Report - jav24.uk/video/pkpk-039

Report Overview

Visited public
2024-12-12 04:50:02
Tags
URL
jav24.uk/video/pkpk-039
Finishing URL
jav24.uk/video/pkpk-039
IP / ASN
104.21.70.49
#13335 CLOUDFLARENET
Title
PKPK-039 摩卡 - JAV24

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
jav24.uk	unknown	2024-10-29	2024-12-10	2024-12-10	4.6 kB	148 kB	104.21.70.49
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22	2024-12-11	1.0 kB	701 B	157.90.84.242
i.jav24.uk	unknown	2024-10-29	2024-12-10	2024-12-10	2.2 kB	1.1 MB	104.21.70.49
js.cabnnr.com	37463	2021-08-30	2021-08-30	2024-12-07	410 B	56 kB	45.133.44.52
www.googletagmanager.com	75	2011-11-11	2012-10-04	2024-12-11	417 B	331 kB	142.250.74.168
nereserv.com	40015	2020-12-21	2020-12-21	2024-12-06	1.7 kB	960 B	116.202.249.56
accounts.google.com	81	1997-09-15	2012-05-23	2024-12-11	3.0 kB	18 kB	64.233.161.84
awpya.com	unknown	2022-04-21	2022-04-21	2024-12-12	13 kB	10 kB	116.202.249.56
static.bookmsg.com	47495	2020-09-15	2020-11-24	2024-12-06	943 B	2.2 kB	45.133.44.25
js.wpshsdk.com	12130	2021-06-04	2021-06-04	2024-12-08	403 B	18 kB	45.133.44.53
7ca85fa8fc.937e30a10b.com	unknown	unknown	No data	No data	2.3 kB	481 kB	45.133.44.52
enrtx.com	unknown	2024-10-07	2024-11-04	2024-12-07	466 B	23 kB	94.130.197.239
p.a64x.com	unknown	2023-07-27	2023-07-27	2024-12-07	1.4 kB	917 B	104.21.19.82
23e023321c.c12c813990.com	unknown	2024-11-12	2024-12-12	2024-12-12	815 B	345 B	45.133.44.52
image.jav24.uk	unknown	2024-10-29	2024-12-10	2024-12-10	470 B	130 kB	104.21.70.49
gfxdn.pics	unknown	2024-10-01	2024-10-01	2024-12-07	873 B	8.1 kB	45.133.44.24
storage.multstorage.com	unknown	2023-09-22	2023-09-22	2024-12-06	520 B	1.8 kB	104.21.30.242
js.capndr.com	316718	2021-08-30	2021-08-30	2024-12-11	397 B	399 B	45.133.44.53

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-12	medium	937e30a10b.com	Sinkholed
2024-12-12	medium	937e30a10b.com	Sinkholed
2024-12-12	medium	937e30a10b.com	Sinkholed
2024-12-12	medium	937e30a10b.com	Sinkholed
2024-12-12	medium	c12c813990.com	Sinkholed
2024-12-12	medium	937e30a10b.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (11)

	URL	From	Size	First Seen	Last Seen
	js.cabnnr.com/banner-admanager/build.m.js	ScriptElement	56 kB	2024-12-09	2025-01-05
Pretty URL js.cabnnr.com/banner-admanager/build.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-09 16:11 Last Seen2025-01-05 08:06 Times Seen90 Hash 26bf1cb2f7ffe706da36bf8f3883f3bd 6bac27d81e13ebb3c23ef5168b6857e8c5896d57 13dc40e36579935df5900a7c29625e3c28bf70b3de03df24c357b5ee02d708c1 Loading...

	jav24.uk/main.js?1733978968	ScriptElement	16 kB	2024-12-10	2024-12-30
Pretty URL jav24.uk/main.js?1733978968 IP 104.21.70.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-10 02:29 Last Seen2024-12-30 15:49 Times Seen7 Hash dcf8fe786d40553f357d8e8cb1446f72 ba819d38819e1fe699be6469b5d726d9696100b0 c34b1b2dc9b9fb6b57b64ba6ad65ac970a7cea53d10a6e0cec05745583e1d4df Loading...

	unknown	ScriptElement	6.4 kB	2024-12-10	2024-12-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-10 02:29 Last Seen2024-12-30 15:49 Times Seen7 Hash 47e3c01a59098f5340ab0cda9d63de6d 587ce9f44b9e2b1425ac26e2403432ad8d8ea14e 5e38aca4696ae889f35cd380411378e39afa849d6b038ce590c3c56fbb568afa Loading...

	7ca85fa8fc.937e30a10b.com/1e9ff3e823410bdba00f06da9a27bbb1.js	ScriptElement	122 kB	2024-12-05	2025-01-22
Pretty URL 7ca85fa8fc.937e30a10b.com/1e9ff3e823410bdba00f06da9a27bbb1.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 15:05 Last Seen2025-01-22 09:19 Times Seen1163 Hash 19c6f6233262cf16d5b6e475f3d8a44c f172778db5959e847ce5d378947c56fe75f6df56 78c30b418896961856ee26e09ac3990b9e790852ad1333a0d30e8ede9f771a6f Loading...

	js.capndr.com/advertising.js	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL js.capndr.com/advertising.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 03:33 Times Seen4633650 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	storage.multstorage.com/log/count.html	ScriptElement	718 B	2023-09-18	2025-03-01
Pretty URL storage.multstorage.com/log/count.html IP 104.21.30.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-18 17:19 Last Seen2025-03-01 23:33 Times Seen12563 Hash 1f697a0f2411e463adbc1211493fe5a6 93c154152bda427938543b8efbd8d3b594abbac7 08a5735f5232b651af89f552e8d0fb7b21d6605fba48f335318699d80d12703e Loading...

	7ca85fa8fc.937e30a10b.com/c95321ed26030eb2479010d3fe865570.js	ScriptElement	107 kB	2024-12-11	2025-01-10
Pretty URL 7ca85fa8fc.937e30a10b.com/c95321ed26030eb2479010d3fe865570.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-11 21:09 Last Seen2025-01-10 15:41 Times Seen315 Hash de644f1c86b24df53fd021f17f75ac2e 045c83a53bd32d3b059371255bf7b254f5a9233e e2169889c4ed69b44773f6b1bba57b4b49c2b62a7690d4ce66a192809fc90332 Loading...

	js.wpshsdk.com/npc/sdk/push.m.js?v=1	ScriptElement	34 kB	2024-12-07	2025-03-05
Pretty URL js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-07 12:58 Last Seen2025-03-05 04:00 Times Seen469 Hash 985ea4d0139882b0e583d462544acc0b c067c6a11f3bf6d875f9b8cc948d7473c83319af 93f8cd419860ef7d55f240489773576d51e17865e7a82c286d4e6799fba661be Loading...

	www.googletagmanager.com/gtag/js?id=G-29VR3V2H80	ScriptElement	330 kB	2024-12-12	2024-12-12
Pretty URL www.googletagmanager.com/gtag/js?id=G-29VR3V2H80 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 04:50 Last Seen2024-12-12 04:50 Times Seen1 Hash 98df981a72af3a7f39d292c072c78b38 ee3bf5dfc8123ca3bfd47beed1de5a5d742b968a 77ce286fad141ba9f62777e8aaa12447f89155aec70513479f9a559276092517 Loading...

	7ca85fa8fc.937e30a10b.com/3ff4c9507484dbc0ed325181e023a76b.js	ScriptElement	190 kB	2024-11-12	2024-12-16
Pretty URL 7ca85fa8fc.937e30a10b.com/3ff4c9507484dbc0ed325181e023a76b.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-12 19:23 Last Seen2024-12-16 05:46 Times Seen287 Hash fcd297ffcae9f4a3b3145e19bc9f0aba 655c11df65b219e0b5ba042ab7ae7f7ee3bdb825 7c00201e3af3d0d4022425c32a6c0e8139dfa0343f3fbf1d7a8fc3f8b5734fba Loading...

	7ca85fa8fc.937e30a10b.com/b42dd517c7dfcf28cf28c21d205f241c.js	ScriptElement	552 kB	2024-11-12	2025-01-03
Pretty URL 7ca85fa8fc.937e30a10b.com/b42dd517c7dfcf28cf28c21d205f241c.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-12 19:23 Last Seen2025-01-03 08:04 Times Seen292 Hash ddd7c183ff6177f50f8cbdd10a21d187 a6da18fe0ea3c0dd0be5d580113bcf030ec3ac46 672ed964c28cd87d6396cc8fc306efae3f88823829f9aec3970df2a60cfe7667 Loading...

HTTP Transactions (45)

URL IP Response Size

jav24.uk/style.css?1733978968

104.21.70.49

200 OK

113 kB

URL GET HTTP/3
jav24.uk/style.css?1733978968
IP
104.21.70.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectjav24.uk
Fingerprint3E:92:F8:66:27:89:54:77:5E:04:E3:03:B6:AA:F7:F8:00:93:0F:95
ValidityTue, 29 Oct 2024 05:38:18 GMT - Mon, 27 Jan 2025 05:38:17 GMT

File type
ASCII text, with very long lines (15260)
Size
113 kB (112920 bytes)
Hash
0a6f0efb31a39dae78438f07673b76e7
3ecd42d722e620ea1e498db4b6ecfa1a3b5da064
b254b04c0d78bccbd8e860b5d0c696ab2dada9fe23113e614e1912d4318eb6ca

HTTP Headers

GET /style.css?1733978968 HTTP/1.1
Host: jav24.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/video/pkpk-039
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 12 Dec 2024 04:49:37 GMT
content-type: text/css
last-modified: Wed, 04 Sep 2024 10:32:56 GMT
etag: W/"3b9d-62148b27a8600"
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7DHdqlaSb%2F13tfXBmWNtHXL1s2DssAm10BI4g7CIfDlmhNjFC8TbbWbN3FDlpOMfmIx67Ppdrgp%2BMxlFM4px4oK%2FDlNnFtwha9UVv7ULp4nq6cZNtYsDU1xYWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f0b16ba1997b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3772&min_rtt=1671&rtt_var=2127&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4134&recv_bytes=1745&delivery_rate=355428&cwnd=12000&unsent_bytes=0&cid=47931de4fb5f28a8&ts=1080&x=1", cfExtPri, cfHdrFlush;dur=0

jav24.uk/main.js?1733978968

104.21.70.49

200 OK

6.1 kB

URL GET HTTP/3
jav24.uk/main.js?1733978968
IP
104.21.70.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectjav24.uk
Fingerprint3E:92:F8:66:27:89:54:77:5E:04:E3:03:B6:AA:F7:F8:00:93:0F:95
ValidityTue, 29 Oct 2024 05:38:18 GMT - Mon, 27 Jan 2025 05:38:17 GMT

File type
JavaScript source, ASCII text, with very long lines (16029)
Size
6.1 kB (6075 bytes)
Hash
dcf8fe786d40553f357d8e8cb1446f72
ba819d38819e1fe699be6469b5d726d9696100b0
c34b1b2dc9b9fb6b57b64ba6ad65ac970a7cea53d10a6e0cec05745583e1d4df

HTTP Headers

GET /main.js?1733978968 HTTP/1.1
Host: jav24.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/video/pkpk-039
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 12 Dec 2024 04:49:37 GMT
content-type: application/javascript
last-modified: Fri, 22 Nov 2024 06:22:26 GMT
etag: W/"3e9e-6277a68158c80"
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M4XWtzs6gsifWDbJyhBdUQOh6EF%2B0i8RB%2BPjoYPQiKHTs0OQHjGmnculKb2vW7eUuphyi%2BcrBFy%2B1xX12VAuB6JXSJzTokDRX49pPwgD%2B6RWakiJkTnnCnCjAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f0b16ba299cb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3772&min_rtt=1671&rtt_var=2127&sent=18&recv=10&lost=0&retrans=0&sent_bytes=8088&recv_bytes=1745&delivery_rate=355428&cwnd=12000&unsent_bytes=0&cid=47931de4fb5f28a8&ts=1081&x=1", cfExtPri, cfHdrFlush;dur=0

image.jav24.uk/b/5/f/0/b5f08d920f856d43356b78b44598380c/thumbnail.jpg

104.21.70.49

200 OK

130 kB

URL GET HTTP/3
image.jav24.uk/b/5/f/0/b5f08d920f856d43356b78b44598380c/thumbnail.jpg
IP
104.21.70.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectjav24.uk
Fingerprint3E:92:F8:66:27:89:54:77:5E:04:E3:03:B6:AA:F7:F8:00:93:0F:95
ValidityTue, 29 Oct 2024 05:38:18 GMT - Mon, 27 Jan 2025 05:38:17 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 840x475, components 3
Size
130 kB (129558 bytes)
Hash
ca52ed4546aaa5bff11a8eec753687e0
5e376ff76510448a138de6953a3c10246ba129fb
37610c8e2ff673e4c977258e2c919f54c4b305fbd21cc35848ef11078ea1ed37

HTTP Headers

GET /b/5/f/0/b5f08d920f856d43356b78b44598380c/thumbnail.jpg HTTP/1.1
Host: image.jav24.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 12 Dec 2024 04:49:37 GMT
content-type: image/jpeg
content-length: 129558
etag: "ca52ed4546aaa5bff11a8eec753687e0"
last-modified: Sun, 01 Sep 2024 11:58:51 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ka80WSipkg0oe3cnZBuXC33lRQC9GUtTXiOa4fX1eOz6bq6Iw016yLcbA%2BFuMp1w2d0wixDXxfrEBB5PTlovBCrpwrSBXTzWZP50Z2b80LfQ9bI7WdllNhVyYz3TEPsTaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f0b16ba29a1b4f9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3217&min_rtt=1160&rtt_var=2177&sent=28&recv=13&lost=0&retrans=0&sent_bytes=17621&recv_bytes=2097&delivery_rate=11210&cwnd=12000&unsent_bytes=0&cid=47931de4fb5f28a8&ts=1514&x=1", cfExtPri, cfHdrFlush;dur=0

jav24.uk/video/pkpk-039?v=1

104.21.70.49

200 OK

15 B

URL POST HTTP/3
jav24.uk/video/pkpk-039?v=1
IP
104.21.70.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectjav24.uk
Fingerprint3E:92:F8:66:27:89:54:77:5E:04:E3:03:B6:AA:F7:F8:00:93:0F:95
ValidityTue, 29 Oct 2024 05:38:18 GMT - Mon, 27 Jan 2025 05:38:17 GMT

File type
JSON text data
Size
15 B (15 bytes)
Hash
d571cf93302c6335467f8bd7c69e5336
a6e1cd0d399391d8952d0c82e176c2a35933e20f
f7d595a699860f394598b720a015537850464e5e469c0783005b3f126f2285b8

HTTP Headers

POST /video/pkpk-039?v=1 HTTP/1.1
Host: jav24.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jav24.uk/video/pkpk-039
Content-Type: application/x-www-form-urlencoded
Content-Length: 6
Origin: https://jav24.uk
DNT: 1
Connection: keep-alive
Cookie: _ga_29VR3V2H80=GS1.1.1733978977.1.0.1733978977.0.0.0; _ga=GA1.1.2133221516.1733978978
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 12 Dec 2024 04:49:38 GMT
content-type: text/plain; Charset=UTF-8;charset=UTF-8
content-length: 15
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9AD4QASAziWowBh1W4fPkwcRVyH1pkN6iCGe%2B6WTuhoca0uMXq12dtHcYaA3T%2Fghf1k5OSltwov8EVVZ765yaX5ocEDwjpY99AqlT1xDk5F063LKIkXhZ4pRaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f0b16c5b840b4f9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2342&min_rtt=1160&rtt_var=1485&sent=143&recv=20&lost=0&retrans=0&sent_bytes=152285&recv_bytes=3952&delivery_rate=6916&cwnd=96000&unsent_bytes=0&cid=47931de4fb5f28a8&ts=2396&x=1", cfExtPri, cfHdrFlush;dur=0

jav24.uk/footera/

104.21.70.49

200 OK

3.5 kB

URL POST HTTP/3
jav24.uk/footera/
IP
104.21.70.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectjav24.uk
Fingerprint3E:92:F8:66:27:89:54:77:5E:04:E3:03:B6:AA:F7:F8:00:93:0F:95
ValidityTue, 29 Oct 2024 05:38:18 GMT - Mon, 27 Jan 2025 05:38:17 GMT

