0.0.0
static.ladipage.net	149891	2016-01-01	2017-02-02 11:19:13	2023-11-13 23:25:28	474 B	377 B	52.76.24.172
log.adtimaserver.vn	37174	unknown	2016-07-14 18:25:27	2023-11-13 23:25:28	2.0 kB	996 B	120.138.69.209

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-14 06:54:26	low	13.213.230.75	Client IP	ET INFO Observed ZeroSSL Certificate for Suspicious TLD (.xyz)
2023-11-14 06:54:26	low	13.213.230.75	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-14	medium	ero-analytics.com	Sinkholed
2023-11-14	medium	ero-analytics.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (19)

	URL	From	Size	First Seen	Last Seen
	www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240	ScriptElement	854 B	2023-11-05	2024-08-20
Pretty URL www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240 IP 13.213.230.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-05 17:36 Last Seen2024-08-20 20:47 Times Seen2 Hash ebcd652423c272f23d29737ff1922f78 3499eef38dc69e87b8d529aa945a593b3c0dd2c7 a0232bd0e0d8afc29e870cb38c834bf663975b3693fd2b6491d5833a108af61b Loading...

	www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240	ScriptElement	461 B	2023-03-14	2025-04-17
Pretty URL www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240 IP 13.213.230.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 02:37 Last Seen2025-04-17 19:25 Times Seen34 Hash 717a846ab285132cf77a45638169c27c 9bf432f6da9ff1b9a6c555e3f4678f92137eae1b a22e567eb8a49bf2bfc0c9d53e2e0a1563a2db38fc93358bec049bb5b2ce11fb Loading...

	www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240	ScriptElement	177 B	2023-05-05	2025-04-17
Pretty URL www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240 IP 13.213.230.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-05 01:21 Last Seen2025-04-17 19:25 Times Seen34 Hash 8458ec0f780b79e19eb2f2b13613aae9 9e5cd1094c776cf116d6b7b487e230f061c0daf1 c62020aec04eb61e8778999b9ca51c4e76bd0ea12a04bae2b27c9d81badb1de7 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-10
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-10 12:16 Times Seen340852 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.pleasureshop.xyz/sexy-school-girl/sandbox%20eval%20code		147 B	2023-04-11	2025-05-10
Pretty URL www.pleasureshop.xyz/sexy-school-girl/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-10 12:16 Times Seen341653 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240	ScriptElement	414 B	2023-06-09	2025-04-28
Pretty URL www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240 IP 13.213.230.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-09 05:39 Last Seen2025-04-28 01:36 Times Seen217 Hash 4d634fc8cb299d32785140a82120da45 0e09ade1247567c98a274446731aaa114b20cfb6 3bdf7159d021fb02880988f248e4345e703fffe3f4a3c039fb35003b5cbd6507 Loading...

	www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240	ScriptElement	390 B	2023-11-03	2024-08-20
Pretty URL www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240 IP 13.213.230.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 23:28 Last Seen2024-08-20 21:02 Times Seen7 Hash 185abc12e4db5a22026484d0ea4f7260 2015d169032f20855d9a5f41620866a9eb859aba 1241f44ccf41585d3c62ca4915f66bfa4caa29bd5a734fc2fe3e81d0a2fd2917 Loading...

	w.ladicdn.com/v2/source/ladipagev3.min.js?v=1698396014328	ScriptElement	395 kB	2023-11-08	2024-08-20
Pretty URL w.ladicdn.com/v2/source/ladipagev3.min.js?v=1698396014328 IP 143.204.55.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-08 14:02 Last Seen2024-08-20 20:24 Times Seen116 Hash b82b65de5564d3b52ac6e9816c4b1e9a 9987ac0ccca5086b8c5d2b717a5bf096efc90bfd b48dbd87d51d3b5c679a5bce9cc23409df311b136322d3fc8f8b8781392ea140 Loading...

	www.googletagmanager.com/gtag/js?id=UA-142501317-5	ScriptElement	190 kB	2023-11-14	2023-11-14
Pretty URL www.googletagmanager.com/gtag/js?id=UA-142501317-5 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 07:54 Last Seen2023-11-14 07:54 Times Seen1 Hash 3f05253f70861b51ac4d87bff150113c b3c962d53323d9df73bc2f717f8cec48809d1423 ca884041596038a0d2a1ce381c05f1bb363993d713ea8cfb7144e93e644b9027 Loading...