File type
ASCII text, with very long lines (18624), with no line terminators
Size
3.5 kB (3496 bytes)
Hash
1a7d59cb5fa82e8548a37e6266508038
ae7d60ff799dd7b6d24b87b9c06d8fd460a8a381
04700a16a28adea8cfefd8c063355f33cb11e7437d8bd66300eca1f6045f6209

HTTP Headers

POST /footera/ HTTP/1.1
Host: jav24.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jav24.uk/video/pkpk-039
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://jav24.uk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 12 Dec 2024 04:49:37 GMT
content-type: text/plain;charset=UTF-8
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xq3Pr%2FKtL8ooY8n2E2uyu%2FAxapmeZSHZQyty1Hf9%2Fd8G1WqpcEiLrI4te6sAonSp7NgqjvXKUeOOLFQaSI532mdLWmL%2BbwfWJbH2Qbyu%2FhSFfETONRRToLu1zw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f0b16bfccdeb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3510&min_rtt=1671&rtt_var=2120&sent=25&recv=12&lost=0&retrans=0&sent_bytes=14517&recv_bytes=2054&delivery_rate=9741&cwnd=12000&unsent_bytes=0&cid=47931de4fb5f28a8&ts=1439&x=1", cfExtPri, cfHdrFlush;dur=0

fp.metricswpsh.com/fp?tag_id=218315

157.90.84.242

204 No Content

0 B

URL OPTIONS HTTP/1.1
fp.metricswpsh.com/fp?tag_id=218315
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintEE:9A:59:DB:A9:CD:73:0A:9C:87:AC:9F:FE:A1:90:AA:A1:7E:F8:D4
ValidityThu, 07 Nov 2024 10:40:28 GMT - Wed, 05 Feb 2025 10:40:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=218315 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://jav24.uk/
Origin: https://jav24.uk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Thu, 12 Dec 2024 04:49:38 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://jav24.uk
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

fp.metricswpsh.com/fp?tag_id=218315

157.90.84.242

500 Internal Server Error

36 B

URL OPTIONS HTTP/1.1
fp.metricswpsh.com/fp?tag_id=218315
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintEE:9A:59:DB:A9:CD:73:0A:9C:87:AC:9F:FE:A1:90:AA:A1:7E:F8:D4
ValidityThu, 07 Nov 2024 10:40:28 GMT - Wed, 05 Feb 2025 10:40:27 GMT

File type
JSON text data
Size
36 B (36 bytes)
Hash
0849660b654e3a313882a44c0e7dc08a
b1493d6ce204eb99837d9b33849d1458093a6e6d
6e73b83ae8fcdaf81421a4236c9f817a9e4ea0fa931bf696f72872b266bd83e6

HTTP Headers

POST /fp?tag_id=218315 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1949
Origin: https://jav24.uk
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 500 Internal Server Error
Server: nginx/1.20.1
Date: Thu, 12 Dec 2024 04:49:38 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 36
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://jav24.uk
Vary: Origin

7ca85fa8fc.937e30a10b.com/c95321ed26030eb2479010d3fe865570.js

45.133.44.52

200 OK

32 kB

URL GET HTTP/2
7ca85fa8fc.937e30a10b.com/c95321ed26030eb2479010d3fe865570.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subject7ca85fa8fc.937e30a10b.com
FingerprintD1:CE:1F:CB:10:30:F1:A5:F4:80:DD:C8:9A:0E:CD:F8:E7:E7:EF:EB
ValidityMon, 09 Dec 2024 02:15:00 GMT - Sun, 09 Mar 2025 02:14:59 GMT

File type
gzip compressed data, from Unix
Size
32 kB (31508 bytes)
Hash
a06b13246d5e1975e62d95d1e8c30310
d98c42a5e9b5c89a74280fa77294a9aff307dadb
92dbc124d08c68ac94525443bcdd0fee8543a6c71a61390a90c8eb795f69fd31

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /c95321ed26030eb2479010d3fe865570.js HTTP/1.1
Host: 7ca85fa8fc.937e30a10b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:38 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 11 Dec 2024 14:14:15 GMT
etag: W/"67599e37-1a372"
content-encoding: gzip
expires: Thu, 12 Dec 2024 04:54:38 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds8138
access-control-allow-origin: *
X-Firefox-Spdy: h2

nereserv.com/in/dip?event_id=651d202b-63fa-43a3-be97-787bd8305f46&subid=1273364912&spot_id=1407058&created_at=2024-12-12&timezone=0&ver=1.158.2

116.202.249.56

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?event_id=651d202b-63fa-43a3-be97-787bd8305f46&subid=1273364912&spot_id=1407058&created_at=2024-12-12&timezone=0&ver=1.158.2
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintEE:9A:59:DB:A9:CD:73:0A:9C:87:AC:9F:FE:A1:90:AA:A1:7E:F8:D4
ValidityThu, 07 Nov 2024 10:40:28 GMT - Wed, 05 Feb 2025 10:40:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?event_id=651d202b-63fa-43a3-be97-787bd8305f46&subid=1273364912&spot_id=1407058&created_at=2024-12-12&timezone=0&ver=1.158.2 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jav24.uk
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Thu, 12 Dec 2024 04:49:39 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

7ca85fa8fc.937e30a10b.com/6aadac3b5d7886ddb11d44b79f903f08/218315?version_name=d&domain=jav24.uk

45.133.44.52

200 OK

4.7 kB

URL GET HTTP/2
7ca85fa8fc.937e30a10b.com/6aadac3b5d7886ddb11d44b79f903f08/218315?version_name=d&domain=jav24.uk
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subject7ca85fa8fc.937e30a10b.com
FingerprintD1:CE:1F:CB:10:30:F1:A5:F4:80:DD:C8:9A:0E:CD:F8:E7:E7:EF:EB
ValidityMon, 09 Dec 2024 02:15:00 GMT - Sun, 09 Mar 2025 02:14:59 GMT

File type
JSON text data
Size
4.7 kB (4670 bytes)
Hash
590fa0d7c090a36de9bf37c209c6c344
e10d7c095eb03ac2d74fe22cf0071aea93d7fc33
2312d3a4c16139f499b3e1cb3d8719c66fe7e6224189d0f80e8b6ccdab1f7dd6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /6aadac3b5d7886ddb11d44b79f903f08/218315?version_name=d&domain=jav24.uk HTTP/1.1
Host: 7ca85fa8fc.937e30a10b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jav24.uk
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:38 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Thu, 12 Dec 2024 04:54:38 GMT
x-proxy-cache: MISS
x-cdn-host-id: ds8138
access-control-allow-origin: *
X-Firefox-Spdy: h2

i.jav24.uk/2/c/4/c/2c4cd804a6785945de1308c5b3951b11.jpg

104.21.70.49

200 OK

253 kB

URL GET HTTP/3
i.jav24.uk/2/c/4/c/2c4cd804a6785945de1308c5b3951b11.jpg
IP
104.21.70.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectjav24.uk
Fingerprint3E:92:F8:66:27:89:54:77:5E:04:E3:03:B6:AA:F7:F8:00:93:0F:95
ValidityTue, 29 Oct 2024 05:38:18 GMT - Mon, 27 Jan 2025 05:38:17 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 560x840, components 3
Size
253 kB (252872 bytes)
Hash
f3d2b85629d7c32ea15eed71ca2e5dbd
efe57e1c18b7bb8eda2b05e34b7d8b88c0c5e2ee
a2522fb50d5fd2443518a7a685f696d83649a3b52cf1a0f9642d8c7ea79347cc

HTTP Headers

GET /2/c/4/c/2c4cd804a6785945de1308c5b3951b11.jpg HTTP/1.1
Host: i.jav24.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Cookie: _ga_29VR3V2H80=GS1.1.1733978977.1.0.1733978977.0.0.0; _ga=GA1.1.2133221516.1733978978
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 12 Dec 2024 04:49:39 GMT
content-type: image/jpeg
content-length: 252872
last-modified: Wed, 04 Sep 2024 02:34:35 GMT
etag: "3dbc8-6214203c9313d"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FM6jqD6ExDoSM9hJFDfimXC%2BOchMWi6tWU9Zb3SQvCI0tiMBGMTE3aW94m8PKfwN6TCNmNUkLu4MvsfS9tqqSJq7KZMt6v7bN3NPDKcqo83ToaJxFh1pCJ5aYnjJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f0b16c24e4ab4f9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2179&min_rtt=1160&rtt_var=1266&sent=208&recv=23&lost=0&retrans=0&sent_bytes=229466&recv_bytes=4088&delivery_rate=21191796&cwnd=96000&unsent_bytes=0&cid=47931de4fb5f28a8&ts=2929&x=1", cfExtPri, cfHdrFlush;dur=0

i.jav24.uk/b/0/5/8/b0580a0299db3a418a48d3541816b74c.jpg

104.21.70.49

200 OK

302 kB

URL GET HTTP/3
i.jav24.uk/b/0/5/8/b0580a0299db3a418a48d3541816b74c.jpg
IP
104.21.70.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectjav24.uk
Fingerprint3E:92:F8:66:27:89:54:77:5E:04:E3:03:B6:AA:F7:F8:00:93:0F:95
ValidityTue, 29 Oct 2024 05:38:18 GMT - Mon, 27 Jan 2025 05:38:17 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 447x840, components 3
Size
302 kB (302020 bytes)
Hash
1a48229fae37a8edcb10a30cf5e56f63
089ff66123ee17baa3ff051f5334b00d52c2c41d
edab10388f3ad97360fe6be45ab7ad97a6ee2ba693fcabc2a32ccb54e0a06687

HTTP Headers

GET /b/0/5/8/b0580a0299db3a418a48d3541816b74c.jpg HTTP/1.1
Host: i.jav24.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Cookie: _ga_29VR3V2H80=GS1.1.1733978977.1.0.1733978977.0.0.0; _ga=GA1.1.2133221516.1733978978
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 12 Dec 2024 04:49:38 GMT
content-type: image/jpeg
content-length: 302020
last-modified: Wed, 04 Sep 2024 05:59:55 GMT
etag: "49bc4-62144e222b41c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gnv0LowO%2FF0GKgyOI1Ju3JWkaQCSaCp7v8QavZwGF2a4Whhfk1WAI5oFwCIVgGc9ACr0zYH%2FeAcFI69h0j8X1fe2fCBnlWYZBu8WIdjUDnw21uIbIxYWxxOX907c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f0b16c24e4cb4f9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2466&min_rtt=1160&rtt_var=1361&sent=144&recv=21&lost=0&retrans=0&sent_bytes=152956&recv_bytes=3998&delivery_rate=2231&cwnd=96000&unsent_bytes=0&cid=47931de4fb5f28a8&ts=2639&x=1", cfExtPri, cfHdrFlush;dur=0

i.jav24.uk/f/c/4/6/fc468127b247d80af86008c58cc04f44.jpg

104.21.70.49

200 OK

276 kB

URL GET HTTP/3
i.jav24.uk/f/c/4/6/fc468127b247d80af86008c58cc04f44.jpg
IP
104.21.70.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectjav24.uk
Fingerprint3E:92:F8:66:27:89:54:77:5E:04:E3:03:B6:AA:F7:F8:00:93:0F:95
ValidityTue, 29 Oct 2024 05:38:18 GMT - Mon, 27 Jan 2025 05:38:17 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 560x840, components 3
Size
276 kB (276545 bytes)
Hash
15f5e6e39ddd589a7a85249597eb8ed1
bc188783801a32ea7b5e796098c69a63a779ad79
c811a1ad117e4534131ab3c987f1c643a0828978c70f89561bca16fe38ea91cb

HTTP Headers

GET /f/c/4/6/fc468127b247d80af86008c58cc04f44.jpg HTTP/1.1
Host: i.jav24.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Cookie: _ga_29VR3V2H80=GS1.1.1733978977.1.0.1733978977.0.0.0; _ga=GA1.1.2133221516.1733978978
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 12 Dec 2024 04:49:38 GMT
content-type: image/jpeg
content-length: 276545
last-modified: Wed, 04 Sep 2024 09:35:34 GMT
etag: "43841-62147e55c70ab"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RKAKWkgEkdldHBKcJZLxI1%2FsjLllt8VQYyyHSiwrVq7NOk7lXOC00dhm6zJuYgEecyCIOyxm8j5vzmlFZudPM%2FHFf1LtsuvEUYFNwUmxlP%2BswlTfMDQ18N64Ki%2F8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f0b16c24e48b4f9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2321&min_rtt=1160&rtt_var=1309&sent=171&recv=22&lost=0&retrans=0&sent_bytes=185207&recv_bytes=4043&delivery_rate=18848957&cwnd=96000&unsent_bytes=0&cid=47931de4fb5f28a8&ts=2642&x=1", cfExtPri, cfHdrFlush;dur=0

i.jav24.uk/1/9/e/d/19ed5b47ebf7f468d3a93a4f741b420f.jpg

104.21.70.49

200 OK

291 kB

URL GET HTTP/3
i.jav24.uk/1/9/e/d/19ed5b47ebf7f468d3a93a4f741b420f.jpg
IP
104.21.70.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectjav24.uk
Fingerprint3E:92:F8:66:27:89:54:77:5E:04:E3:03:B6:AA:F7:F8:00:93:0F:95
ValidityTue, 29 Oct 2024 05:38:18 GMT - Mon, 27 Jan 2025 05:38:17 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 447x840, components 3
Size
291 kB (290989 bytes)
Hash
b013f1e1a2972994070e873c5180c22c
43254a3adaba9de33d3b1b08af20961986279f00
1f59a420667ba389fa1677e7afa3504ca22bd94779a5b36b3af783dc0a6a3d5a

HTTP Headers

GET /1/9/e/d/19ed5b47ebf7f468d3a93a4f741b420f.jpg HTTP/1.1
Host: i.jav24.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Cookie: _ga_29VR3V2H80=GS1.1.1733978977.1.0.1733978977.0.0.0; _ga=GA1.1.2133221516.1733978978
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 12 Dec 2024 04:49:39 GMT
content-type: image/jpeg
content-length: 290989
last-modified: Wed, 04 Sep 2024 08:24:15 GMT
etag: "470ad-62146e64ad483"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2FWotupg%2B3HCKNy86ePRskpw0dhCS3HMEKbPKOUcTdPK0J6TgNB6wMI0YfmNJsnSrZ5bwvvkDo7RjvhMw%2FKNddv2LYKVAPsvDmAktcjDVWmSwDCC1CWKb8HoDZbu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f0b16c24e4db4f9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2179&min_rtt=1160&rtt_var=1266&sent=198&recv=23&lost=0&retrans=0&sent_bytes=217466&recv_bytes=4088&delivery_rate=21191796&cwnd=96000&unsent_bytes=0&cid=47931de4fb5f28a8&ts=2929&x=1", cfExtPri, cfHdrFlush;dur=0