	www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240	ScriptElement	155 B	2023-11-03	2024-08-20
Pretty URL www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240 IP 13.213.230.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 23:28 Last Seen2024-08-20 21:02 Times Seen7 Hash 8607d2da60880d63ae2a3fdf70e6c619 6bd923c23ffa38c56a76293833d2e804fba90135 000218267c6097e985f1c585a2cf15be5a1c82c4a618f1c7368cd8e939d77d0f Loading...

	www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240	ScriptElement	2.7 kB	2023-10-24	2025-04-29
Pretty URL www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240 IP 13.213.230.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-24 21:15 Last Seen2025-04-29 11:50 Times Seen658 Hash cbffcd78873a4b0b214aec18073366ce 43e9c13b2720530e26a370cfa5d4ff45ab01cef9 4d3b50c2088e4ae132d8df42d478effbda355f9aacf4c5d720c4dffcfae16f24 Loading...

	www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240	ScriptElement	1.3 kB	2023-11-05	2024-08-20
Pretty URL www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240 IP 13.213.230.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-05 17:36 Last Seen2024-08-20 20:47 Times Seen2 Hash 774cf2a322d6ded694e10be2fd1f39d6 657efe8e63fd51a948d477fe8add329c0fc90dca 7fc9208d6c7cd28896c35779f200fee693ce2bcad259b3f4649ebc2be1f9e0cb Loading...

	w.ladicdn.com/v2/source/ladipage.formdata.min.js?v=1698396014328	ScriptElement	56 kB	2023-10-21	2024-08-21
Pretty URL w.ladicdn.com/v2/source/ladipage.formdata.min.js?v=1698396014328 IP 143.204.55.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-21 05:57 Last Seen2024-08-21 03:58 Times Seen195 Hash d1d455dc570a2e0d3fc8e67f21603719 0fc846e2a227ef8fe97cb07e661698da01c4fcf2 7c311a4307ef68e34a4227fa5375b9530b0af3733c3db5294b1aeb2d4c28c275 Loading...

	www.googletagmanager.com/gtag/js?id=G-431CC16XJX&l=dataLayer&cx=c	ScriptElement	229 kB	2023-11-14	2023-11-14
Pretty URL www.googletagmanager.com/gtag/js?id=G-431CC16XJX&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 07:54 Last Seen2023-11-14 07:54 Times Seen1 Hash 06349da5ca86aae9cc616df4a0f3f995 69e89a361b43115d173d58336c717115a7bc8588 07b8093a7b33e1cc994427b8df48c7152839784e3ba3c6bfa341c404d6a8fa9d Loading...

	s.zzcdn.me/ztr/ztracker.js?id=7056840457216708608	ScriptElement	24 kB	2023-07-03	2025-02-02
Pretty URL s.zzcdn.me/ztr/ztracker.js?id=7056840457216708608 IP 123.30.58.17 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-03 19:42 Last Seen2025-02-02 01:40 Times Seen221 Hash b23761a5547395d33e14d64d86fbb10e 58856a235a6414afe62cb23b667fd5b2867d7fb9 45b4fb3d724d209c5064eae7d20e445c8af7e7829aeebf0369de54febf7d8593 Loading...

	www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240	ScriptElement	96 B	2023-11-05	2024-08-20
Pretty URL www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240 IP 13.213.230.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-05 17:36 Last Seen2024-08-20 20:47 Times Seen2 Hash e74e502ee3dcdc547efbaf65f82b4f90 9fa6db618fe0d40d315ec0677b4d9e5b9d773a38 5d65cf59336f841e47fecdc271b7fc69c093e422eea729f105d53c0291d47f08 Loading...

	unknown	EventHandler	44 B	2023-04-11	2025-04-29
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-11 22:25 Last Seen2025-04-29 11:50 Times Seen1061 Hash dc4086226733e57bf59e1b8755308038 4289690bd47c375da1df322618a5ac8f65c84a9b d62ac494185516a31ddb4edcb73c7de33e5b6d7bda86dc94ec5610dc77e66bc8 Loading...

	www.googletagmanager.com/gtag/js?id=UA-142501317-5	ScriptElement	190 kB	2023-11-14	2023-11-14
Pretty URL www.googletagmanager.com/gtag/js?id=UA-142501317-5 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 07:54 Last Seen2023-11-14 07:54 Times Seen1 Hash c389f4a878033e8bac94518957d0d567 4c0db779283e81e41530e2c513ff8fd2d5a7593f 8ac83f0858b5e4adbba984a6afbf328f6e3cf588d2ca46207c6478e8c1187774 Loading...

	www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240	ScriptElement	429 B	2023-03-14	2025-04-17
Pretty URL www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240 IP 13.213.230.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 02:37 Last Seen2025-04-17 19:25 Times Seen23 Hash 8b14e1c1e32c82b4f0c7419a233458a4 1fd2d68c983d68bfee4c5823abd8717a0c4f2bc6 1ffff3b382cb5cd428837deddd16ca574c2e7aac95d92bfc1127b15a27017da1 Loading...

HTTP Transactions (27)

URL IP Response Size

zerossl.ocsp.sectigo.com/

104.18.38.233

728 B

URL
zerossl.ocsp.sectigo.com/
IP
104.18.38.233:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
40759e81211dd33dcb27c0f6b2b6f66d
712386504997159b2ebbf71b64d8b6395d283d7e
6577a710cd400d284c4bdeeb2f2b44fa1fbb603dd1c1d6d8b41139ed58dbad43

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 14 Nov 2023 06:54:26 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 12 Nov 2023 06:19:03 GMT
Expires: Sun, 19 Nov 2023 06:19:02 GMT
Etag: "712386504997159b2ebbf71b64d8b6395d283d7e"
Cache-Control: max-age=429275,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 825d57d8b91856c7-OSL

www.googletagmanager.com/gtag/js?id=UA-142501317-5

142.250.74.168

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-142501317-5
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (68596 bytes)
Hash
3f05253f70861b51ac4d87bff150113c
b3c962d53323d9df73bc2f717f8cec48809d1423
ca884041596038a0d2a1ce381c05f1bb363993d713ea8cfb7144e93e644b9027

HTTP Headers

GET /gtag/js?id=UA-142501317-5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 14 Nov 2023 06:54:27 GMT
expires: Tue, 14 Nov 2023 06:54:27 GMT
cache-control: private, max-age=900
last-modified: Tue, 14 Nov 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68596
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-142501317-5

142.250.74.168

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-142501317-5
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (68598 bytes)
Hash
c389f4a878033e8bac94518957d0d567
4c0db779283e81e41530e2c513ff8fd2d5a7593f
8ac83f0858b5e4adbba984a6afbf328f6e3cf588d2ca46207c6478e8c1187774

HTTP Headers

GET /gtag/js?id=UA-142501317-5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 14 Nov 2023 06:54:27 GMT
expires: Tue, 14 Nov 2023 06:54:27 GMT
cache-control: private, max-age=900
last-modified: Tue, 14 Nov 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68598
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-431CC16XJX&l=dataLayer&cx=c

142.250.74.168

200 OK

81 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-431CC16XJX&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT

File type
ASCII text, with very long lines (5955)
Size
81 kB (81009 bytes)
Hash
06349da5ca86aae9cc616df4a0f3f995
69e89a361b43115d173d58336c717115a7bc8588
07b8093a7b33e1cc994427b8df48c7152839784e3ba3c6bfa341c404d6a8fa9d

HTTP Headers

GET /gtag/js?id=G-431CC16XJX&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 14 Nov 2023 06:54:27 GMT
expires: Tue, 14 Nov 2023 06:54:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81009
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

w.ladicdn.com/s1440x1298/5c9893c323574e4c394c2cfd/mon2k-nguc-khung-hinh-12-1567939282.jpg

143.204.55.80

150 kB

URL GET
w.ladicdn.com/s1440x1298/5c9893c323574e4c394c2cfd/mon2k-nguc-khung-hinh-12-1567939282.jpg
IP
143.204.55.80:0
ASN
#16509 AMAZON-02

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerAmazon
Subjectw.ladicdn.com
Fingerprint91:81:42:8B:13:4C:F4:4D:E5:26:56:40:9C:9C:C9:AA:28:98:4B:4D
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
150 kB (150502 bytes)
Hash
7ca178f0ee5c2aeac3a869ab56352a90
3178c502ca3de0b47066931594ba4913aba3d8f5
b7a7b5f3c48735865ede0b492c53ba609d43fd37f7e920434f3148215b2e5475