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

64.233.161.84

302 Found

0 B

URL GET HTTP/3
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint08:EB:C7:D6:BA:86:9E:85:23:FF:C8:A2:9C:EE:A5:DE:3E:65:74:7A
ValidityMon, 04 Nov 2024 08:37:47 GMT - Mon, 27 Jan 2025 08:37:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:dCj4O3kn7umyOQ0DLvQHOblV9vhepg:oijI9dSVAm5q45Pl; Expires=Sat, 12-Dec-2026 04:49:40 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 12 Dec 2024 04:49:40 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP99XtrD7cpDocsbiw6pbcbMRSSOyJvHrqK40peAp2wiHSfivO_dcn0nmt79kInTWSMs7iGGgPw
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'nonce-XqnP7MjkjaDl582UnEnbTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP99XtrD7cpDocsbiw6pbcbMRSSOyJvHrqK40peAp2wiHSfivO_dcn0nmt79kInTWSMs7iGGgPw

64.233.161.84

302 Found

422 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP99XtrD7cpDocsbiw6pbcbMRSSOyJvHrqK40peAp2wiHSfivO_dcn0nmt79kInTWSMs7iGGgPw
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintF9:06:4D:60:3C:4F:82:AB:36:A7:C2:A4:26:FC:FB:F1:03:EB:2F:9C
ValidityMon, 04 Nov 2024 08:39:38 GMT - Mon, 27 Jan 2025 08:39:37 GMT

File type
HTML document, ASCII text, with very long lines (392)
Size
422 B (422 bytes)
Hash
d7dd8e801af51114572dafa85224f659
97785a3bc3fa3c771e8f972b3c63b15ac5a55bce
e78ee97fa2c75708f92ed65a65870209a466efcdc88771da25a5590a71d043de

HTTP Headers

GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP99XtrD7cpDocsbiw6pbcbMRSSOyJvHrqK40peAp2wiHSfivO_dcn0nmt79kInTWSMs7iGGgPw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:sPRJ_jujLiPCy2GjWjCDiCzF4P8DDA:u8lhTSw3m7otNYcM;Path=/;Expires=Sat, 12-Dec-2026 04:49:40 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 12 Dec 2024 04:49:40 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9-MeQvaqCXuUI1MVPQ6FG1FGoYumn0WR_YGlMG7-52SkHR_ENG4wVLdjJsTwK4HgDStu-DkUQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1392877288%3A1733978980323724&ddm=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-Q1P2rjs9T--LOPAA29QGFw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 422
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nereserv.com/in/dip?event_id=651d202b-63fa-43a3-be97-787bd8305f46&subid=1273364912&spot_id=1407058&created_at=2024-12-12&timezone=0&ver=1.158.2

116.202.249.56

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?event_id=651d202b-63fa-43a3-be97-787bd8305f46&subid=1273364912&spot_id=1407058&created_at=2024-12-12&timezone=0&ver=1.158.2
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintEE:9A:59:DB:A9:CD:73:0A:9C:87:AC:9F:FE:A1:90:AA:A1:7E:F8:D4
ValidityThu, 07 Nov 2024 10:40:28 GMT - Wed, 05 Feb 2025 10:40:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?event_id=651d202b-63fa-43a3-be97-787bd8305f46&subid=1273364912&spot_id=1407058&created_at=2024-12-12&timezone=0&ver=1.158.2 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jav24.uk
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.24.0
date: Thu, 12 Dec 2024 04:49:40 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

enrtx.com/get/

94.130.197.239

200 OK

22 kB

URL POST HTTP/2
enrtx.com/get/
IP
94.130.197.239:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint61:BC:31:65:90:EA:DD:3B:91:05:29:93:84:00:89:BB:11:CB:81:2F
ValidityWed, 30 Oct 2024 10:28:34 GMT - Tue, 28 Jan 2025 10:28:33 GMT

File type
JSON text data
Size
22 kB (22441 bytes)
Hash
1de1e342734b23e5955d9b4037b2e49b
bfc72d7982d7d6f3729887c76867230b02be0743
2522e6a250f5985c61389dae7e94efb6a9152e981a4f5df16756deb423ec7e09

HTTP Headers

POST /get/ HTTP/1.1
Host: enrtx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jav24.uk/
Content-Type: text/plain;charset=UTF-8
Content-Length: 4712
Origin: https://jav24.uk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.16.0
date: Thu, 12 Dec 2024 04:49:41 GMT
content-type: application/json
content-length: 22441
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

jav24.uk/favicon.ico

104.21.70.49

302 Found

0 B

URL GET HTTP/3
jav24.uk/favicon.ico
IP
104.21.70.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectjav24.uk
Fingerprint3E:92:F8:66:27:89:54:77:5E:04:E3:03:B6:AA:F7:F8:00:93:0F:95
ValidityTue, 29 Oct 2024 05:38:18 GMT - Mon, 27 Jan 2025 05:38:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jav24.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jav24.uk/video/pkpk-039
DNT: 1
Connection: keep-alive
Cookie: _ga_29VR3V2H80=GS1.1.1733978977.1.0.1733978977.0.0.0; _ga=GA1.1.2133221516.1733978978
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 12 Dec 2024 04:49:43 GMT
content-type: text/html; charset=UTF-8
location: /favicon.ico
cf-cache-status: BYPASS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fD8sfcDuBUpiubxmq8RZksmPiaxyvaFvwDPBzGQMof51Nw8x4BQ%2FuP%2BXVIQ6yA0O44yQ8OoM3TC%2BmzuC2lT8YjwpP%2F6VPlnlAh03cess5zvzuYFrxU9tf9g2NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f0b16e2ec40b4f9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12423&min_rtt=947&rtt_var=4167&sent=1128&recv=60&lost=0&retrans=1&sent_bytes=1312970&recv_bytes=8401&delivery_rate=31509&cwnd=219000&unsent_bytes=0&cid=47931de4fb5f28a8&ts=7063&x=1", cfExtPri, cfHdrFlush;dur=0

nereserv.com/in/dip?site=native-push&wl=1&event_id=bc720d7d-d461-4120-a8ee-8b5d116af33c&subid=1322055138&sid=1381410128&spot_id=1410224&created_at=2024-12-12&timezone=0&ver=8.198.1&is_native=1

116.202.249.56

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?site=native-push&wl=1&event_id=bc720d7d-d461-4120-a8ee-8b5d116af33c&subid=1322055138&sid=1381410128&spot_id=1410224&created_at=2024-12-12&timezone=0&ver=8.198.1&is_native=1
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintEE:9A:59:DB:A9:CD:73:0A:9C:87:AC:9F:FE:A1:90:AA:A1:7E:F8:D4
ValidityThu, 07 Nov 2024 10:40:28 GMT - Wed, 05 Feb 2025 10:40:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=bc720d7d-d461-4120-a8ee-8b5d116af33c&subid=1322055138&sid=1381410128&spot_id=1410224&created_at=2024-12-12&timezone=0&ver=8.198.1&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jav24.uk
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.24.0
date: Thu, 12 Dec 2024 04:49:44 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

awpya.com/in/multy

116.202.249.56

204 No Content

0 B

URL OPTIONS HTTP/2
awpya.com/in/multy
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintEE:9A:59:DB:A9:CD:73:0A:9C:87:AC:9F:FE:A1:90:AA:A1:7E:F8:D4
ValidityThu, 07 Nov 2024 10:40:28 GMT - Wed, 05 Feb 2025 10:40:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: awpya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://jav24.uk/
Origin: https://jav24.uk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx/1.24.0
date: Thu, 12 Dec 2024 04:49:44 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9-MeQvaqCXuUI1MVPQ6FG1FGoYumn0WR_YGlMG7-52SkHR_ENG4wVLdjJsTwK4HgDStu-DkUQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1392877288%3A1733978980323724&ddm=1

64.233.161.84

403 Forbidden

5.3 kB

URL GET HTTP/2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9-MeQvaqCXuUI1MVPQ6FG1FGoYumn0WR_YGlMG7-52SkHR_ENG4wVLdjJsTwK4HgDStu-DkUQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1392877288%3A1733978980323724&ddm=1
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintF9:06:4D:60:3C:4F:82:AB:36:A7:C2:A4:26:FC:FB:F1:03:EB:2F:9C
ValidityMon, 04 Nov 2024 08:39:38 GMT - Mon, 27 Jan 2025 08:39:37 GMT

File type
gzip compressed data, max compression
Size
5.3 kB (5303 bytes)
Hash
9b4cd7c2d9a4d6bed780d6db06e7b57f
f488cd822dd6ac5705f60a83cbbe75599885ef3f
da03ec119cf2d92384715a404d95fe6748a2b76d0c67474dca0943a1f5a55da6

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9-MeQvaqCXuUI1MVPQ6FG1FGoYumn0WR_YGlMG7-52SkHR_ENG4wVLdjJsTwK4HgDStu-DkUQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1392877288%3A1733978980323724&ddm=1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 12 Dec 2024 04:49:40 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-2w83q1RCfZ_Yamz6Av5qmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/recaptcha/api.js https://translate.google.com/translate_a/element.js https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.66DVkOQ4BTQ.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jav24.uk/favicon.ico

104.21.70.49

302 Found

423 B

URL GET HTTP/3
jav24.uk/favicon.ico
IP
104.21.70.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectjav24.uk
Fingerprint3E:92:F8:66:27:89:54:77:5E:04:E3:03:B6:AA:F7:F8:00:93:0F:95
ValidityTue, 29 Oct 2024 05:38:18 GMT - Mon, 27 Jan 2025 05:38:17 GMT

File type
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size
423 B (423 bytes)
Hash
9db98f4797888317c85ea7f4316ede80
c9cafc2ca78c726adc3daea7b8a36deec2795916
5f57a8474b9199550e706bbd74c460970b9fa2c66be5a0109272055a74845139

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jav24.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jav24.uk/video/pkpk-039
DNT: 1
Connection: keep-alive
Cookie: _ga_29VR3V2H80=GS1.1.1733978977.1.0.1733978977.0.0.0; _ga=GA1.1.2133221516.1733978978
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 12 Dec 2024 04:49:44 GMT
content-type: text/html; charset=UTF-8
location: /favicon.ico
cf-cache-status: BYPASS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BSP5%2FGf%2FAj4SvQqvouTKHOFkq38GOHn5RnIPZ%2F2t2rO8yo0aidHPiPCK8NYBHHJsOctAfb%2F8%2BR0CRtLGZM7cjQUYji9Vky1e%2But0aNejeFGsAshyIa%2FZ3%2BAdsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f0b16ea5941b4f9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9306&min_rtt=947&rtt_var=6152&sent=1136&recv=68&lost=0&retrans=1&sent_bytes=1315764&recv_bytes=9937&delivery_rate=2255&cwnd=219000&unsent_bytes=0&cid=47931de4fb5f28a8&ts=8253&x=1", cfExtPri, cfHdrFlush;dur=0

awpya.com/in/multy

116.202.249.56

200 OK

9.1 kB

URL OPTIONS HTTP/2
awpya.com/in/multy
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintEE:9A:59:DB:A9:CD:73:0A:9C:87:AC:9F:FE:A1:90:AA:A1:7E:F8:D4
ValidityThu, 07 Nov 2024 10:40:28 GMT - Wed, 05 Feb 2025 10:40:27 GMT

File type
JSON text data
Size
9.1 kB (9093 bytes)
Hash
0034e2d900f6efe3a0720dd248bdb097
787732b3a8d2337a0e8910faa854149642c5609d
f702d07533ebe51c8480afba7f98e07aee43ee606c9881ab8244786a15385d47

HTTP Headers

POST /in/multy HTTP/1.1
Host: awpya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 5407
Origin: https://jav24.uk
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.24.0
date: Thu, 12 Dec 2024 04:49:44 GMT
content-type: application/json
content-length: 9093
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2

jav24.uk/favicon.ico

104.21.70.49

302 Found

0 B

URL GET HTTP/3
jav24.uk/favicon.ico
IP
104.21.70.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectjav24.uk
Fingerprint3E:92:F8:66:27:89:54:77:5E:04:E3:03:B6:AA:F7:F8:00:93:0F:95
ValidityTue, 29 Oct 2024 05:38:18 GMT - Mon, 27 Jan 2025 05:38:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jav24.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jav24.uk/video/pkpk-039
DNT: 1
Connection: keep-alive
Cookie: _ga_29VR3V2H80=GS1.1.1733978977.1.0.1733978977.0.0.0; _ga=GA1.1.2133221516.1733978978
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 12 Dec 2024 04:49:42 GMT
content-type: text/html; charset=UTF-8
location: /favicon.ico
cf-cache-status: BYPASS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2B2XV4%2BwyXtqFbTyIKCPdSeSaGiu6ZGO%2BfQ9SJlZUgbSMvtZ%2BL%2Fnd%2B4alZG6HsDxvW1ZG6Lt30goQJWC4D5WhuY5UzV3rMalYkC6DsxTs%2FM2Ir0rR3zd7n2QTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f0b16dbcf00b4f9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12379&min_rtt=947&rtt_var=8934&sent=1120&recv=52&lost=0&retrans=1&sent_bytes=1310174&recv_bytes=6867&delivery_rate=31256&cwnd=219000&unsent_bytes=0&cid=47931de4fb5f28a8&ts=5919&x=1", cfExtPri, cfHdrFlush;dur=0

7ca85fa8fc.937e30a10b.com/b42dd517c7dfcf28cf28c21d205f241c.js

45.133.44.52

200 OK

131 kB

URL GET HTTP/2
7ca85fa8fc.937e30a10b.com/b42dd517c7dfcf28cf28c21d205f241c.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subject7ca85fa8fc.937e30a10b.com
FingerprintD1:CE:1F:CB:10:30:F1:A5:F4:80:DD:C8:9A:0E:CD:F8:E7:E7:EF:EB
ValidityMon, 09 Dec 2024 02:15:00 GMT - Sun, 09 Mar 2025 02:14:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
131 kB (131207 bytes)
Hash
ddd7c183ff6177f50f8cbdd10a21d187
a6da18fe0ea3c0dd0be5d580113bcf030ec3ac46
672ed964c28cd87d6396cc8fc306efae3f88823829f9aec3970df2a60cfe7667

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b42dd517c7dfcf28cf28c21d205f241c.js HTTP/1.1
Host: 7ca85fa8fc.937e30a10b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:44 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 12 Nov 2024 08:52:59 GMT
etag: W/"6733176b-86d5a"
content-encoding: gzip
expires: Thu, 12 Dec 2024 04:54:44 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds8138
access-control-allow-origin: *
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9_ENbwu_4okJBV-v9gZHf5gpUwSkkvEdXnuzDlMG32ezhr5Z2NnUwI56LzMDCQSCFVKH4nv-Q&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S101029217%3A1733978984399587&ddm=1

64.233.161.84

403 Forbidden

1.3 kB

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9_ENbwu_4okJBV-v9gZHf5gpUwSkkvEdXnuzDlMG32ezhr5Z2NnUwI56LzMDCQSCFVKH4nv-Q&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S101029217%3A1733978984399587&ddm=1
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint08:EB:C7:D6:BA:86:9E:85:23:FF:C8:A2:9C:EE:A5:DE:3E:65:74:7A
ValidityMon, 04 Nov 2024 08:37:47 GMT - Mon, 27 Jan 2025 08:37:46 GMT

File type
gzip compressed data, max compression
Size
1.3 kB (1302 bytes)
Hash
31f75ce97ff103cac92246a7c122f40b
627c55d1b568836c2b2d1b1675587db815fceb11
4326a11b2b6cd3db5371f354e9473b5084a42fb69116e2f9ac4c9791372bbf29