HTTP Headers

GET /s1440x1298/5c9893c323574e4c394c2cfd/mon2k-nguc-khung-hinh-12-1567939282.jpg HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 12 Nov 2023 15:35:39 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
access-control-allow-credentials: true
access-control-max-age: 2592000
cache-control: public, max-age=31536000
expires: Mon, 11 Nov 2024 15:35:39 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GOzGGd9cv-a_pghe6LfGh8CR3O6prH95SlbSFLr_zymXNTAJigDC4g==
age: 141528
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pleasureshop.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 12 Nov 2023 06:45:14 GMT
expires: Mon, 11 Nov 2024 06:45:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 173354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pleasureshop.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Nov 2023 21:30:01 GMT
expires: Fri, 08 Nov 2024 21:30:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 379467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pleasureshop.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 12 Nov 2023 06:45:14 GMT
expires: Mon, 11 Nov 2024 06:45:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 173354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pleasureshop.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 12 Nov 2023 06:30:10 GMT
expires: Mon, 11 Nov 2024 06:30:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 174258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

216.58.207.227

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Size
35 kB (35120 bytes)
Hash
dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pleasureshop.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Nov 2023 21:36:49 GMT
expires: Thu, 07 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
age: 465459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

216.58.207.227

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Size
35 kB (35120 bytes)
Hash
dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pleasureshop.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Nov 2023 21:36:49 GMT
expires: Thu, 07 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
age: 465459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s.zzcdn.me/ztr/ztracker.js?id=7056840457216708608

123.30.58.17

200 OK

7.8 kB

URL GET HTTP/2
s.zzcdn.me/ztr/ztracker.js?id=7056840457216708608
IP
123.30.58.17:443
ASN
#45899 VNPT Corp

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerDigiCert, Inc.
Subject*.zzcdn.me
FingerprintF9:65:C4:9A:1D:A0:30:51:41:83:00:19:13:2B:14:DB:58:ED:61:48
ValidityTue, 10 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23835)
Size
7.8 kB (7848 bytes)
Hash
b23761a5547395d33e14d64d86fbb10e
58856a235a6414afe62cb23b667fd5b2867d7fb9
45b4fb3d724d209c5064eae7d20e445c8af7e7829aeebf0369de54febf7d8593

HTTP Headers

GET /ztr/ztracker.js?id=7056840457216708608 HTTP/1.1
Host: s.zzcdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
server: Universe
date: Tue, 14 Nov 2023 06:54:29 GMT
content-encoding: gzip
x-cache-status: HIT
age: 10277645
content-length: 7848
content-type: application/javascript
cache-control: no-cache
X-Firefox-Spdy: h2

static.ladipage.net/59ba0328fa9d7a513d2a9abe/native-3-20210820090152.jpg

52.76.24.172

134 B

URL GET
static.ladipage.net/59ba0328fa9d7a513d2a9abe/native-3-20210820090152.jpg
IP
52.76.24.172:0
ASN
#16509 AMAZON-02

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerAmazon
Subjectstatic.ladipage.net
Fingerprint06:B7:EB:46:7B:BC:A9:4A:07:A9:CD:D7:29:22:67:15:02:7E:3D:F0
ValidityWed, 21 Jun 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /59ba0328fa9d7a513d2a9abe/native-3-20210820090152.jpg HTTP/1.1
Host: static.ladipage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Tue, 14 Nov 2023 06:54:29 GMT
content-type: text/html
content-length: 134
location: https://w.ladicdn.com:443/59ba0328fa9d7a513d2a9abe/native-3-20210820090152.jpg
X-Firefox-Spdy: h2

log.adtimaserver.vn/ptrck/events?pixelId=7056840457216708608&url=https%3A%2F%2Fwww.pleasureshop.xyz%2Fsexy-school-girl%2Futm%3Dexoclick%26ad%3Dnativead%26zone%3D4464240

120.138.69.209

200 OK

264 B

URL GET HTTP/2
log.adtimaserver.vn/ptrck/events?pixelId=7056840457216708608&url=https%3A%2F%2Fwww.pleasureshop.xyz%2Fsexy-school-girl%2Futm%3Dexoclick%26ad%3Dnativead%26zone%3D4464240
IP
120.138.69.209:443
ASN
#38244 VNG Corporation