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9_ENbwu_4okJBV-v9gZHf5gpUwSkkvEdXnuzDlMG32ezhr5Z2NnUwI56LzMDCQSCFVKH4nv-Q&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S101029217%3A1733978984399587&ddm=1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 12 Dec 2024 04:49:44 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-ICFdpVYuql70v68MWdPLtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/recaptcha/api.js https://translate.google.com/translate_a/element.js https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.66DVkOQ4BTQ.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.25

200 OK

1.1 kB

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint6B:98:BE:D7:28:05:BB:C1:1E:1B:28:3A:0F:F9:79:86:2D:94:63:BF
ValiditySun, 01 Dec 2024 03:02:39 GMT - Sat, 01 Mar 2025 03:02:38 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:44 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 31 May 2024 10:56:43 GMT
etag: "6659aceb-42a"
expires: Fri, 12 Dec 2025 04:49:44 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
x-cdn-host-id: ds5058
accept-ranges: bytes
X-Firefox-Spdy: h2

p.a64x.com/in/tip_shows/?katds_ep=o-PMySpPH9V_Xku6zTpSGcjzbOSKDCDcnkHoSOgAsSYJSvaKbo76hjYiHuoB_7Zq0KQj1tnfdJZbShWE_f-1wgSWRqEa5u9WV7_zrkKS73Jr9HzqQJmNagymTpaVR_EkS9wXrdBYZpoDRNHL3rjUJDONlF2fZnt2J6Wcnddfn0MvLyHQ_HyBileZgFWgsxh-8clle0bgnHOxqpCbLRI2hUCt4gF9riJq4ltGaQtaIpRcCnsYIiJngNY6XTNfS2MNaHoLrPWuNsARSdDOxGqM2ihcWup4JBAG1siltp2JLFxN0y_882z5w_q-TrrCUz0dPCL3G1rFTLpAIuIrhj-B2nTACmvXLJoL57dE_iCwZYOP1sHikEXl3Fvrg7EALZmANiSI3xshwemgD7YNq6IVO-gbXBvq1Uo9-wvu_oR5KzGpcWQdvzG37PBtjjuAigG_kJeG-UHk7pQ_FilX7B0Gyjx2hhUqZuzvvsLuUeSF--owhl7SAyh8n819HbAVBG3WkVerEv9BnsPoGMhjgRZ3b04WEEya7iX9NaGASXMoARKdA2qS7BzVfquwGS9Qf9iVJL9tadVS8qAO_Eye9o6xMAgFg9CmqFrq4Dr4gWP5nkRVoXfp__6wBrHUYjWuIaS6d4wVwtJNdwtuKYIoCvE7Sx0Z4a30SGIfGh0qVLE2aeRTucADUOIllTLJDhPHYnHsOL4uXeZFaoUi3VvcO6JiDnqvRW5hpRh_0wTbqOjnzXuNVnZ7izTrFjr125_tOxSCnTP4a5HQdcymHytla-AZFx-Xw21iswOlLnAeTyTXHulvzHfjH18D5XlAg9HuqJBSL3mDxa_ndZhcakq2noAZd7isszLlMUhHM4zGYfaLIe9WUglKmL5OwZnjDBF8Tf7PGM1pCHskBd7RNBLOXNP0V68ZSY8RPMyE2IJnkFYujC-asFPY42iZWUin1e1qtfApwv99LbLF9jXnathA01R3mvyj&bid=0.021

104.21.19.82

302 Found

0 B

URL GET HTTP/2
p.a64x.com/in/tip_shows/?katds_ep=o-PMySpPH9V_Xku6zTpSGcjzbOSKDCDcnkHoSOgAsSYJSvaKbo76hjYiHuoB_7Zq0KQj1tnfdJZbShWE_f-1wgSWRqEa5u9WV7_zrkKS73Jr9HzqQJmNagymTpaVR_EkS9wXrdBYZpoDRNHL3rjUJDONlF2fZnt2J6Wcnddfn0MvLyHQ_HyBileZgFWgsxh-8clle0bgnHOxqpCbLRI2hUCt4gF9riJq4ltGaQtaIpRcCnsYIiJngNY6XTNfS2MNaHoLrPWuNsARSdDOxGqM2ihcWup4JBAG1siltp2JLFxN0y_882z5w_q-TrrCUz0dPCL3G1rFTLpAIuIrhj-B2nTACmvXLJoL57dE_iCwZYOP1sHikEXl3Fvrg7EALZmANiSI3xshwemgD7YNq6IVO-gbXBvq1Uo9-wvu_oR5KzGpcWQdvzG37PBtjjuAigG_kJeG-UHk7pQ_FilX7B0Gyjx2hhUqZuzvvsLuUeSF--owhl7SAyh8n819HbAVBG3WkVerEv9BnsPoGMhjgRZ3b04WEEya7iX9NaGASXMoARKdA2qS7BzVfquwGS9Qf9iVJL9tadVS8qAO_Eye9o6xMAgFg9CmqFrq4Dr4gWP5nkRVoXfp__6wBrHUYjWuIaS6d4wVwtJNdwtuKYIoCvE7Sx0Z4a30SGIfGh0qVLE2aeRTucADUOIllTLJDhPHYnHsOL4uXeZFaoUi3VvcO6JiDnqvRW5hpRh_0wTbqOjnzXuNVnZ7izTrFjr125_tOxSCnTP4a5HQdcymHytla-AZFx-Xw21iswOlLnAeTyTXHulvzHfjH18D5XlAg9HuqJBSL3mDxa_ndZhcakq2noAZd7isszLlMUhHM4zGYfaLIe9WUglKmL5OwZnjDBF8Tf7PGM1pCHskBd7RNBLOXNP0V68ZSY8RPMyE2IJnkFYujC-asFPY42iZWUin1e1qtfApwv99LbLF9jXnathA01R3mvyj&bid=0.021
IP
104.21.19.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjecta64x.com
Fingerprint14:4A:89:A6:6E:5C:81:E6:3B:34:F1:EF:B2:AF:90:10:42:C3:17:7A
ValiditySun, 10 Nov 2024 20:57:28 GMT - Sat, 08 Feb 2025 20:57:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/tip_shows/?katds_ep=o-PMySpPH9V_Xku6zTpSGcjzbOSKDCDcnkHoSOgAsSYJSvaKbo76hjYiHuoB_7Zq0KQj1tnfdJZbShWE_f-1wgSWRqEa5u9WV7_zrkKS73Jr9HzqQJmNagymTpaVR_EkS9wXrdBYZpoDRNHL3rjUJDONlF2fZnt2J6Wcnddfn0MvLyHQ_HyBileZgFWgsxh-8clle0bgnHOxqpCbLRI2hUCt4gF9riJq4ltGaQtaIpRcCnsYIiJngNY6XTNfS2MNaHoLrPWuNsARSdDOxGqM2ihcWup4JBAG1siltp2JLFxN0y_882z5w_q-TrrCUz0dPCL3G1rFTLpAIuIrhj-B2nTACmvXLJoL57dE_iCwZYOP1sHikEXl3Fvrg7EALZmANiSI3xshwemgD7YNq6IVO-gbXBvq1Uo9-wvu_oR5KzGpcWQdvzG37PBtjjuAigG_kJeG-UHk7pQ_FilX7B0Gyjx2hhUqZuzvvsLuUeSF--owhl7SAyh8n819HbAVBG3WkVerEv9BnsPoGMhjgRZ3b04WEEya7iX9NaGASXMoARKdA2qS7BzVfquwGS9Qf9iVJL9tadVS8qAO_Eye9o6xMAgFg9CmqFrq4Dr4gWP5nkRVoXfp__6wBrHUYjWuIaS6d4wVwtJNdwtuKYIoCvE7Sx0Z4a30SGIfGh0qVLE2aeRTucADUOIllTLJDhPHYnHsOL4uXeZFaoUi3VvcO6JiDnqvRW5hpRh_0wTbqOjnzXuNVnZ7izTrFjr125_tOxSCnTP4a5HQdcymHytla-AZFx-Xw21iswOlLnAeTyTXHulvzHfjH18D5XlAg9HuqJBSL3mDxa_ndZhcakq2noAZd7isszLlMUhHM4zGYfaLIe9WUglKmL5OwZnjDBF8Tf7PGM1pCHskBd7RNBLOXNP0V68ZSY8RPMyE2IJnkFYujC-asFPY42iZWUin1e1qtfApwv99LbLF9jXnathA01R3mvyj&bid=0.021 HTTP/1.1
Host: p.a64x.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 12 Dec 2024 04:49:44 GMT
content-type: application/json
content-length: 0
location: https://gfxdn.pics/m/p/0/883/883208/conversions/M4Y7kv1Z-in-page-ad-icons.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jL51lBmn5kI%2F7TEMIkzMKBuqqYUfwNKvdOeZsdJ0UfD6xtEmCCFXx7y7fdZRsyRdnxAUIG1GWpIQN9wfBYIb6TPr9aUj9eJ9N0fg43317CSjs3ByNAmnyH1O4iDo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f0b16efdd96b50b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1682&min_rtt=559&rtt_var=915&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3187&recv_bytes=1857&delivery_rate=4604133&cwnd=254&unsent_bytes=0&cid=e69021a96c8000e6&ts=64&x=0"
X-Firefox-Spdy: h2

gfxdn.pics/m/p/0/883/883207/conversions/0OErF2ya-in-page-ad-images.jpg

45.133.44.24

200 OK

5.6 kB

URL GET HTTP/2
gfxdn.pics/m/p/0/883/883207/conversions/0OErF2ya-in-page-ad-images.jpg
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectgfxdn.pics
Fingerprint21:74:CD:9F:28:AA:F9:B6:D0:A3:4E:41:31:4F:C8:D7:50:66:7D:0A
ValiditySat, 30 Nov 2024 03:02:24 GMT - Fri, 28 Feb 2025 03:02:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 20", baseline, precision 8, 360x240, components 3
Size
5.6 kB (5614 bytes)
Hash
49edcb1387f03075c9f1e3e5e25ff5a7
299775f4f77915c558373858740cae04d40ddaf6
912b34b348bb51e6ef8520a0410eba101754583caffb323b9c929cb29ba539d6

HTTP Headers

GET /m/p/0/883/883207/conversions/0OErF2ya-in-page-ad-images.jpg HTTP/1.1
Host: gfxdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:44 GMT
content-type: image/jpeg
content-length: 5614
server: nginx
last-modified: Tue, 27 Aug 2024 06:56:18 GMT
etag: "66cd7892-15ee"
x-request-id: ba8e33e3821218f5e3fe021d3d1fac04
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache, no-cache
expires: 0
x-proxy-cache: MISS, HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

gfxdn.pics/m/p/0/883/883208/conversions/M4Y7kv1Z-in-page-ad-icons.jpg

45.133.44.24

200 OK

1.7 kB

URL GET HTTP/2
gfxdn.pics/m/p/0/883/883208/conversions/M4Y7kv1Z-in-page-ad-icons.jpg
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectgfxdn.pics
Fingerprint21:74:CD:9F:28:AA:F9:B6:D0:A3:4E:41:31:4F:C8:D7:50:66:7D:0A
ValiditySat, 30 Nov 2024 03:02:24 GMT - Fri, 28 Feb 2025 03:02:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 20", baseline, precision 8, 100x100, components 3
Size
1.7 kB (1681 bytes)
Hash
6ce48d48d7798585f330c367851312c8
27e36324113480d6ad69ea0b6be5230987a3eefc
3abd3bcb6f6074a158ed763d91471a96a4204361f534f0465117b82735f7e4ed

HTTP Headers

GET /m/p/0/883/883208/conversions/M4Y7kv1Z-in-page-ad-icons.jpg HTTP/1.1
Host: gfxdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:45 GMT
content-type: image/jpeg
content-length: 1681
server: nginx
last-modified: Tue, 27 Aug 2024 06:56:14 GMT
etag: "66cd788e-691"
x-request-id: c59dcd8e8ed68008e60741db0eed9407
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache, no-cache
expires: 0
x-proxy-cache: MISS, HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

js.wpshsdk.com/npc/sdk/push.m.js?v=1

45.133.44.53

200 OK

18 kB

URL GET HTTP/2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectjs.wpshsdk.com
Fingerprint96:A0:59:8B:2C:E8:61:1F:B0:E2:7F:5B:B5:8C:AF:B6:E0:E0:43:5F
ValidityFri, 15 Nov 2024 04:04:39 GMT - Thu, 13 Feb 2025 04:04:38 GMT

File type
gzip compressed data, from Unix
Size
18 kB (17517 bytes)
Hash
e781d21ecf7df7134eadff66a53fdd80
63b1ad520dbd2fe72cdbdc0612b7e833531c742e
6398f0fd1e1f975b2989857dc2c3b35248fe574e6ca2737ba506ff647e90c184

HTTP Headers

GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:39 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Sat, 07 Dec 2024 10:12:00 GMT
etag: W/"67541f70-83b6"
content-encoding: gzip
expires: Thu, 12 Dec 2024 04:54:39 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds8137
access-control-allow-origin: *
X-Firefox-Spdy: h2

jav24.uk/favicon.ico

104.21.70.49

302 Found

4.1 kB

URL GET HTTP/3
jav24.uk/favicon.ico
IP
104.21.70.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectjav24.uk
Fingerprint3E:92:F8:66:27:89:54:77:5E:04:E3:03:B6:AA:F7:F8:00:93:0F:95
ValidityTue, 29 Oct 2024 05:38:18 GMT - Mon, 27 Jan 2025 05:38:17 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3
Size
4.1 kB (4130 bytes)
Hash
cb7cca784e18680513836b8e968d2f7b
326f59d8d042639e8b9ea475da8a43008b5292f9
b2be97242ce201287e979ef435533b699fe42808af5c35f53bd0ec6485761cae

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jav24.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jav24.uk/video/pkpk-039
DNT: 1
Connection: keep-alive
Cookie: _ga_29VR3V2H80=GS1.1.1733978977.1.0.1733978977.0.0.0; _ga=GA1.1.2133221516.1733978978
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 12 Dec 2024 04:49:45 GMT
content-type: text/html; charset=UTF-8
location: /favicon.ico
cf-cache-status: BYPASS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3kcs7zQ1bc951keeRAg76iLobctAZ6BNL5BYHJJQVg2clpFeKwoGj7xkTnWbmtkZGKbJTnn28HSPiP2roT1urRVXx4UgXXhIdIwNpYxEaW204vNWl%2BSCI0JGxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f0b16f04cf5b4f9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7567&min_rtt=947&rtt_var=6459&sent=1140&recv=72&lost=0&retrans=1&sent_bytes=1317167&recv_bytes=10705&delivery_rate=2249&cwnd=219000&unsent_bytes=0&cid=47931de4fb5f28a8&ts=9198&x=1", cfExtPri, cfHdrFlush;dur=0

js.cabnnr.com/banner-admanager/build.m.js

45.133.44.52

200 OK

56 kB

URL GET HTTP/2
js.cabnnr.com/banner-admanager/build.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectjs.cabnnr.com
Fingerprint48:1E:B6:60:16:A2:6D:39:97:6D:C3:9E:7B:A1:E6:F6:A1:F4:34:56
ValidityWed, 16 Oct 2024 03:04:19 GMT - Tue, 14 Jan 2025 03:04:18 GMT

File type
JavaScript source, ASCII text, with very long lines (56047), with no line terminators
Size
56 kB (56047 bytes)
Hash
26bf1cb2f7ffe706da36bf8f3883f3bd
6bac27d81e13ebb3c23ef5168b6857e8c5896d57
13dc40e36579935df5900a7c29625e3c28bf70b3de03df24c357b5ee02d708c1