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerDigiCert Inc
Subject*.adtimaserver.vn
Fingerprint02:8D:C0:05:EA:F0:64:2B:1F:9F:C8:40:D2:EC:0C:66:5F:5A:9E:82
ValidityMon, 24 Apr 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
264 B (264 bytes)
Hash
c6bbdc33605f30531edcb8c878592990
827804654203f18692be943c0084ebb4f2f6b6f2
26b7a3d62b776389695e8b5946c8ff9a014c006b00a46edc9da189b0c17ae708

HTTP Headers

GET /ptrck/events?pixelId=7056840457216708608&url=https%3A%2F%2Fwww.pleasureshop.xyz%2Fsexy-school-girl%2Futm%3Dexoclick%26ad%3Dnativead%26zone%3D4464240 HTTP/1.1
Host: log.adtimaserver.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pleasureshop.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 14 Nov 2023 06:54:30 GMT
content-type: application/json;charset=utf-8
content-length: 264
access-control-allow-origin: *
access-control-expose-headers: X-sessionId,token
server: za-ngx-srv
X-Firefox-Spdy: h2

log.adtimaserver.vn/tracklp?type=pageview&pId=7056840457216708608&adtid=null&curl=https%3A%2F%2Fwww.pleasureshop.xyz%2Fsexy-school-girl%2Futm%3Dexoclick%26ad%3Dnativead%26zone%3D4464240&uid=&ver=1.1.29&ref=&dur=1&atmrk=0.11022246678616743

120.138.69.209

200 OK

8 B

URL GET HTTP/2
log.adtimaserver.vn/tracklp?type=pageview&pId=7056840457216708608&adtid=null&curl=https%3A%2F%2Fwww.pleasureshop.xyz%2Fsexy-school-girl%2Futm%3Dexoclick%26ad%3Dnativead%26zone%3D4464240&uid=&ver=1.1.29&ref=&dur=1&atmrk=0.11022246678616743
IP
120.138.69.209:443
ASN
#38244 VNG Corporation

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerDigiCert Inc
Subject*.adtimaserver.vn
Fingerprint02:8D:C0:05:EA:F0:64:2B:1F:9F:C8:40:D2:EC:0C:66:5F:5A:9E:82
ValidityMon, 24 Apr 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /tracklp?type=pageview&pId=7056840457216708608&adtid=null&curl=https%3A%2F%2Fwww.pleasureshop.xyz%2Fsexy-school-girl%2Futm%3Dexoclick%26ad%3Dnativead%26zone%3D4464240&uid=&ver=1.1.29&ref=&dur=1&atmrk=0.11022246678616743 HTTP/1.1
Host: log.adtimaserver.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 14 Nov 2023 06:54:30 GMT
content-type: text/html;charset=utf-8
content-length: 8
access-control-allow-origin: *
access-control-allow-credentials: true
server: za-ngx-srv
X-Firefox-Spdy: h2

log.adtimaserver.vn/ptrck/log?pId=7056840457216708608&eId=1393893465614933723&et=3&url=https%3A%2F%2Fwww.pleasureshop.xyz%2Fsexy-school-girl%2Futm%3Dexoclick%26ad%3Dnativead%26zone%3D4464240&value=&adtid=null&curl=https%3A%2F%2Fwww.pleasureshop.xyz%2Fsexy-school-girl%2Futm%3Dexoclick%26ad%3Dnativead%26zone%3D4464240&uid=&ver=1.1.29&ref=&estd=ViewContent&atmrk=0.7549217147087331

120.138.69.209

200 OK

21 B

URL GET HTTP/2
log.adtimaserver.vn/ptrck/log?pId=7056840457216708608&eId=1393893465614933723&et=3&url=https%3A%2F%2Fwww.pleasureshop.xyz%2Fsexy-school-girl%2Futm%3Dexoclick%26ad%3Dnativead%26zone%3D4464240&value=&adtid=null&curl=https%3A%2F%2Fwww.pleasureshop.xyz%2Fsexy-school-girl%2Futm%3Dexoclick%26ad%3Dnativead%26zone%3D4464240&uid=&ver=1.1.29&ref=&estd=ViewContent&atmrk=0.7549217147087331
IP
120.138.69.209:443
ASN
#38244 VNG Corporation

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerDigiCert Inc
Subject*.adtimaserver.vn
Fingerprint02:8D:C0:05:EA:F0:64:2B:1F:9F:C8:40:D2:EC:0C:66:5F:5A:9E:82
ValidityMon, 24 Apr 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
ed0bf75af858f5591d1a828b1eb0401e
77b895a46960cfb0136381ac4102edbbff62c754
2db5c83947e9ea77e157e2cc0bc39aee8008dea9459684908f2742eec3a07d09

HTTP Headers

GET /ptrck/log?pId=7056840457216708608&eId=1393893465614933723&et=3&url=https%3A%2F%2Fwww.pleasureshop.xyz%2Fsexy-school-girl%2Futm%3Dexoclick%26ad%3Dnativead%26zone%3D4464240&value=&adtid=null&curl=https%3A%2F%2Fwww.pleasureshop.xyz%2Fsexy-school-girl%2Futm%3Dexoclick%26ad%3Dnativead%26zone%3D4464240&uid=&ver=1.1.29&ref=&estd=ViewContent&atmrk=0.7549217147087331 HTTP/1.1
Host: log.adtimaserver.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 14 Nov 2023 06:54:30 GMT
content-type: application/json;charset=utf-8
content-length: 21
access-control-allow-origin: *
access-control-expose-headers: X-sessionId,token
server: za-ngx-srv
X-Firefox-Spdy: h2

a.ladipage.com/event

13.250.196.120

200 OK

106 B

URL POST HTTP/2
a.ladipage.com/event
IP
13.250.196.120:443
ASN
#16509 AMAZON-02

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerAmazon
Subjecta.ladipage.com
Fingerprint62:67:EE:A4:F2:A1:8E:D8:49:2A:21:9C:99:14:BF:72:5A:21:0A:9D
ValidityThu, 18 May 2023 00:00:00 GMT - Sat, 15 Jun 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
106 B (106 bytes)
Hash
1b0fbcd644b2fd5e7f516acf3aecbd83
8154d902bb9bcc1d424998b5cfd94ae1b065d6ac
09b06d2aef938b6e871e050d0d1079b124634036a142fa23cc47aed667c9f5bc

HTTP Headers

POST /event HTTP/1.1
Host: a.ladipage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
LADI_CLIENT_ID: d6dbad13-d3af-415b-6115-4d4c305c0c61
LADI_PAGE_VIEW: 1
LADI_FORM_SUBMIT: 0
LADI_CAMP_ID: 
LADI_CAMP_NAME: 
LADI_CAMP_TYPE: 
LADI_CAMP_TARGET_URL: 
LADI_CAMP_ORIGIN_URL: 
LADI_CAMP_PAGE_VIEW: 0
LADI_CAMP_FORM_SUBMIT: 0
Content-Length: 280
Origin: https://www.pleasureshop.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 14 Nov 2023 06:54:28 GMT
content-type: text/plain; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age: 2592000
X-Firefox-Spdy: h2

a.ladipage.com/event

13.250.196.120

200 OK

0 B

URL OPTIONS HTTP/2
a.ladipage.com/event
IP
13.250.196.120:443
ASN
#16509 AMAZON-02

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerAmazon
Subjecta.ladipage.com
Fingerprint62:67:EE:A4:F2:A1:8E:D8:49:2A:21:9C:99:14:BF:72:5A:21:0A:9D
ValidityThu, 18 May 2023 00:00:00 GMT - Sat, 15 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event HTTP/1.1
Host: a.ladipage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Referer: https://www.pleasureshop.xyz/
Origin: https://www.pleasureshop.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 14 Nov 2023 06:54:28 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age: 2592000
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

w.ladicdn.com/v2/source/ladipage.formdata.min.js?v=1698396014328

143.204.55.80

200 OK

56 kB

URL GET HTTP/2
w.ladicdn.com/v2/source/ladipage.formdata.min.js?v=1698396014328
IP
143.204.55.80:443
ASN
#16509 AMAZON-02

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerAmazon
Subjectw.ladicdn.com
Fingerprint91:81:42:8B:13:4C:F4:4D:E5:26:56:40:9C:9C:C9:AA:28:98:4B:4D
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
56 kB (55755 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2/source/ladipage.formdata.min.js?v=1698396014328 HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
server: nginx
date: Sat, 21 Oct 2023 06:11:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
access-control-allow-credentials: true
access-control-max-age: 2592000
cache-control: public, max-age=31536000
expires: Sun, 20 Oct 2024 06:11:19 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UqHqbXKVSznMFr4ORtWk0zZd4YvdfGAtSXKAuVKqVwxfjMQjYzKLdA==
age: 2076188
X-Firefox-Spdy: h2

w.ladicdn.com/s600x400/59ba0328fa9d7a513d2a9abe/pleasureshopph-20210819133908.png