HTTP Headers

GET /banner-admanager/build.m.js HTTP/1.1
Host: js.cabnnr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:39 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 09 Dec 2024 10:35:06 GMT
etag: W/"6756c7da-daef"
content-encoding: gzip
expires: Thu, 12 Dec 2024 04:54:39 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds8138
access-control-allow-origin: *
X-Firefox-Spdy: h2

jav24.uk/video/pkpk-039

104.21.70.49

200 OK

13 kB

URL User Request GET HTTP/2
jav24.uk/video/pkpk-039
IP
104.21.70.49:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectjav24.uk
Fingerprint3E:92:F8:66:27:89:54:77:5E:04:E3:03:B6:AA:F7:F8:00:93:0F:95
ValidityTue, 29 Oct 2024 05:38:18 GMT - Mon, 27 Jan 2025 05:38:17 GMT

File type

Size
13 kB (13397 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /video/pkpk-039 HTTP/1.1
Host: jav24.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:36 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kTar08XlHEG95B90tquM436laVik0bOcFcdvkt4feh%2BeEjCUY84yhKHv13u9ah85kelZrgLWIiodxOMIz9wvwTerzx6%2BjfDWXWorUptQOBikN4rvpm%2B0ag5ePA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f0b16b4f8b91bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5966&min_rtt=475&rtt_var=10985&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3264&recv_bytes=1245&delivery_rate=7350253&cwnd=250&unsent_bytes=0&cid=7f2075fadd4fc0e4&ts=583&x=0"
X-Firefox-Spdy: h2

7ca85fa8fc.937e30a10b.com/1e9ff3e823410bdba00f06da9a27bbb1.js

45.133.44.52

200 OK

122 kB

URL GET HTTP/2
7ca85fa8fc.937e30a10b.com/1e9ff3e823410bdba00f06da9a27bbb1.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subject7ca85fa8fc.937e30a10b.com
FingerprintD1:CE:1F:CB:10:30:F1:A5:F4:80:DD:C8:9A:0E:CD:F8:E7:E7:EF:EB
ValidityMon, 09 Dec 2024 02:15:00 GMT - Sun, 09 Mar 2025 02:14:59 GMT

File type

Size
122 kB (122015 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1e9ff3e823410bdba00f06da9a27bbb1.js HTTP/1.1
Host: 7ca85fa8fc.937e30a10b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jav24.uk
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:38 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 05 Dec 2024 14:47:03 GMT
etag: W/"6751bce7-1dc9f"
content-encoding: gzip
expires: Thu, 12 Dec 2024 04:54:38 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds8138
access-control-allow-origin: *
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp

45.133.44.25

200 OK

486 B

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint6B:98:BE:D7:28:05:BB:C1:1E:1B:28:3A:0F:F9:79:86:2D:94:63:BF
ValiditySun, 01 Dec 2024 03:02:39 GMT - Sat, 01 Mar 2025 03:02:38 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:44 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 31 May 2024 10:56:43 GMT
etag: "6659aceb-1e6"
expires: Fri, 12 Dec 2025 04:49:44 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
x-cdn-host-id: ds5058
accept-ranges: bytes
X-Firefox-Spdy: h2

awpya.com/in/show/?tag_ab=d&site_id=311410224&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fjav24.uk%2Fvideo%2Fpkpk-039&refdom=jav24.uk&auction_time=1733978984&subid=1322055138&sid=1381410128&tcid=0&ver=8.198.1&ver_c=&spot_id=1410224&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-12-12&iabcat=IAB25-3&keywords=squirting,adult,fartplay,bisexual,anal,teens,blowjob,japanese,farting&user_fp=5233951268228228042&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1322055138%26spot_id%3D1410224%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjav24.uk%252Fvideo%252Fpkpk-039%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=24406&crtid=788f015ade7a5a02de07cfccea6d71a8&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DQV_R-a8ke4EVc-kZgnnPR12fXahjzckOjDwOdhTPLFpZSJgfFJA59_R0L1M8RaOi68o3hkRMzyeoCEl9JYqB6pmEtx-OAOl8n6MQACxP2uRzLIj2s2AtEel6n11ShPk7w6vyrFW3U7bg1dveKJuLGLqIdib2H0LaibLsYk5-JJclKFqzxxso6NMnKtIAoPseV1PbF1cZtUh_DN53lcWG0FfqikOZHn7KmmFL-HWfPjtismb8f9jvkKqlAieKscE_wuUf5ycT1Qp3amS5yIx2AnbzWoQhXF7DyGRxAa1oZNKII7dFbIB8DJ0_vgPK-Wj2T4ea0NYSAfTsG2lFcwZEAASloBKjK0IsRSoz8J3-hxqeNkxkCRj3hEriImzsakskqnwi34GruMcJkerLzhZPhSox03MNMDNSEAg7b39O9Puonv0cB-NW9MJRCJeBQs7eVfn41uEC8ncVktyz4o9nnaLwINEsBjsf0WiJs4HHTK9m6B7mIF3BYjYmCTjaxjNTAo3PofgVscmHqI_Javb-MOFu9GIfc8UNlfqZilry1t3PwDyi1PwP2l2gaVy693kkSamoGHj7-W97iXWB6RhS7vginGiMqeBbxK_P42pA-Wk2tGwVVnxuGyNpjVXtfwBG9ffXX4XSN2-XIPnlXE9FTZKSSevXGOfezy7PnXt4IqKO04ZWzOMpd1IZsVHvatptfkgjADSe-TPookyGiA2vop0RB74oJc7cYQgtvRB2-XMZ09qQ1ZkZFjKf9A3G145pl6Zz17GfW2udo-cFVU8i5k3wpAYLJyLeyUE8lkSH0bhSX7pDv69RmH0fkQHEAQp0mp-m5vIkC7_omW9dw64HYhs7fG9Aw0W34AK43DPGjiale-JPW3uzqI1u7pjWooh1mQbvryQRW9tnCJNDgwCZH7-65UU--04c4uiLnwkVhlIuULIYnQa3PU-jernNHXa3_3wABrwQa6nozpzlul6ZRHhCz-joodRY9CnLExmG1A6IPBQAcPCbOg68UQpQDx1FeKTdb-Gi7O7ClppNiDvd58WaFtSyRZqeER_TM7B2d4Tl9WmcHXT-5SxsTkTSNAaAw5tWVi5EcfZp7zS08Ki4NydNG0I13_FlvFmHXFirPSoqXms1BTlY0fZtS9QBdgzWmz9AnHN6mzGlsfgXrxqwbgPIdn8FUuyLiG6j2rZuSQGRTXCBB9WkxEkNcoLm_dqqdsb2km31Idl1o6cgEGu46_saloINdk03tsR4mJc%26bid%3D0.021&icons=mkDqSqXMrqzs1hwR_hqztIDkxkrerljSJwTzPEsuqfmcSe5kkkikyRumhDjZcD7IkcMfen1C8-a6Kkq4GT-nOx38J8Eui_aKrXH4ZR5lgGYKWV0xFnGT0Fi5Xo7VfNZ_rRDprE3BpDtk8mNATcZ5ayijE3tdv7c76MTNTSGuyLy-Pjkxqo-vTrPoXkclgaPzETlbjuM_hfQcqy6aqRoOTH3WQmUD0P1j9KnoUk0_ctctlKxYkPfOYG16SCJmTp5X2NeRoR5ZIvb9XBtbtKzfkspaD-i3f5KQtmkY6jaxhe4m0SF-fAC9IXe_pb7XD7woQH7UIMLdJbXTgmhwSFMjRUlyuvcZKMc-n9nWMxEcc43IYfYzXmheQjqkMal9JQEXVDMfmdXrYxkhd9yANxOY3nbmp-ynXBvs3A7bGIN-I-wYm5ScMenDwIquv9zCfxOVQJ3iTOTYPGWRMsfh9aUUiUVB0h4th0zcYyJc2Sk3aMxCBPsdtJ6D1DtyZR_5T_srbW7quZyqsokJHDiOrxQT7ZVH9oa_hnts_lTvPqTHkhj7OZ-8leUP6GtMMANFIaJAkOpXznmy967hM99mG4ll2jPkn-9hVIZ1mc1vOuM3bxS7mXiA4Vey7nbtw-FdGgv9T7oLZqJ7bNnt4pPS1Sf0232j9Th_7SbILboo8aws5OK37YYqucyccqhMeGH_ft4Myyry_VLSLe0_gBiDxrRNlq1jlzi9_p_FYYa8TtT79wjJjrHsDH47e0NyDll6bZIFqREz1bOGnDofoWVG3m4gLQb_kCujPg-PRW6_NsFJvxkhu1GUjyrDLOU8CcYflCBLAAEnMJlEHnpY0yZbGd4yoQNylM_0M_3RI0_6h7QYy6Nom9OJJkiO4QTVWNQqyZX5C7WFFKYWIrx_1RJXbr3OnTZ9I23axnVPrcZxSA1XyPH8M1NdOEyH8jj3ZlJcDj9OdNFRRFqySKnXuBMr4cMrYvAi3zCnPdK0YUDLNUD5el_n2bIbyeUQ-gHCrv217Tx1foucmjiFM3vp1VZoV2JPSSg0yw7-GvdWBWYNn-2HoTDiWCxzzjhRHvcMcvpIsDgeyq5iOm2vPM2cahizMaMmzW2GG3FnL668ZBVq9lnfmDyQ6L1ZZ8BY5b4Ib45SEFaZae8XFJOpF92Gs8z4dklKq7x4uJh-1yTqXA-o0TvdTiFdhzdwoqavma9XGjk2AeAG0Yqltl_GfGh4IZM9Rlf6djwN1fZDg5AGeJMaebsUvKy4AhfRipnZTE7bT2KOc5_R4-2AVXBOzL-J2E2xnFsZDuowrjIHGy7dGmcVO7nQrT4j89h_Go1YirMAf1fH5tHLEAXajGTCIp8a0vm6SNzwGqCrQM2kOF9pix8kd9L4zVOAkt-ZXffx4cVtJXhVxxGXaXVOdUn-8sy836ZvRcdfEf8X26Y&ext_cid=299547&px_id=731410224&min_cpm=0.00022512137207904499&out_id=0&campaign_type=hq&aid=127&cid=14410&uniq=ac3453ce09538fe1d037a8c2f8b3ce2529c0ea68600fd53ab01b5ca4bd27fc9e&mid=1078767577530228853&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.04089773101836436&cpm=0&verify_hash=b0d6a6502372068ac827f6b4ff19bf7c&is_native=1&real_bid=0.01861860036849981&original_bid_usd=0.021&original_bid=0.021&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,5,98,108,0&need_redirect_show=0&applied_features=yf,coef_090,main-skins-settings&show_count=1&expiration_timestamp=1734151784&image_url=https%3A%2F%2Fgfxdn.pics%2Fm%2Fp%2F0%2F883%2F883207%2Fconversions%2F0OErF2ya-in-page-ad-images.jpg&site=native-push-adult&price=0.021&hostname=auc-inpage-hz-9-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000021&ext_campaign_id_str=299547&is_webview=0&client_price=0.026598000526428297&direct_client_price=0&priority=0&client_payment_model=cpc&is_in_app=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=1a1a6b7a-399f-4350-8570-81836c0fb93f&prev_step_diff=774