0.0.0.0

0 B

URL GET
w.ladicdn.com/s600x400/59ba0328fa9d7a513d2a9abe/pleasureshopph-20210819133908.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerAmazon
Subjectw.ladicdn.com
Fingerprint91:81:42:8B:13:4C:F4:4D:E5:26:56:40:9C:9C:C9:AA:28:98:4B:4D
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s600x400/59ba0328fa9d7a513d2a9abe/pleasureshopph-20210819133908.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
server: nginx
date: Sun, 12 Nov 2023 15:35:39 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
access-control-allow-credentials: true
access-control-max-age: 2592000
cache-control: public, max-age=31536000
expires: Mon, 11 Nov 2024 15:35:39 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: X60Oqc1mwnkvDj8lYrcQQ-zgj3k62n4ol_QxlhozED1ZnZGRqdNxwg==
age: 141528
X-Firefox-Spdy: h2

www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240

13.213.230.75

200 OK

145 kB

URL User Request GET HTTP/2
www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
IP
13.213.230.75:443
ASN
#16509 AMAZON-02

Certificate
IssuerZeroSSL
Subjectwww.pleasureshop.xyz
Fingerprint94:24:39:29:B5:FC:F1:AB:D9:2B:42:24:F9:88:A2:92:54:F3:71:21
ValidityThu, 09 Nov 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT

File type

Size
145 kB (145089 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240 HTTP/1.1
Host: www.pleasureshop.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Tue, 14 Nov 2023 06:54:26 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
set-cookie: LADI_DNS_CHECK="2023-11-14 06:54:26.986535458 +0000 UTC m=+519867.652595191"; Expires=Fri, 11 Nov 2033 06:54:26 GMT
LADI_CLIENT_ID=d6dbad13-d3af-415b-6115-4d4c305c0c61; Expires=Fri, 11 Nov 2033 06:54:26 GMT
LADI_PAGE_VIEW=0; Path=/sexy-school-girl; Expires=Fri, 11 Nov 2033 06:54:26 GMT
LADI_PAGE_VIEW_PATH=0; Path=/sexy-school-girl; Expires=Fri, 11 Nov 2033 06:54:26 GMT
LADI_FORM_SUBMIT=0; Path=/sexy-school-girl; Expires=Fri, 11 Nov 2033 06:54:26 GMT
LADI_FORM_SUBMIT_PATH=0; Path=/sexy-school-girl; Expires=Fri, 11 Nov 2033 06:54:26 GMT
LADI_PAGE_VIEW=1; Path=/sexy-school-girl; Expires=Fri, 11 Nov 2033 06:54:26 GMT
LADI_PAGE_VIEW_PATH=1; Path=/sexy-school-girl; Expires=Fri, 11 Nov 2033 06:54:26 GMT
LADI_CAMP_ID=; Path=/sexy-school-girl; Max-Age=0
LADI_CAMP_NAME=; Path=/sexy-school-girl; Max-Age=0
LADI_CAMP_TYPE=; Path=/sexy-school-girl; Max-Age=0
LADI_CAMP_ORIGIN_URL=; Path=/sexy-school-girl; Max-Age=0
LADI_CAMP_TARGET_URL=; Path=/sexy-school-girl; Max-Age=0
LADI_CAMP_PAGE_VIEW=; Path=/sexy-school-girl; Max-Age=0
LADI_CAMP_PAGE_VIEW_PATH=; Path=/sexy-school-girl; Max-Age=0
LADI_CAMP_FORM_SUBMIT=; Path=/sexy-school-girl; Max-Age=0
LADI_CAMP_FORM_SUBMIT_PATH=; Path=/sexy-school-girl; Max-Age=0
LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Path=/sexy-school-girl; Max-Age=0
LADI_CAMP_BEHAVIOR_PAGE_VIEW_PATH=; Path=/sexy-school-girl; Max-Age=0
LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Path=/sexy-school-girl; Max-Age=0
LADI_CAMP_BEHAVIOR_FORMSUBMIT_PATH=; Path=/sexy-school-girl; Max-Age=0
LADI_CAMP_CONFIG=; Path=/sexy-school-girl; Max-Age=0
LADI_CAMP_END_DATE=; Path=/sexy-school-girl; Max-Age=0
LADI_FUNNEL_NEXT_URL=; Path=/sexy-school-girl; Max-Age=0
LADI_FUNNEL_PREV_URL=; Path=/sexy-school-girl; Max-Age=0
statuscode: 200
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2

trk.ero-analytics.com/tracking/track.js

0.0.0.0

0 B

URL GET
trk.ero-analytics.com/tracking/track.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tracking/track.js HTTP/1.1
Host: trk.ero-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Roboto:wght@400;700&display=swap