116.202.249.56

200 OK

0 B

URL GET HTTP/2
awpya.com/in/show/?tag_ab=d&site_id=311410224&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fjav24.uk%2Fvideo%2Fpkpk-039&refdom=jav24.uk&auction_time=1733978984&subid=1322055138&sid=1381410128&tcid=0&ver=8.198.1&ver_c=&spot_id=1410224&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-12-12&iabcat=IAB25-3&keywords=squirting,adult,fartplay,bisexual,anal,teens,blowjob,japanese,farting&user_fp=5233951268228228042&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1322055138%26spot_id%3D1410224%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjav24.uk%252Fvideo%252Fpkpk-039%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=24406&crtid=788f015ade7a5a02de07cfccea6d71a8&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DQV_R-a8ke4EVc-kZgnnPR12fXahjzckOjDwOdhTPLFpZSJgfFJA59_R0L1M8RaOi68o3hkRMzyeoCEl9JYqB6pmEtx-OAOl8n6MQACxP2uRzLIj2s2AtEel6n11ShPk7w6vyrFW3U7bg1dveKJuLGLqIdib2H0LaibLsYk5-JJclKFqzxxso6NMnKtIAoPseV1PbF1cZtUh_DN53lcWG0FfqikOZHn7KmmFL-HWfPjtismb8f9jvkKqlAieKscE_wuUf5ycT1Qp3amS5yIx2AnbzWoQhXF7DyGRxAa1oZNKII7dFbIB8DJ0_vgPK-Wj2T4ea0NYSAfTsG2lFcwZEAASloBKjK0IsRSoz8J3-hxqeNkxkCRj3hEriImzsakskqnwi34GruMcJkerLzhZPhSox03MNMDNSEAg7b39O9Puonv0cB-NW9MJRCJeBQs7eVfn41uEC8ncVktyz4o9nnaLwINEsBjsf0WiJs4HHTK9m6B7mIF3BYjYmCTjaxjNTAo3PofgVscmHqI_Javb-MOFu9GIfc8UNlfqZilry1t3PwDyi1PwP2l2gaVy693kkSamoGHj7-W97iXWB6RhS7vginGiMqeBbxK_P42pA-Wk2tGwVVnxuGyNpjVXtfwBG9ffXX4XSN2-XIPnlXE9FTZKSSevXGOfezy7PnXt4IqKO04ZWzOMpd1IZsVHvatptfkgjADSe-TPookyGiA2vop0RB74oJc7cYQgtvRB2-XMZ09qQ1ZkZFjKf9A3G145pl6Zz17GfW2udo-cFVU8i5k3wpAYLJyLeyUE8lkSH0bhSX7pDv69RmH0fkQHEAQp0mp-m5vIkC7_omW9dw64HYhs7fG9Aw0W34AK43DPGjiale-JPW3uzqI1u7pjWooh1mQbvryQRW9tnCJNDgwCZH7-65UU--04c4uiLnwkVhlIuULIYnQa3PU-jernNHXa3_3wABrwQa6nozpzlul6ZRHhCz-joodRY9CnLExmG1A6IPBQAcPCbOg68UQpQDx1FeKTdb-Gi7O7ClppNiDvd58WaFtSyRZqeER_TM7B2d4Tl9WmcHXT-5SxsTkTSNAaAw5tWVi5EcfZp7zS08Ki4NydNG0I13_FlvFmHXFirPSoqXms1BTlY0fZtS9QBdgzWmz9AnHN6mzGlsfgXrxqwbgPIdn8FUuyLiG6j2rZuSQGRTXCBB9WkxEkNcoLm_dqqdsb2km31Idl1o6cgEGu46_saloINdk03tsR4mJc%26bid%3D0.021&icons=mkDqSqXMrqzs1hwR_hqztIDkxkrerljSJwTzPEsuqfmcSe5kkkikyRumhDjZcD7IkcMfen1C8-a6Kkq4GT-nOx38J8Eui_aKrXH4ZR5lgGYKWV0xFnGT0Fi5Xo7VfNZ_rRDprE3BpDtk8mNATcZ5ayijE3tdv7c76MTNTSGuyLy-Pjkxqo-vTrPoXkclgaPzETlbjuM_hfQcqy6aqRoOTH3WQmUD0P1j9KnoUk0_ctctlKxYkPfOYG16SCJmTp5X2NeRoR5ZIvb9XBtbtKzfkspaD-i3f5KQtmkY6jaxhe4m0SF-fAC9IXe_pb7XD7woQH7UIMLdJbXTgmhwSFMjRUlyuvcZKMc-n9nWMxEcc43IYfYzXmheQjqkMal9JQEXVDMfmdXrYxkhd9yANxOY3nbmp-ynXBvs3A7bGIN-I-wYm5ScMenDwIquv9zCfxOVQJ3iTOTYPGWRMsfh9aUUiUVB0h4th0zcYyJc2Sk3aMxCBPsdtJ6D1DtyZR_5T_srbW7quZyqsokJHDiOrxQT7ZVH9oa_hnts_lTvPqTHkhj7OZ-8leUP6GtMMANFIaJAkOpXznmy967hM99mG4ll2jPkn-9hVIZ1mc1vOuM3bxS7mXiA4Vey7nbtw-FdGgv9T7oLZqJ7bNnt4pPS1Sf0232j9Th_7SbILboo8aws5OK37YYqucyccqhMeGH_ft4Myyry_VLSLe0_gBiDxrRNlq1jlzi9_p_FYYa8TtT79wjJjrHsDH47e0NyDll6bZIFqREz1bOGnDofoWVG3m4gLQb_kCujPg-PRW6_NsFJvxkhu1GUjyrDLOU8CcYflCBLAAEnMJlEHnpY0yZbGd4yoQNylM_0M_3RI0_6h7QYy6Nom9OJJkiO4QTVWNQqyZX5C7WFFKYWIrx_1RJXbr3OnTZ9I23axnVPrcZxSA1XyPH8M1NdOEyH8jj3ZlJcDj9OdNFRRFqySKnXuBMr4cMrYvAi3zCnPdK0YUDLNUD5el_n2bIbyeUQ-gHCrv217Tx1foucmjiFM3vp1VZoV2JPSSg0yw7-GvdWBWYNn-2HoTDiWCxzzjhRHvcMcvpIsDgeyq5iOm2vPM2cahizMaMmzW2GG3FnL668ZBVq9lnfmDyQ6L1ZZ8BY5b4Ib45SEFaZae8XFJOpF92Gs8z4dklKq7x4uJh-1yTqXA-o0TvdTiFdhzdwoqavma9XGjk2AeAG0Yqltl_GfGh4IZM9Rlf6djwN1fZDg5AGeJMaebsUvKy4AhfRipnZTE7bT2KOc5_R4-2AVXBOzL-J2E2xnFsZDuowrjIHGy7dGmcVO7nQrT4j89h_Go1YirMAf1fH5tHLEAXajGTCIp8a0vm6SNzwGqCrQM2kOF9pix8kd9L4zVOAkt-ZXffx4cVtJXhVxxGXaXVOdUn-8sy836ZvRcdfEf8X26Y&ext_cid=299547&px_id=731410224&min_cpm=0.00022512137207904499&out_id=0&campaign_type=hq&aid=127&cid=14410&uniq=ac3453ce09538fe1d037a8c2f8b3ce2529c0ea68600fd53ab01b5ca4bd27fc9e&mid=1078767577530228853&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.04089773101836436&cpm=0&verify_hash=b0d6a6502372068ac827f6b4ff19bf7c&is_native=1&real_bid=0.01861860036849981&original_bid_usd=0.021&original_bid=0.021&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,5,98,108,0&need_redirect_show=0&applied_features=yf,coef_090,main-skins-settings&show_count=1&expiration_timestamp=1734151784&image_url=https%3A%2F%2Fgfxdn.pics%2Fm%2Fp%2F0%2F883%2F883207%2Fconversions%2F0OErF2ya-in-page-ad-images.jpg&site=native-push-adult&price=0.021&hostname=auc-inpage-hz-9-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000021&ext_campaign_id_str=299547&is_webview=0&client_price=0.026598000526428297&direct_client_price=0&priority=0&client_payment_model=cpc&is_in_app=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=1a1a6b7a-399f-4350-8570-81836c0fb93f&prev_step_diff=774
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintEE:9A:59:DB:A9:CD:73:0A:9C:87:AC:9F:FE:A1:90:AA:A1:7E:F8:D4
ValidityThu, 07 Nov 2024 10:40:28 GMT - Wed, 05 Feb 2025 10:40:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=d&site_id=311410224&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fjav24.uk%2Fvideo%2Fpkpk-039&refdom=jav24.uk&auction_time=1733978984&subid=1322055138&sid=1381410128&tcid=0&ver=8.198.1&ver_c=&spot_id=1410224&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-12-12&iabcat=IAB25-3&keywords=squirting,adult,fartplay,bisexual,anal,teens,blowjob,japanese,farting&user_fp=5233951268228228042&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1322055138%26spot_id%3D1410224%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjav24.uk%252Fvideo%252Fpkpk-039%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=24406&crtid=788f015ade7a5a02de07cfccea6d71a8&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DQV_R-a8ke4EVc-kZgnnPR12fXahjzckOjDwOdhTPLFpZSJgfFJA59_R0L1M8RaOi68o3hkRMzyeoCEl9JYqB6pmEtx-OAOl8n6MQACxP2uRzLIj2s2AtEel6n11ShPk7w6vyrFW3U7bg1dveKJuLGLqIdib2H0LaibLsYk5-JJclKFqzxxso6NMnKtIAoPseV1PbF1cZtUh_DN53lcWG0FfqikOZHn7KmmFL-HWfPjtismb8f9jvkKqlAieKscE_wuUf5ycT1Qp3amS5yIx2AnbzWoQhXF7DyGRxAa1oZNKII7dFbIB8DJ0_vgPK-Wj2T4ea0NYSAfTsG2lFcwZEAASloBKjK0IsRSoz8J3-hxqeNkxkCRj3hEriImzsakskqnwi34GruMcJkerLzhZPhSox03MNMDNSEAg7b39O9Puonv0cB-NW9MJRCJeBQs7eVfn41uEC8ncVktyz4o9nnaLwINEsBjsf0WiJs4HHTK9m6B7mIF3BYjYmCTjaxjNTAo3PofgVscmHqI_Javb-MOFu9GIfc8UNlfqZilry1t3PwDyi1PwP2l2gaVy693kkSamoGHj7-W97iXWB6RhS7vginGiMqeBbxK_P42pA-Wk2tGwVVnxuGyNpjVXtfwBG9ffXX4XSN2-XIPnlXE9FTZKSSevXGOfezy7PnXt4IqKO04ZWzOMpd1IZsVHvatptfkgjADSe-TPookyGiA2vop0RB74oJc7cYQgtvRB2-XMZ09qQ1ZkZFjKf9A3G145pl6Zz17GfW2udo-cFVU8i5k3wpAYLJyLeyUE8lkSH0bhSX7pDv69RmH0fkQHEAQp0mp-m5vIkC7_omW9dw64HYhs7fG9Aw0W34AK43DPGjiale-JPW3uzqI1u7pjWooh1mQbvryQRW9tnCJNDgwCZH7-65UU--04c4uiLnwkVhlIuULIYnQa3PU-jernNHXa3_3wABrwQa6nozpzlul6ZRHhCz-joodRY9CnLExmG1A6IPBQAcPCbOg68UQpQDx1FeKTdb-Gi7O7ClppNiDvd58WaFtSyRZqeER_TM7B2d4Tl9WmcHXT-5SxsTkTSNAaAw5tWVi5EcfZp7zS08Ki4NydNG0I13_FlvFmHXFirPSoqXms1BTlY0fZtS9QBdgzWmz9AnHN6mzGlsfgXrxqwbgPIdn8FUuyLiG6j2rZuSQGRTXCBB9WkxEkNcoLm_dqqdsb2km31Idl1o6cgEGu46_saloINdk03tsR4mJc%26bid%3D0.021&icons=mkDqSqXMrqzs1hwR_hqztIDkxkrerljSJwTzPEsuqfmcSe5kkkikyRumhDjZcD7IkcMfen1C8-a6Kkq4GT-nOx38J8Eui_aKrXH4ZR5lgGYKWV0xFnGT0Fi5Xo7VfNZ_rRDprE3BpDtk8mNATcZ5ayijE3tdv7c76MTNTSGuyLy-Pjkxqo-vTrPoXkclgaPzETlbjuM_hfQcqy6aqRoOTH3WQmUD0P1j9KnoUk0_ctctlKxYkPfOYG16SCJmTp5X2NeRoR5ZIvb9XBtbtKzfkspaD-i3f5KQtmkY6jaxhe4m0SF-fAC9IXe_pb7XD7woQH7UIMLdJbXTgmhwSFMjRUlyuvcZKMc-n9nWMxEcc43IYfYzXmheQjqkMal9JQEXVDMfmdXrYxkhd9yANxOY3nbmp-ynXBvs3A7bGIN-I-wYm5ScMenDwIquv9zCfxOVQJ3iTOTYPGWRMsfh9aUUiUVB0h4th0zcYyJc2Sk3aMxCBPsdtJ6D1DtyZR_5T_srbW7quZyqsokJHDiOrxQT7ZVH9oa_hnts_lTvPqTHkhj7OZ-8leUP6GtMMANFIaJAkOpXznmy967hM99mG4ll2jPkn-9hVIZ1mc1vOuM3bxS7mXiA4Vey7nbtw-FdGgv9T7oLZqJ7bNnt4pPS1Sf0232j9Th_7SbILboo8aws5OK37YYqucyccqhMeGH_ft4Myyry_VLSLe0_gBiDxrRNlq1jlzi9_p_FYYa8TtT79wjJjrHsDH47e0NyDll6bZIFqREz1bOGnDofoWVG3m4gLQb_kCujPg-PRW6_NsFJvxkhu1GUjyrDLOU8CcYflCBLAAEnMJlEHnpY0yZbGd4yoQNylM_0M_3RI0_6h7QYy6Nom9OJJkiO4QTVWNQqyZX5C7WFFKYWIrx_1RJXbr3OnTZ9I23axnVPrcZxSA1XyPH8M1NdOEyH8jj3ZlJcDj9OdNFRRFqySKnXuBMr4cMrYvAi3zCnPdK0YUDLNUD5el_n2bIbyeUQ-gHCrv217Tx1foucmjiFM3vp1VZoV2JPSSg0yw7-GvdWBWYNn-2HoTDiWCxzzjhRHvcMcvpIsDgeyq5iOm2vPM2cahizMaMmzW2GG3FnL668ZBVq9lnfmDyQ6L1ZZ8BY5b4Ib45SEFaZae8XFJOpF92Gs8z4dklKq7x4uJh-1yTqXA-o0TvdTiFdhzdwoqavma9XGjk2AeAG0Yqltl_GfGh4IZM9Rlf6djwN1fZDg5AGeJMaebsUvKy4AhfRipnZTE7bT2KOc5_R4-2AVXBOzL-J2E2xnFsZDuowrjIHGy7dGmcVO7nQrT4j89h_Go1YirMAf1fH5tHLEAXajGTCIp8a0vm6SNzwGqCrQM2kOF9pix8kd9L4zVOAkt-ZXffx4cVtJXhVxxGXaXVOdUn-8sy836ZvRcdfEf8X26Y&ext_cid=299547&px_id=731410224&min_cpm=0.00022512137207904499&out_id=0&campaign_type=hq&aid=127&cid=14410&uniq=ac3453ce09538fe1d037a8c2f8b3ce2529c0ea68600fd53ab01b5ca4bd27fc9e&mid=1078767577530228853&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.04089773101836436&cpm=0&verify_hash=b0d6a6502372068ac827f6b4ff19bf7c&is_native=1&real_bid=0.01861860036849981&original_bid_usd=0.021&original_bid=0.021&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,5,98,108,0&need_redirect_show=0&applied_features=yf,coef_090,main-skins-settings&show_count=1&expiration_timestamp=1734151784&image_url=https%3A%2F%2Fgfxdn.pics%2Fm%2Fp%2F0%2F883%2F883207%2Fconversions%2F0OErF2ya-in-page-ad-images.jpg&site=native-push-adult&price=0.021&hostname=auc-inpage-hz-9-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000021&ext_campaign_id_str=299547&is_webview=0&client_price=0.026598000526428297&direct_client_price=0&priority=0&client_payment_model=cpc&is_in_app=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.11&cpa=1a1a6b7a-399f-4350-8570-81836c0fb93f&prev_step_diff=774 HTTP/1.1
Host: awpya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Thu, 12 Dec 2024 04:49:44 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

storage.multstorage.com/log/count.html

104.21.30.242

200 OK

882 B

URL GET HTTP/2
storage.multstorage.com/log/count.html
IP
104.21.30.242:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subjectmultstorage.com
Fingerprint96:2B:62:41:7C:56:AE:E2:BF:91:30:F3:03:0A:B7:E6:EC:70:67:7B
ValidityFri, 08 Nov 2024 05:42:46 GMT - Thu, 06 Feb 2025 05:42:45 GMT

File type
HTML document, ASCII text, with very long lines (919), with no line terminators
Size
882 B (882 bytes)
Hash
053b1fe641da8057571d40ebaf1624ab
09b2648b7d08c84621298f0b939cea5170a65022
6606334874a3edb8295831f41d3684433e4553ffe0a72e58c90926e00f39c6a4

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:38 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: d5599d8f1fc875d8e02048d5683c670b
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6NK4jl4xCgpYsJPD0SpaKySdvE4YHck%2BLB0rC45OwPkVXDm9RqmNiZ105Xk1XmJHEv7M2PZwvlvkkGR8%2FJCdP4XWl1dnVC4BmBA0MyJSaiEqZ2TtEBSONRMig%2BsJyK1myOutx%2Fwvl8DZCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f0b16c9aff7b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=824&min_rtt=406&rtt_var=872&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3205&recv_bytes=1146&delivery_rate=8337811&cwnd=254&unsent_bytes=0&cid=a9a35da47ee6df67&ts=73&x=0"
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP98-gH4upu55tHmW-sZ7rmFP46sDvH08v5MlGGgwu8KpGwJI2Wx_ybDCPYaAkQ0V3l2x_njT

64.233.161.84

302 Found

0 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP98-gH4upu55tHmW-sZ7rmFP46sDvH08v5MlGGgwu8KpGwJI2Wx_ybDCPYaAkQ0V3l2x_njT
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint08:EB:C7:D6:BA:86:9E:85:23:FF:C8:A2:9C:EE:A5:DE:3E:65:74:7A
ValidityMon, 04 Nov 2024 08:37:47 GMT - Mon, 27 Jan 2025 08:37:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP98-gH4upu55tHmW-sZ7rmFP46sDvH08v5MlGGgwu8KpGwJI2Wx_ybDCPYaAkQ0V3l2x_njT HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:Yc483Ny2V62EqSkVu_EoDNIMbof01Q:5phNDWy4DilOSeM8;Path=/;Expires=Sat, 12-Dec-2026 04:49:44 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 12 Dec 2024 04:49:44 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9_ENbwu_4okJBV-v9gZHf5gpUwSkkvEdXnuzDlMG32ezhr5Z2NnUwI56LzMDCQSCFVKH4nv-Q&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S101029217%3A1733978984399587&ddm=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-TTqrIqXQoCiqS3Q2mVbVjg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 423
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

23e023321c.c12c813990.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI4NzM5OTAwMDA1MDE5ODE2MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTM2LjAiLCJ0YWdfaWQiOjIxODMxNSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9