142.250.74.106

200 OK

10 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Roboto:wght@400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT

File type
ASCII text
Size
10 kB (10396 bytes)
Hash
9a00ff90678d8d3093b10c70a4abf32c
b019dc5688ae6e40861c21759d85ebb6a215fa06
b652537223da3131b5bc05b5487b63142e5f8e0dca47b75b0b5c335fee8c7f47

HTTP Headers

GET /css2?family=Open+Sans:wght@400;700&family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 14 Nov 2023 06:54:27 GMT
date: Tue, 14 Nov 2023 06:54:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

w.ladicdn.com/v2/source/ladipagev3.min.js?v=1698396014328

143.204.55.80

200 OK

395 kB

URL GET HTTP/2
w.ladicdn.com/v2/source/ladipagev3.min.js?v=1698396014328
IP
143.204.55.80:443
ASN
#16509 AMAZON-02

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerAmazon
Subjectw.ladicdn.com
Fingerprint91:81:42:8B:13:4C:F4:4D:E5:26:56:40:9C:9C:C9:AA:28:98:4B:4D
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
395 kB (395136 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2/source/ladipagev3.min.js?v=1698396014328 HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
server: nginx
date: Wed, 08 Nov 2023 10:15:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
access-control-allow-credentials: true
access-control-max-age: 2592000
cache-control: public, max-age=31536000
expires: Thu, 07 Nov 2024 10:15:14 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sDupIj8WPlI4gjRlNDkpJS1UKXdF0TArVH9YJdeVfut_i9nb51pvhg==
age: 506353
X-Firefox-Spdy: h2

w.ladicdn.com/59ba0328fa9d7a513d2a9abe/native-3-20210820090152.jpg

0.0.0.0

0 B

URL GET
w.ladicdn.com/59ba0328fa9d7a513d2a9abe/native-3-20210820090152.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerAmazon
Subjectw.ladicdn.com
Fingerprint91:81:42:8B:13:4C:F4:4D:E5:26:56:40:9C:9C:C9:AA:28:98:4B:4D
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /59ba0328fa9d7a513d2a9abe/native-3-20210820090152.jpg HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pleasureshop.xyz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 12 Nov 2023 11:57:51 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
access-control-allow-credentials: true
access-control-max-age: 2592000
cache-control: public, max-age=31536000
expires: Mon, 11 Nov 2024 11:57:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ucJhXU4lDj-atAlG33Dz3l1_eiEMFcKX0vxLMccnWKDbOOaOm6PMIA==
age: 154598
X-Firefox-Spdy: h2

trk.ero-analytics.com/tracking/track.js

0.0.0.0

0 B

URL GET
trk.ero-analytics.com/tracking/track.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tracking/track.js HTTP/1.1
Host: trk.ero-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

w.ladicdn.com/s750x750/5c9893c323574e4c394c2cfd/sexy-school-girl-95x165x85-20200423071004.jpg

0.0.0.0

0 B

URL GET
w.ladicdn.com/s750x750/5c9893c323574e4c394c2cfd/sexy-school-girl-95x165x85-20200423071004.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.pleasureshop.xyz/sexy-school-girl/utm=exoclick&ad=nativead&zone=4464240
Certificate
IssuerAmazon
Subjectw.ladicdn.com
Fingerprint91:81:42:8B:13:4C:F4:4D:E5:26:56:40:9C:9C:C9:AA:28:98:4B:4D
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s750x750/5c9893c323574e4c394c2cfd/sexy-school-girl-95x165x85-20200423071004.jpg HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pleasureshop.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Tue, 14 Nov 2023 06:54:28 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
access-control-allow-credentials: true
access-control-max-age: 2592000
cache-control: public, max-age=31536000
expires: Wed, 13 Nov 2024 06:54:28 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: i1X5F1eXXxKOaqcYIkarkKa3-BDMajCzwRy0ckdyLE8GBt8GSc7umw==
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by