45.133.44.52

200 OK

0 B

URL GET HTTP/2
23e023321c.c12c813990.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI4NzM5OTAwMDA1MDE5ODE2MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTM2LjAiLCJ0YWdfaWQiOjIxODMxNSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subject23e023321c.c12c813990.com
FingerprintB2:36:D1:E6:CE:84:9A:ED:B2:D3:C2:66:F0:97:86:E0:4C:B6:DB:6E
ValidityMon, 09 Dec 2024 02:48:09 GMT - Sun, 09 Mar 2025 02:48:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI4NzM5OTAwMDA1MDE5ODE2MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTM2LjAiLCJ0YWdfaWQiOjIxODMxNSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: 23e023321c.c12c813990.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jav24.uk
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:39 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
x-cdn-host-id: ds8138
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-29VR3V2H80

142.250.74.168

200 OK

330 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-29VR3V2H80
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint4B:B1:5A:60:07:55:DD:0C:FA:98:D3:8E:E8:58:9E:E7:6A:0D:60:12
ValidityMon, 04 Nov 2024 08:37:47 GMT - Mon, 27 Jan 2025 08:37:46 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
330 kB (330449 bytes)
Hash
98df981a72af3a7f39d292c072c78b38
ee3bf5dfc8123ca3bfd47beed1de5a5d742b968a
77ce286fad141ba9f62777e8aaa12447f89155aec70513479f9a559276092517

HTTP Headers

GET /gtag/js?id=G-29VR3V2H80 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Dec 2024 04:49:37 GMT
expires: Thu, 12 Dec 2024 04:49:37 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 109775
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

js.capndr.com/advertising.js

45.133.44.53

200 OK

0 B

URL GET HTTP/2
js.capndr.com/advertising.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
FingerprintEE:F1:2E:ED:4C:FD:0A:E5:A7:9B:DC:3C:6A:9E:B9:74:A2:33:71:9D
ValidityFri, 18 Oct 2024 02:03:01 GMT - Thu, 16 Jan 2025 02:03:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Thu, 12 Dec 2024 04:54:38 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds8138
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

awpya.com/in/show/?tag_ab=d&site_id=311410224&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fjav24.uk%2Fvideo%2Fpkpk-039&refdom=jav24.uk&auction_time=1733978984&subid=1322055138&sid=1381410128&tcid=0&ver=8.198.1&ver_c=&spot_id=1410224&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-12-12&iabcat=IAB25-3&keywords=squirting,adult,fartplay,bisexual,anal,teens,blowjob,japanese,farting&user_fp=5233951268228228042&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1322055138%26spot_id%3D1410224%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjav24.uk%252Fvideo%252Fpkpk-039%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fs.viiamfoh.com%2Fh%2F746%2Fm3rugqo2xr7fvrxwzcky7lgjwktuk56n2h23ldwfzn5hqgd2n57hyeduafrcpbm4uhwe4kxrkkxezmsb75bkzctfqjzyz22szbf65rxm2cv4rzmhu5fyavzivjzod27h6bd2oqwdvdeju4pspkfpzjvwxwj27nfwmdtw6shckrfayphdgrszkru2r66urmrqoouhvzlweindehdkmrtbgaypmqws4jzbd45fkjtwe44c4xq3bvdfyaqqebhtabzckfsxw72qjznhu3rsfe3be3tcdmfc4mriibbqgsb4eivboa32hiwqiyzobrkcendzeamsufbgmnrbqcrpgyueaqydaebdynj3ev5duek5dydayvbcb4gtqnzkcq3csyi3bijbu42eaq5uqoatfebuapqiaissobrdgabsahqbeicrmnrupmtrk4qza4negldwebfdobbvh4qreljfaugsqaradyowmlqhiybwgizpoqnbwcihhnssagq2ancsaddulvuamhjabyqcagjofydbiyt3e45tygjnaygs65rtii2qifztbabdsjyfemseeizqbjxamfrsm5iasdj4diltaarnoyqeunrkhf7salb5fedb2k2peapb43qfoecciuajdj6bukjeb4whmickguvckmbdfq3gqbqbcyaawda6ainaucyfmn6qu7a2dmda2bdwhmfr4gahgieagwiadytrstzadyjg4bqkaqsfaci2pqnbopcbf5tcgcrvcq2tgiiocq5re6ziaa2caelda4csez3ye4oxkgqug4otqxz7iy3boojsgqbcuoisdyzr6izhby7begqlejxrkaj5deaeiradaecqkhqugjzcgdq3e4wq2ncheipbczyscyigo3zhgn2a2fyzdewwmia2eikcejzxciwwibi5gbccgdifm4irmorlkaeru7a2c4zu2l32bivcwbkfau6bajtifugsotzabf6ccbyggjrfaciopqnawbqmar3dasrvdadt2cacfzuaohjhj4qaepzmaulcekl3e4eximilbfgqi5rqji2rqbz5bahbi2bnburu6iach4qs4brvnn5qklztgedtiaqeoy5quhqugjzca5i3e4wq2j2peajda3roayyww6yff4ztcbztjuxxubifdykde4rdbynsolinenhsaar7fyccqkthpatq25iza4uaybdwgmdtmcahhurcyotiaynfkdzdci7s6lqggfvvkiykfuns4j2baaadyaiza47dqirleitcseizhehxsobgficqwo32g4gtcgqagandk5rxbi3ssmqhb4ivsyjobirugiqociyamkbcmr7qketwdaururzolazqemivcqtdo5ayeydtgkaaeapasiifcyzcw7yiai2dilrhdaaacfieg4ccspzdbykgqh3zcvhsadibm4ddqnrepmfbk4ayc4vrsldwgapdmfatpyqbcildauzsogrcdund4bjygzrwygqrngtuc4enmaz7e4nuxthuxzsfu26pisfbosymj37qjkihaur7svn55xgr5v3yemnofwifg4n2nvd6yvfdt6em227ijrghs5kamahxuyd5n53uarstavduutlgibzfu426nbzhtultnsieyr7cipeffm2m4vc6qqwposwtg46opgzhiseij2ofisvrmvt62t2j3zguhy2wg7wv3efcz3ohq4hjpj5olcwrjf7ltft3kneecx6fjog4wqpsokhmssvqiwjn46hvmcshlat2usai5t7z62w6t23a3jxpdxi4ocqhb5r6euwdaj3zlznbcha5aigcmctebuuqc7zieagaoqz2eathojqse5lxadasauurihstaqjqqnqaeigr25ryhmrxubbslaprczjabuiqky35bqiqkkaqdzjqie2bbapd2ij3oy4ao6qhfqzfqhzkce4cgeifom3q6eqfcu6ekv2dfmedemjbdfpdecqxen4qkpzpgadt64bufjqv4jj4bqatukayeqbcqiknhijhqxrqgudrcjaaeaktueiodixbakqphu5c23qtfncsoab6imicsejgfqgsaktspebbukzafewhskrkbnjcwcq4h42ssrbaiqitiqivfijcanaic5zd4okgh45bedqbhiqqkyblcyibeoz4gerqmpbuiercshj4fyhag7rdancv2jyscesdqkqepq7aeetohejumnchfa3esbiteq4cucqxen4qkpzpoidqedjxhqdxooawaapdmpbbg4bbin2naassiglweeedgozyea7sekqfpuubcyihoukrafr2hqptgsqugypwcpjabu7cepr4gewdgld2aubc6oyvc5rtufrocj3d6dzabi6cmolecyhdwprbaqfd4lrth5zamlabo46tszzucuib26z4ee2aup2bb4trmdrmpyqtuhrtf4zt64qffqotqprznr2rkeasoiltcakfcq2c4bbcailbaoladfysyly2gixbeaj3cunucnj6afrbgja3difd6jrcna7aegjrbimdymjmbufdebqsbu2t4b37pe7agbjjfapsawz4dajwikqobf2ccba6ge4cakzhcewc64rkhfycmfitduvswmrhaavskpr4cyhcq7rbdaztqobpgqzqmfl5omjgaqj2hyabk6z4hukukpqyheubmdripyqrqmzfaqycgjiraf6sykifb47dse3cgeltciakh45a6kr5dy7tyij2diyaonc5gixbect2hyuxg7ivhyphgpz5difbinr6na7dajzrbimdypqhgmxxebi6h42rkf3uoukqyib3c4ysacqugyigqpiscyea4yz3hebtafjcaqwb2nz6cb3sedyaci5t4dbap4jsktlbcuesy4rdcqis6ly5hr6qchqcoa6dsxl7cqxbmmzygadf4k2abqtdymbhgeqqicr6fqrsymqbcmjdeeb6maqdu5zqgu7cco2hh45aa2b5eavxiiiyhr5aomzpoicq4pzvcunu45ivbqqdifzreafd6oqpe4la4ld6eemdypqhgmxxebi6h42rkf3thalc4mdrh4qtoar4dazgqpijlj3qufakhqxs6grsaq6a24yvc5yhkfjkea2bopjiaivrwtj4cugvolaoc4tsgaaolaqcuzdzpitwgqtvc4aae5r4d4rqmkbfgevd4mbphqrcudjfhmoswjqrhmgtwpqxku3rmlqvfmvtcn2lfmebw7kwfaoxwoagderqihc4pqusybqseekek7imf47xafbqk5tswqiqd4jbyo3whacrsiqadrohyklfhagd4oddpugbgzqnhqyfozyqguedceq4fm6dwbqzd4weowb3cewaeizcaaddspqaav5t6ijabi7smplbcyhcwprcba6d4bzskqdc4erafe7ao335aexdwlz4d4qfqpbwhvscsibafiraogjehagtoiagcixtwpr6p42rmkioonvui2byinauaykepnphoxtilpg2lx4oq3hn7fmioj53ngnqtzjbh5p6vwzxkkxy5tp7kzbguwiznk3hd5xgquc6vzfgsq26hewdi3lmlypqgrcaizlckg3vl2xww6cjpge2dbhqjzwh2stsjpz5aulerk6hmwgbgqq4qtjfs5hfi74tlfsr7nixe72qtuepchs33kqnm4gege3fdv3eg3hxsma4qvf3pe%3D%3D%3D%3D%3D%3D%3Fu%3D&icons=n4hiDLtdsWqYAW9Twkodbn_FdvjbgwXfl_U0WYMqT0B2rg1_j-Ormu-pQ1bZvfl1m00tXKdPUZO9KB_A6-9bw9PnFFv1XvbewFciJk0mZzlWCgSjHNrdVsgqv1FKN2NgZi0nXELzTSYskgkoCgZLyIY4qxCxszfiHXVuZYXnmTxVXQFO2g&ext_cid=0&px_id=531410224&min_cpm=0.00585238235533526&out_id=1&campaign_type=lq-pop&aid=412&cid=2766&uniq=&mid=1078767577530228853&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.026018450376024592&cpm=0&verify_hash=4b13059a38daa7e610c8b9a8a76fc5e1&is_native=2&real_bid=0.00045563101371979674&original_bid_usd=0.000506989&original_bid=0.000506989&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,89,20,27,108,0&need_redirect_show=0&applied_features=coef_090,main-skins-settings,yf&show_count=1&expiration_timestamp=1733980784&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.000506989&hostname=auc-inpage-hz-9-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000000506989&ext_campaign_id_str=0&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=131f1dd1-42fc-4e2f-baaa-fcaba80b482f&prev_step_diff=774

116.202.249.56

200 OK

0 B

URL GET HTTP/2
awpya.com/in/show/?tag_ab=d&site_id=311410224&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fjav24.uk%2Fvideo%2Fpkpk-039&refdom=jav24.uk&auction_time=1733978984&subid=1322055138&sid=1381410128&tcid=0&ver=8.198.1&ver_c=&spot_id=1410224&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-12-12&iabcat=IAB25-3&keywords=squirting,adult,fartplay,bisexual,anal,teens,blowjob,japanese,farting&user_fp=5233951268228228042&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1322055138%26spot_id%3D1410224%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjav24.uk%252Fvideo%252Fpkpk-039%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fs.viiamfoh.com%2Fh%2F746%2Fm3rugqo2xr7fvrxwzcky7lgjwktuk56n2h23ldwfzn5hqgd2n57hyeduafrcpbm4uhwe4kxrkkxezmsb75bkzctfqjzyz22szbf65rxm2cv4rzmhu5fyavzivjzod27h6bd2oqwdvdeju4pspkfpzjvwxwj27nfwmdtw6shckrfayphdgrszkru2r66urmrqoouhvzlweindehdkmrtbgaypmqws4jzbd45fkjtwe44c4xq3bvdfyaqqebhtabzckfsxw72qjznhu3rsfe3be3tcdmfc4mriibbqgsb4eivboa32hiwqiyzobrkcendzeamsufbgmnrbqcrpgyueaqydaebdynj3ev5duek5dydayvbcb4gtqnzkcq3csyi3bijbu42eaq5uqoatfebuapqiaissobrdgabsahqbeicrmnrupmtrk4qza4negldwebfdobbvh4qreljfaugsqaradyowmlqhiybwgizpoqnbwcihhnssagq2ancsaddulvuamhjabyqcagjofydbiyt3e45tygjnaygs65rtii2qifztbabdsjyfemseeizqbjxamfrsm5iasdj4diltaarnoyqeunrkhf7salb5fedb2k2peapb43qfoecciuajdj6bukjeb4whmickguvckmbdfq3gqbqbcyaawda6ainaucyfmn6qu7a2dmda2bdwhmfr4gahgieagwiadytrstzadyjg4bqkaqsfaci2pqnbopcbf5tcgcrvcq2tgiiocq5re6ziaa2caelda4csez3ye4oxkgqug4otqxz7iy3boojsgqbcuoisdyzr6izhby7begqlejxrkaj5deaeiradaecqkhqugjzcgdq3e4wq2ncheipbczyscyigo3zhgn2a2fyzdewwmia2eikcejzxciwwibi5gbccgdifm4irmorlkaeru7a2c4zu2l32bivcwbkfau6bajtifugsotzabf6ccbyggjrfaciopqnawbqmar3dasrvdadt2cacfzuaohjhj4qaepzmaulcekl3e4eximilbfgqi5rqji2rqbz5bahbi2bnburu6iach4qs4brvnn5qklztgedtiaqeoy5quhqugjzca5i3e4wq2j2peajda3roayyww6yff4ztcbztjuxxubifdykde4rdbynsolinenhsaar7fyccqkthpatq25iza4uaybdwgmdtmcahhurcyotiaynfkdzdci7s6lqggfvvkiykfuns4j2baaadyaiza47dqirleitcseizhehxsobgficqwo32g4gtcgqagandk5rxbi3ssmqhb4ivsyjobirugiqociyamkbcmr7qketwdaururzolazqemivcqtdo5ayeydtgkaaeapasiifcyzcw7yiai2dilrhdaaacfieg4ccspzdbykgqh3zcvhsadibm4ddqnrepmfbk4ayc4vrsldwgapdmfatpyqbcildauzsogrcdund4bjygzrwygqrngtuc4enmaz7e4nuxthuxzsfu26pisfbosymj37qjkihaur7svn55xgr5v3yemnofwifg4n2nvd6yvfdt6em227ijrghs5kamahxuyd5n53uarstavduutlgibzfu426nbzhtultnsieyr7cipeffm2m4vc6qqwposwtg46opgzhiseij2ofisvrmvt62t2j3zguhy2wg7wv3efcz3ohq4hjpj5olcwrjf7ltft3kneecx6fjog4wqpsokhmssvqiwjn46hvmcshlat2usai5t7z62w6t23a3jxpdxi4ocqhb5r6euwdaj3zlznbcha5aigcmctebuuqc7zieagaoqz2eathojqse5lxadasauurihstaqjqqnqaeigr25ryhmrxubbslaprczjabuiqky35bqiqkkaqdzjqie2bbapd2ij3oy4ao6qhfqzfqhzkce4cgeifom3q6eqfcu6ekv2dfmedemjbdfpdecqxen4qkpzpgadt64bufjqv4jj4bqatukayeqbcqiknhijhqxrqgudrcjaaeaktueiodixbakqphu5c23qtfncsoab6imicsejgfqgsaktspebbukzafewhskrkbnjcwcq4h42ssrbaiqitiqivfijcanaic5zd4okgh45bedqbhiqqkyblcyibeoz4gerqmpbuiercshj4fyhag7rdancv2jyscesdqkqepq7aeetohejumnchfa3esbiteq4cucqxen4qkpzpoidqedjxhqdxooawaapdmpbbg4bbin2naassiglweeedgozyea7sekqfpuubcyihoukrafr2hqptgsqugypwcpjabu7cepr4gewdgld2aubc6oyvc5rtufrocj3d6dzabi6cmolecyhdwprbaqfd4lrth5zamlabo46tszzucuib26z4ee2aup2bb4trmdrmpyqtuhrtf4zt64qffqotqprznr2rkeasoiltcakfcq2c4bbcailbaoladfysyly2gixbeaj3cunucnj6afrbgja3difd6jrcna7aegjrbimdymjmbufdebqsbu2t4b37pe7agbjjfapsawz4dajwikqobf2ccba6ge4cakzhcewc64rkhfycmfitduvswmrhaavskpr4cyhcq7rbdaztqobpgqzqmfl5omjgaqj2hyabk6z4hukukpqyheubmdripyqrqmzfaqycgjiraf6sykifb47dse3cgeltciakh45a6kr5dy7tyij2diyaonc5gixbect2hyuxg7ivhyphgpz5difbinr6na7dajzrbimdypqhgmxxebi6h42rkf3uoukqyib3c4ysacqugyigqpiscyea4yz3hebtafjcaqwb2nz6cb3sedyaci5t4dbap4jsktlbcuesy4rdcqis6ly5hr6qchqcoa6dsxl7cqxbmmzygadf4k2abqtdymbhgeqqicr6fqrsymqbcmjdeeb6maqdu5zqgu7cco2hh45aa2b5eavxiiiyhr5aomzpoicq4pzvcunu45ivbqqdifzreafd6oqpe4la4ld6eemdypqhgmxxebi6h42rkf3thalc4mdrh4qtoar4dazgqpijlj3qufakhqxs6grsaq6a24yvc5yhkfjkea2bopjiaivrwtj4cugvolaoc4tsgaaolaqcuzdzpitwgqtvc4aae5r4d4rqmkbfgevd4mbphqrcudjfhmoswjqrhmgtwpqxku3rmlqvfmvtcn2lfmebw7kwfaoxwoagderqihc4pqusybqseekek7imf47xafbqk5tswqiqd4jbyo3whacrsiqadrohyklfhagd4oddpugbgzqnhqyfozyqguedceq4fm6dwbqzd4weowb3cewaeizcaaddspqaav5t6ijabi7smplbcyhcwprcba6d4bzskqdc4erafe7ao335aexdwlz4d4qfqpbwhvscsibafiraogjehagtoiagcixtwpr6p42rmkioonvui2byinauaykepnphoxtilpg2lx4oq3hn7fmioj53ngnqtzjbh5p6vwzxkkxy5tp7kzbguwiznk3hd5xgquc6vzfgsq26hewdi3lmlypqgrcaizlckg3vl2xww6cjpge2dbhqjzwh2stsjpz5aulerk6hmwgbgqq4qtjfs5hfi74tlfsr7nixe72qtuepchs33kqnm4gege3fdv3eg3hxsma4qvf3pe%3D%3D%3D%3D%3D%3D%3Fu%3D&icons=n4hiDLtdsWqYAW9Twkodbn_FdvjbgwXfl_U0WYMqT0B2rg1_j-Ormu-pQ1bZvfl1m00tXKdPUZO9KB_A6-9bw9PnFFv1XvbewFciJk0mZzlWCgSjHNrdVsgqv1FKN2NgZi0nXELzTSYskgkoCgZLyIY4qxCxszfiHXVuZYXnmTxVXQFO2g&ext_cid=0&px_id=531410224&min_cpm=0.00585238235533526&out_id=1&campaign_type=lq-pop&aid=412&cid=2766&uniq=&mid=1078767577530228853&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.026018450376024592&cpm=0&verify_hash=4b13059a38daa7e610c8b9a8a76fc5e1&is_native=2&real_bid=0.00045563101371979674&original_bid_usd=0.000506989&original_bid=0.000506989&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,89,20,27,108,0&need_redirect_show=0&applied_features=coef_090,main-skins-settings,yf&show_count=1&expiration_timestamp=1733980784&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.000506989&hostname=auc-inpage-hz-9-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000000506989&ext_campaign_id_str=0&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=131f1dd1-42fc-4e2f-baaa-fcaba80b482f&prev_step_diff=774
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintEE:9A:59:DB:A9:CD:73:0A:9C:87:AC:9F:FE:A1:90:AA:A1:7E:F8:D4
ValidityThu, 07 Nov 2024 10:40:28 GMT - Wed, 05 Feb 2025 10:40:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=d&site_id=311410224&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fjav24.uk%2Fvideo%2Fpkpk-039&refdom=jav24.uk&auction_time=1733978984&subid=1322055138&sid=1381410128&tcid=0&ver=8.198.1&ver_c=&spot_id=1410224&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-12-12&iabcat=IAB25-3&keywords=squirting,adult,fartplay,bisexual,anal,teens,blowjob,japanese,farting&user_fp=5233951268228228042&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1322055138%26spot_id%3D1410224%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjav24.uk%252Fvideo%252Fpkpk-039%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fs.viiamfoh.com%2Fh%2F746%2Fm3rugqo2xr7fvrxwzcky7lgjwktuk56n2h23ldwfzn5hqgd2n57hyeduafrcpbm4uhwe4kxrkkxezmsb75bkzctfqjzyz22szbf65rxm2cv4rzmhu5fyavzivjzod27h6bd2oqwdvdeju4pspkfpzjvwxwj27nfwmdtw6shckrfayphdgrszkru2r66urmrqoouhvzlweindehdkmrtbgaypmqws4jzbd45fkjtwe44c4xq3bvdfyaqqebhtabzckfsxw72qjznhu3rsfe3be3tcdmfc4mriibbqgsb4eivboa32hiwqiyzobrkcendzeamsufbgmnrbqcrpgyueaqydaebdynj3ev5duek5dydayvbcb4gtqnzkcq3csyi3bijbu42eaq5uqoatfebuapqiaissobrdgabsahqbeicrmnrupmtrk4qza4negldwebfdobbvh4qreljfaugsqaradyowmlqhiybwgizpoqnbwcihhnssagq2ancsaddulvuamhjabyqcagjofydbiyt3e45tygjnaygs65rtii2qifztbabdsjyfemseeizqbjxamfrsm5iasdj4diltaarnoyqeunrkhf7salb5fedb2k2peapb43qfoecciuajdj6bukjeb4whmickguvckmbdfq3gqbqbcyaawda6ainaucyfmn6qu7a2dmda2bdwhmfr4gahgieagwiadytrstzadyjg4bqkaqsfaci2pqnbopcbf5tcgcrvcq2tgiiocq5re6ziaa2caelda4csez3ye4oxkgqug4otqxz7iy3boojsgqbcuoisdyzr6izhby7begqlejxrkaj5deaeiradaecqkhqugjzcgdq3e4wq2ncheipbczyscyigo3zhgn2a2fyzdewwmia2eikcejzxciwwibi5gbccgdifm4irmorlkaeru7a2c4zu2l32bivcwbkfau6bajtifugsotzabf6ccbyggjrfaciopqnawbqmar3dasrvdadt2cacfzuaohjhj4qaepzmaulcekl3e4eximilbfgqi5rqji2rqbz5bahbi2bnburu6iach4qs4brvnn5qklztgedtiaqeoy5quhqugjzca5i3e4wq2j2peajda3roayyww6yff4ztcbztjuxxubifdykde4rdbynsolinenhsaar7fyccqkthpatq25iza4uaybdwgmdtmcahhurcyotiaynfkdzdci7s6lqggfvvkiykfuns4j2baaadyaiza47dqirleitcseizhehxsobgficqwo32g4gtcgqagandk5rxbi3ssmqhb4ivsyjobirugiqociyamkbcmr7qketwdaururzolazqemivcqtdo5ayeydtgkaaeapasiifcyzcw7yiai2dilrhdaaacfieg4ccspzdbykgqh3zcvhsadibm4ddqnrepmfbk4ayc4vrsldwgapdmfatpyqbcildauzsogrcdund4bjygzrwygqrngtuc4enmaz7e4nuxthuxzsfu26pisfbosymj37qjkihaur7svn55xgr5v3yemnofwifg4n2nvd6yvfdt6em227ijrghs5kamahxuyd5n53uarstavduutlgibzfu426nbzhtultnsieyr7cipeffm2m4vc6qqwposwtg46opgzhiseij2ofisvrmvt62t2j3zguhy2wg7wv3efcz3ohq4hjpj5olcwrjf7ltft3kneecx6fjog4wqpsokhmssvqiwjn46hvmcshlat2usai5t7z62w6t23a3jxpdxi4ocqhb5r6euwdaj3zlznbcha5aigcmctebuuqc7zieagaoqz2eathojqse5lxadasauurihstaqjqqnqaeigr25ryhmrxubbslaprczjabuiqky35bqiqkkaqdzjqie2bbapd2ij3oy4ao6qhfqzfqhzkce4cgeifom3q6eqfcu6ekv2dfmedemjbdfpdecqxen4qkpzpgadt64bufjqv4jj4bqatukayeqbcqiknhijhqxrqgudrcjaaeaktueiodixbakqphu5c23qtfncsoab6imicsejgfqgsaktspebbukzafewhskrkbnjcwcq4h42ssrbaiqitiqivfijcanaic5zd4okgh45bedqbhiqqkyblcyibeoz4gerqmpbuiercshj4fyhag7rdancv2jyscesdqkqepq7aeetohejumnchfa3esbiteq4cucqxen4qkpzpoidqedjxhqdxooawaapdmpbbg4bbin2naassiglweeedgozyea7sekqfpuubcyihoukrafr2hqptgsqugypwcpjabu7cepr4gewdgld2aubc6oyvc5rtufrocj3d6dzabi6cmolecyhdwprbaqfd4lrth5zamlabo46tszzucuib26z4ee2aup2bb4trmdrmpyqtuhrtf4zt64qffqotqprznr2rkeasoiltcakfcq2c4bbcailbaoladfysyly2gixbeaj3cunucnj6afrbgja3difd6jrcna7aegjrbimdymjmbufdebqsbu2t4b37pe7agbjjfapsawz4dajwikqobf2ccba6ge4cakzhcewc64rkhfycmfitduvswmrhaavskpr4cyhcq7rbdaztqobpgqzqmfl5omjgaqj2hyabk6z4hukukpqyheubmdripyqrqmzfaqycgjiraf6sykifb47dse3cgeltciakh45a6kr5dy7tyij2diyaonc5gixbect2hyuxg7ivhyphgpz5difbinr6na7dajzrbimdypqhgmxxebi6h42rkf3uoukqyib3c4ysacqugyigqpiscyea4yz3hebtafjcaqwb2nz6cb3sedyaci5t4dbap4jsktlbcuesy4rdcqis6ly5hr6qchqcoa6dsxl7cqxbmmzygadf4k2abqtdymbhgeqqicr6fqrsymqbcmjdeeb6maqdu5zqgu7cco2hh45aa2b5eavxiiiyhr5aomzpoicq4pzvcunu45ivbqqdifzreafd6oqpe4la4ld6eemdypqhgmxxebi6h42rkf3thalc4mdrh4qtoar4dazgqpijlj3qufakhqxs6grsaq6a24yvc5yhkfjkea2bopjiaivrwtj4cugvolaoc4tsgaaolaqcuzdzpitwgqtvc4aae5r4d4rqmkbfgevd4mbphqrcudjfhmoswjqrhmgtwpqxku3rmlqvfmvtcn2lfmebw7kwfaoxwoagderqihc4pqusybqseekek7imf47xafbqk5tswqiqd4jbyo3whacrsiqadrohyklfhagd4oddpugbgzqnhqyfozyqguedceq4fm6dwbqzd4weowb3cewaeizcaaddspqaav5t6ijabi7smplbcyhcwprcba6d4bzskqdc4erafe7ao335aexdwlz4d4qfqpbwhvscsibafiraogjehagtoiagcixtwpr6p42rmkioonvui2byinauaykepnphoxtilpg2lx4oq3hn7fmioj53ngnqtzjbh5p6vwzxkkxy5tp7kzbguwiznk3hd5xgquc6vzfgsq26hewdi3lmlypqgrcaizlckg3vl2xww6cjpge2dbhqjzwh2stsjpz5aulerk6hmwgbgqq4qtjfs5hfi74tlfsr7nixe72qtuepchs33kqnm4gege3fdv3eg3hxsma4qvf3pe%3D%3D%3D%3D%3D%3D%3Fu%3D&icons=n4hiDLtdsWqYAW9Twkodbn_FdvjbgwXfl_U0WYMqT0B2rg1_j-Ormu-pQ1bZvfl1m00tXKdPUZO9KB_A6-9bw9PnFFv1XvbewFciJk0mZzlWCgSjHNrdVsgqv1FKN2NgZi0nXELzTSYskgkoCgZLyIY4qxCxszfiHXVuZYXnmTxVXQFO2g&ext_cid=0&px_id=531410224&min_cpm=0.00585238235533526&out_id=1&campaign_type=lq-pop&aid=412&cid=2766&uniq=&mid=1078767577530228853&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.026018450376024592&cpm=0&verify_hash=4b13059a38daa7e610c8b9a8a76fc5e1&is_native=2&real_bid=0.00045563101371979674&original_bid_usd=0.000506989&original_bid=0.000506989&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,89,20,27,108,0&need_redirect_show=0&applied_features=coef_090,main-skins-settings,yf&show_count=1&expiration_timestamp=1733980784&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.000506989&hostname=auc-inpage-hz-9-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000000506989&ext_campaign_id_str=0&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=131f1dd1-42fc-4e2f-baaa-fcaba80b482f&prev_step_diff=774 HTTP/1.1
Host: awpya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Thu, 12 Dec 2024 04:49:44 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

7ca85fa8fc.937e30a10b.com/3ff4c9507484dbc0ed325181e023a76b.js

45.133.44.52

200 OK

190 kB

URL GET HTTP/2
7ca85fa8fc.937e30a10b.com/3ff4c9507484dbc0ed325181e023a76b.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jav24.uk/video/pkpk-039
Certificate
IssuerLet's Encrypt
Subject7ca85fa8fc.937e30a10b.com
FingerprintD1:CE:1F:CB:10:30:F1:A5:F4:80:DD:C8:9A:0E:CD:F8:E7:E7:EF:EB
ValidityMon, 09 Dec 2024 02:15:00 GMT - Sun, 09 Mar 2025 02:14:59 GMT

File type

Size
190 kB (189756 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3ff4c9507484dbc0ed325181e023a76b.js HTTP/1.1
Host: 7ca85fa8fc.937e30a10b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jav24.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Dec 2024 04:49:38 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 12 Nov 2024 08:53:05 GMT
etag: W/"67331771-2e53c"
content-encoding: gzip
expires: Thu, 12 Dec 2024 04:54:38 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds8138
access-control-allow-origin: *
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL