Report - mydesi.quest/category/shemale/

Report Overview

Visited public
2024-04-30 18:46:45
Tags
Submit Tags
URL
mydesi.quest/category/shemale/
Finishing URL
mydesi.quest/category/shemale/
IP / ASN
172.67.196.117
#13335 CLOUDFLARENET
Title
shemale - Mydesi.net

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-04-30 01:35:49	1.6 kB	50 kB	216.58.207.227
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-04-29 18:28:18	389 B	306 kB	142.250.74.40
xdn.mydesi.quest	unknown	unknown	No data	No data	3.1 kB	22 kB	172.67.196.117
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-04-30 00:40:51	434 B	7.6 kB	142.250.74.170
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2024-04-29 19:16:47	425 B	741 B	139.45.195.8
enraptureshut.com	unknown	unknown	No data	No data	2.4 kB	5.7 kB	192.243.59.13
mydesi.quest	unknown	unknown	No data	No data	6.0 kB	1.1 MB	172.67.196.117
correspondimpulsive.com	unknown	2023-05-01	2023-05-01 21:24:49	2024-02-12 03:26:22	1.2 kB	38 kB	172.240.108.76
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-04-30 13:51:23	786 B	838 B	18.185.9.67
mydesi-static.b-cdn.net	unknown	2016-04-25	2022-05-02 21:43:13	2023-11-12 09:03:58	3.6 kB	122 kB	169.150.247.40
roastoup.com	unknown	2023-10-23	2023-10-23 21:25:57	2024-04-27 22:18:57	1.9 kB	37 kB	139.45.197.242
burialsupple.com	unknown	2024-04-29	2024-04-30 07:28:58	2024-04-30 17:51:15	2.4 kB	5.7 kB	172.240.108.68
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2024-04-29 18:34:42	882 B	140 kB	45.133.44.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-30	medium	correspondimpulsive.com	Sinkholed
2024-04-30	medium	correspondimpulsive.com	Sinkholed
2024-04-30	medium	correspondimpulsive.com	Sinkholed
2024-04-30	medium	roastoup.com	Sinkholed
2024-04-30	medium	roastoup.com	Sinkholed
2024-04-30	medium	roastoup.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (23)

	URL	From	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-LJJTGK1TF1	ScriptElement	305 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-LJJTGK1TF1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 01:37 Last Seen2024-08-20 01:37 Times Seen1 Hash 9e10ce8a8de27a243c2b90d840384ee3 fa55cd492e93b8c4acb3343f12c1fb234861671c a07491fff22fe7c25c9616ce210d1e2045375418b1fc2b65d8eff28d50e3d1f2 Loading...

	correspondimpulsive.com/af7ddcd8f5f1483a72f87f5e1436ec3f/invoke.js	ScriptElement	31 kB	2024-08-20	2024-08-20
Pretty URL correspondimpulsive.com/af7ddcd8f5f1483a72f87f5e1436ec3f/invoke.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 01:37 Last Seen2024-08-20 01:37 Times Seen1 Hash 6c434458f27ea0b41e7be76b07f6d58a babe7f30068ee90f22d1fd8b16b4743a47474596 57b50b830e3d6cbd468e27bfb06ef72447b7f40f69b1651dcae9b2588462cf22 Loading...

	correspondimpulsive.com/b032ce620926cc9f6b0fdc75d238b238/invoke.js	ScriptElement	31 kB	2024-08-20	2024-08-20
Pretty URL correspondimpulsive.com/b032ce620926cc9f6b0fdc75d238b238/invoke.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 01:37 Last Seen2024-08-20 01:37 Times Seen1 Hash 2ac556afcdbf4c0b1572473ac6ba97b5 6ef96b1d69153230719f81a8a0b47701e092cadd 2e0617babf166d85a9f129a641cb286e50588aaac5b08974d07d0ed41b85e9ba Loading...

	unknown	ScriptElement	3.4 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 01:37 Last Seen2024-08-20 01:37 Times Seen1 Hash 72deabb16c7fbfdac37a423b475fc9fb fbc38b64027247467e6d965d483be069d0ed2d51 c80d05b966981b3860ee3ea08fb74ee5c44d5e07ca1d61de386281988c922469 Loading...

	mydesi.quest/category/shemale/	ScriptElement	215 B	2023-03-07	2025-07-12
Pretty URL mydesi.quest/category/shemale/ IP 172.67.196.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-07-12 23:31 Times Seen4604 Hash dc0923c33f2f758c84c52fbb61c834a3 b058be2d1733bff3d424d94ace699f13151e3df7 d37ef4938c8ae1d3621058c0b807b594bdff045977dab405590883e514289ac3 Loading...

	mydesi.quest/category/shemale/	ScriptElement	149 B	2024-04-30	2024-08-20
Pretty URL mydesi.quest/category/shemale/ IP 172.67.196.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-30 20:46 Last Seen2024-08-20 01:37 Times Seen6 Hash 2beff5a9b6ec4b978dba0ea180063412 79da61a0368bfd342693d3a105f33c4d61894f75 cba27e7119e4b6a6ae111e593a1721d9db35cec90da55fce4e0fc671d9a4a277 Loading...

	unknown	ScriptElement	3.4 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 01:37 Last Seen2024-08-20 01:37 Times Seen1 Hash fd2996237d05dc7e6f73ac5b869a4d6c ae2bc427a35f5e52bfd089fc5579703b4c63bff7 31512fc8ff1257dfb64763f7dfbabf8c42855efe36e53626129fe63e390a4e83 Loading...

	mydesi.quest/category/shemale/	ScriptElement	137 B	2024-04-30	2024-08-20
Pretty URL mydesi.quest/category/shemale/ IP 172.67.196.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-30 20:46 Last Seen2024-08-20 01:37 Times Seen7 Hash e50669419ff74412d5a8d030948bb8d5 b35074fe13d7be80b6a7af1938884ff0e699d085 0cb17be5dc0ccb699e60f930a1bebbc79580ba35b6ca1519e021abaf9ef8fdf0 Loading...

	mydesi.quest/category/shemale/	ScriptElement	136 B	2024-04-30	2024-08-20
Pretty URL mydesi.quest/category/shemale/ IP 172.67.196.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-30 20:46 Last Seen2024-08-20 01:37 Times Seen6 Hash 4f886f01f9ad58656359f79731abdbec df03618a3c14f866c1bde72b888409389864f775 ea56e6cac24b0247edb40af16c4ab9604dc15f684576f352c62400e02112663d Loading...

	mydesi.quest/category/shemale/	ScriptElement	5.8 kB	2023-03-07	2025-07-09
Pretty URL mydesi.quest/category/shemale/ IP 172.67.196.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:25 Last Seen2025-07-09 19:54 Times Seen28 Hash bc43c0dd1e731b6580ee824b3cede73d 96bd43b5cc53fce4d1d32250be0ad1bab74d5e5f 88397ff496563bdc2446fa2aeae2fcc6ee2265de2dd9baa735e107ec2b2649fe Loading...

	mydesi.quest/wp-content/litespeed/js/79f13d3cc52481ea871e3525afa58b00.js?ver=cc1f1	ScriptElement	171 kB	2024-08-20	2024-08-20
Pretty URL mydesi.quest/wp-content/litespeed/js/79f13d3cc52481ea871e3525afa58b00.js?ver=cc1f1 IP 172.67.196.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 01:37 Last Seen2024-08-20 01:37 Times Seen1 Hash 79f13d3cc52481ea871e3525afa58b00 c04f8f1dd86e883eca76f9ff60edbc6050d06a60 384d20b5e807e06ef743486dc426f566ec29876a3e2e2f6b554c00a5fd3f603a Loading...

	unknown	ScriptElement	145 B	2024-04-30	2025-06-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 20:46 Last Seen2025-06-07 08:41 Times Seen5 Hash c0727bae41c24e9ec69196bc52f4d483 e8dedf7079e0c05e0351fb41f25ebac073973009 0af343cf222fda12927500593e290be00a6853d2f4e8a7469abce8342d045ac0 Loading...

	mydesi.quest/category/shemale/	ScriptElement	66 kB	2024-04-30	2024-08-20
Pretty URL mydesi.quest/category/shemale/ IP 172.67.196.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-30 20:46 Last Seen2024-08-20 01:37 Times Seen3 Hash 3ab45b96fefb6a593d8858d25b0c1b0d ad3d7d967356fc6f88a26a0a4f8a61b91ef314f6 2e6bb641063869ce5bf9d5e460156b0a03a49d8ff994bd9fd47949490d0aea6f Loading...

	mydesi.quest/category/shemale/	ScriptElement	447 B	2024-04-30	2024-08-20
Pretty URL mydesi.quest/category/shemale/ IP 172.67.196.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-30 20:46 Last Seen2024-08-20 01:37 Times Seen3 Hash bc6eebcb2424a7168e71862a3fe38459 3a7078722002b0f6611ce32bed60bee222121728 38f8cdcb4e771ab77a40dfb2076a0cd4f5317d9cc4f4b73ab0b6c891ef9b74f2 Loading...

	mydesi.quest/category/shemale/	ScriptElement	125 B	2024-04-30	2024-08-20
Pretty URL mydesi.quest/category/shemale/ IP 172.67.196.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-30 20:46 Last Seen2024-08-20 01:37 Times Seen3 Hash 3d7ae221d4acf9349cab80d89d652202 320f3233f4470c0d8f8cad1b122cfc9d506586aa 84b125d021ef9c1176d1edad7e0e6d6d31159aa58bfba1236ac6ee54e73f1961 Loading...

	mydesi.quest/category/shemale/	ScriptElement	128 B	2024-08-20	2024-08-20
Pretty URL mydesi.quest/category/shemale/ IP 172.67.196.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 01:37 Last Seen2024-08-20 01:37 Times Seen1 Hash 451206943ccc520778d145745f747e39 f0a224a41b87da4c57740b9f0462a0ab11894cc2 c42c792778ca539ef98d9fb8c9aba426cc98bf85b0a2b64a509f3ba84e876e1d Loading...

	roastoup.com/tag.min.js	ScriptElement	90 kB	2024-04-30	2024-08-20
Pretty URL roastoup.com/tag.min.js IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 16:03 Last Seen2024-08-20 01:42 Times Seen109 Hash 3c0cfdeae8624491d4a5121fdb0bcc97 23d8a0beeab8522832e6c01284ccb96d9547cc89 b89d08a0709feb8fbef2fd8ef1441f24ac71b2ddc23a58d5538ca22441605cc0 Loading...

	mydesi.quest/wp-includes/js/jquery/jquery.min.js	ScriptElement	88 kB	2023-11-03	2025-07-13
Pretty URL mydesi.quest/wp-includes/js/jquery/jquery.min.js IP 172.67.196.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-07-13 05:27 Times Seen146747 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	mydesi.quest/category/shemale/	ScriptElement	579 B	2024-04-30	2024-08-20
Pretty URL mydesi.quest/category/shemale/ IP 172.67.196.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-30 20:46 Last Seen2024-08-20 01:37 Times Seen4 Hash a5de42a785c7c73d826bc4cf9db02fbe 13062bdf656a43cf0dec907666184b5259d7e206 37be070c64930efc5573a8bfec97c2850281c9e64874d07137ff184913ccef35 Loading...

	mydesi.quest/category/shemale/	ScriptElement	82 kB	2024-04-30	2024-10-06
Pretty URL mydesi.quest/category/shemale/ IP 172.67.196.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-30 20:46 Last Seen2024-10-06 09:11 Times Seen17 Hash 18ac63feffe9d6497f167a52dd503f81 f2c0cbb3b88dac59570c2416ba04291f7debbd21 2fef791196af3fc11dc68a7fa413e18218f636d74e6dc9a8780aae946f636ea1 Loading...

	unknown	ScriptElement	145 B	2024-04-30	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 20:46 Last Seen2024-08-20 01:37 Times Seen4 Hash cf664c2cd300fda936063a5a17b45322 36d336e2abd212a06a2484a33aa2ebbcff3145ed b0e88c85ec8d7ce827f9ac5299fd92c80da2a41974f7b755dead0e5ff56bbf31 Loading...

		Size	First Seen	Last Seen
	#1 Eval - c0ae043ec320f6e54696bf2a6bb6a24b	2.1 kB	2024-08-20 01:37	2024-08-20 01:37
Pretty Observations First Seen2024-08-20 01:37 Last Seen2024-08-20 01:37 Times Seen1 Hash c0ae043ec320f6e54696bf2a6bb6a24b 765f23e10e1fdacad57962283fcf4c32e2e15c7e 4da77a17ca92066b0bb5bb1ebe571232a7d7f6096b4008db26cbb40a250eec71 Loading...

	#2 Eval - 92a7554af2cd10530ccae806fd19502a	2.1 kB	2024-08-20 01:37	2024-08-20 01:37
Pretty Observations First Seen2024-08-20 01:37 Last Seen2024-08-20 01:37 Times Seen1 Hash 92a7554af2cd10530ccae806fd19502a c299348f488f6b2de767e3e1fcb7a6c15fd7ca09 aebf05d0496abe025b57839894634e4a1f5f66b9e022d7ba3854ddce918bf677 Loading...

HTTP Transactions (46)

URL IP Response Size

GET mydesi.quest/wp-content/themes/kolortube/fonts/fontawesome-webfont.woff2?v=4.7.0

172.67.196.117

200 OK

77 kB

URL GET HTTP/3
mydesi.quest/wp-content/themes/kolortube/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
172.67.196.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/themes/kolortube/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://mydesi.quest/wp-content/litespeed/css/19d0115e4617c5787da7754ef5055120.css?ver=cc1f1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 Apr 2024 18:46:18 GMT
content-type: font/woff2
content-length: 77160
cache-control: public, max-age=315576
expires: Sat, 04 May 2024 09:08:41 GMT
last-modified: Thu, 09 Nov 2023 21:47:04 GMT
etag: "12d68-654d5358-75ff8c28a92ac3a;;;"
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4633
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iXPdKVRLRw65r4SJTFoRfzrpAFDQMekB%2BFX4MiACvp%2BdZPEe05ya1ohY901w60VkMlLaa%2BY%2FUPnIp7sGSul593c31IJjOEYoLeoV04HOZK%2FAzbexENFjd6lDyF9iHgI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b19cebdb0b02-OSL
alt-svc: h3=":443"; ma=86400

HEAD mydesi.quest/category/shemale/

172.67.196.117

200 OK

0 B

URL HEAD HTTP/3
mydesi.quest/category/shemale/
IP
172.67.196.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /category/shemale/ HTTP/1.1
Host: mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mydesi.quest/category/shemale/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 Apr 2024 18:46:18 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
link: <https://mydesi.quest/wp-json/>; rel="https://api.w.org/", <https://mydesi.quest/wp-json/wp/v2/categories/744>; rel="alternate"; type="application/json"
x-litespeed-cache: hit
vary: User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VkGLFp2BpzC%2FPGmnemSvPFsOOzTBgEH1q1SbPtxnd%2FDVl9RbQ2zyF6bD7I3tntbtPsRyF%2BZkqO0%2BG9llaByyOSn%2BLZ8Cmah6MglGLbFrhLL3H7v0SaOxV7sqEelmYd4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b19dcced0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET mydesi.quest/wp-includes/js/jquery/jquery.min.js

172.67.196.117

200 OK

133 kB

URL GET HTTP/2
mydesi.quest/wp-includes/js/jquery/jquery.min.js
IP
172.67.196.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
133 kB (132955 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mydesi.quest/category/shemale/
DNT: 1
Connection: keep-alive
Cookie: _lscache_vary=b158e29b1c48bff09d5c2af9639eee29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:18 GMT
content-type: application/javascript
cache-control: public, max-age=315576
expires: Fri, 03 May 2024 20:15:53 GMT
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
etag: W/"15601-64ecd5ef-fd1200cf2d71932f;br"
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 51001
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hM0vCqrjlGuGR2LRmVb%2Fxa4rZi%2BK0bQ0GrC9JgH%2BY1GGjV%2FGCcfuspFLcAnUP0DmobP3u2g%2Bxv38rIvG9hH%2FGwOFSoRsZhvfxVGyWG6ovIBZUllKIBN5XCRNIUB%2BwHU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b19e8b2b56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET mydesi.quest/wp-content/themes/kolortube/fonts/fontawesome-webfont.woff2?v=4.7.0

104.21.36.153

200 OK

77 kB

URL GET HTTP/3
mydesi.quest/wp-content/themes/kolortube/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.21.36.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/themes/kolortube/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://mydesi.quest/wp-content/litespeed/css/19d0115e4617c5787da7754ef5055120.css?ver=cc1f1
DNT: 1
Connection: keep-alive
Cookie: _lscache_vary=b158e29b1c48bff09d5c2af9639eee29
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 Apr 2024 18:46:18 GMT
content-type: font/woff2
content-length: 77160
cache-control: public, max-age=315576
expires: Sat, 04 May 2024 09:08:41 GMT
last-modified: Thu, 09 Nov 2023 21:47:04 GMT
etag: "12d68-654d5358-75ff8c28a92ac3a;;;"
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4633
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7hxtbqn1wnxXAfNxL4cF8VxLmSTSkF6ssK2S%2FqMXHBBNCIPRurz3ULkyvr926HEzVdRxlBhU92nyE4CMefs%2BSBRxTd%2BTmoLgUGf5wX9Kd2f9ewDVwUOLUXP3XSPkrc4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b1a05de156bd-OSL
alt-svc: h3=":443"; ma=86400

GET xdn.mydesi.quest/wp-content/uploads/2023/11/mydesi_logo.png

172.67.196.117

403 Forbidden

16 kB

URL GET HTTP/2
xdn.mydesi.quest/wp-content/uploads/2023/11/mydesi_logo.png
IP
172.67.196.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type
JSON text data
Size
16 kB (15965 bytes)
Hash
86e025cbb5cb017e0c9ce831e833b166
72203fb4f88088877857bb33e602e6587a047799
1ab329e820d8ef8e95a3da9d3c79fb56ac0a194a30a1c36f1ea84bc5400c365e

HTTP Headers

GET /wp-content/uploads/2023/11/mydesi_logo.png HTTP/1.1
Host: xdn.mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
date: Tue, 30 Apr 2024 18:46:18 GMT
content-type: application/json;charset=utf-8
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=63072000
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXivBIOmoImxz%2FIcNA%2B7uRstkKw1x9POS8Pjjh%2Fn52L%2FoNSb3XHwDLaC2wAOGwLdAKKJb69HQp1kfUalP8hGFi0xUjU6jsNccdzumPUBRmXGJZSaRfxarVD6FCpO0TcvlwAj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b19f1cd956cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mydesi.quest
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:04:59 GMT
expires: Sat, 26 Apr 2025 06:04:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 391279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET mydesi.quest/wp-includes/js/jquery/jquery.min.js

172.67.196.117

200 OK

96 kB

URL GET HTTP/2
mydesi.quest/wp-includes/js/jquery/jquery.min.js
IP
172.67.196.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
96 kB (95756 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mydesi.quest/category/shemale/
DNT: 1
Connection: keep-alive
Cookie: _lscache_vary=b158e29b1c48bff09d5c2af9639eee29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:18 GMT
content-type: application/javascript
cache-control: public, max-age=315576
expires: Fri, 03 May 2024 20:15:53 GMT
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
etag: W/"15601-64ecd5ef-fd1200cf2d71932f;br"
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 51001
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dXW3zX9jLN38gUS5%2F6Z98yAUJ62w1ZJQk7sKYxUtqc333QJ5HwQaK%2FoBCoNzd8uxWaSx1Qbwvxl16KK1%2BXmE3q5YGYo%2BGZGwiLnk2JXiSt1Dc8xcad4Eh%2BfJQZtD47I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b19f1cd656cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET correspondimpulsive.com/af7ddcd8f5f1483a72f87f5e1436ec3f/invoke.js

172.240.108.76

200 OK

12 kB

URL GET HTTP/1.1
correspondimpulsive.com/af7ddcd8f5f1483a72f87f5e1436ec3f/invoke.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerLet's Encrypt
Subjectcorrespondimpulsive.com
FingerprintB9:DC:66:87:E6:7F:C4:8E:E0:7D:93:C2:93:8E:28:D5:C1:A8:A9:CB
ValidityFri, 26 Apr 2024 06:37:12 GMT - Thu, 25 Jul 2024 06:37:11 GMT

File type
JavaScript source, ASCII text, with very long lines (31283), with no line terminators
Size
12 kB (11813 bytes)
Hash
5b8147149d30eb9edd1cd028c1282fa7
75bf1d2fb6259fad76232665a7b737abdd1ecdfc
4b9dcac3df99379e0fbb707d43af76d4c33a890ad276e010510f903847aeb128

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /af7ddcd8f5f1483a72f87f5e1436ec3f/invoke.js HTTP/1.1
Host: correspondimpulsive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 30 Apr 2024 18:46:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0ebe03faa8416db5cc56d143256b64bc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET correspondimpulsive.com/b032ce620926cc9f6b0fdc75d238b238/invoke.js

172.240.108.76

200 OK

12 kB

URL GET HTTP/1.1
correspondimpulsive.com/b032ce620926cc9f6b0fdc75d238b238/invoke.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerLet's Encrypt
Subjectcorrespondimpulsive.com
FingerprintB9:DC:66:87:E6:7F:C4:8E:E0:7D:93:C2:93:8E:28:D5:C1:A8:A9:CB
ValidityFri, 26 Apr 2024 06:37:12 GMT - Thu, 25 Jul 2024 06:37:11 GMT

File type
JavaScript source, ASCII text, with very long lines (31250), with no line terminators
Size
12 kB (11806 bytes)
Hash
2ac556afcdbf4c0b1572473ac6ba97b5
6ef96b1d69153230719f81a8a0b47701e092cadd
2e0617babf166d85a9f129a641cb286e50588aaac5b08974d07d0ed41b85e9ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b032ce620926cc9f6b0fdc75d238b238/invoke.js HTTP/1.1
Host: correspondimpulsive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 30 Apr 2024 18:46:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a49ba5a1fb5a351505b9cbbc2faa9da4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET correspondimpulsive.com/af7ddcd8f5f1483a72f87f5e1436ec3f/invoke.js

172.240.108.76

200 OK

12 kB

URL GET HTTP/1.1
correspondimpulsive.com/af7ddcd8f5f1483a72f87f5e1436ec3f/invoke.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerLet's Encrypt
Subjectcorrespondimpulsive.com
FingerprintB9:DC:66:87:E6:7F:C4:8E:E0:7D:93:C2:93:8E:28:D5:C1:A8:A9:CB
ValidityFri, 26 Apr 2024 06:37:12 GMT - Thu, 25 Jul 2024 06:37:11 GMT

File type
JavaScript source, ASCII text, with very long lines (31253), with no line terminators
Size
12 kB (11804 bytes)
Hash
6c434458f27ea0b41e7be76b07f6d58a
babe7f30068ee90f22d1fd8b16b4743a47474596
57b50b830e3d6cbd468e27bfb06ef72447b7f40f69b1651dcae9b2588462cf22

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /af7ddcd8f5f1483a72f87f5e1436ec3f/invoke.js HTTP/1.1
Host: correspondimpulsive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 30 Apr 2024 18:46:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ec403308245d1cf359acba3924720ac0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
29aba8669426a76e9f9aea423a31690c
fce460d88df7e61168d5969bc878fe10838bade0
6dab375185dc3210b89b0dc6b2923351ed56be9ccd9719683993a5df184454cd

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydesi.quest
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mydesi.quest
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=eb004446-277f-48a6-bdd9-31ce3e0951e2:2:1; expires=Fri, 28 Apr 2034 18:46:19 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
826149fb8ddef05e00447725cb90641b
b147950eb71789e22072c17c311a0bb124314d19
a83989e832c250e3fc1f954f23d1e3a9956ab910d02d1933f2fad701b9cbb6af

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydesi.quest
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mydesi.quest
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=72611812-bd33-4eba-b18d-5d6a1d7cca22:2:1; expires=Fri, 28 Apr 2034 18:46:19 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET mydesi-static.b-cdn.net/thumb/177635.jpg

169.150.247.40

200 OK

13 kB

URL GET HTTP/2
mydesi-static.b-cdn.net/thumb/177635.jpg
IP
169.150.247.40:443
ASN
#60068 Datacamp Limited

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 854x480, Scaling: [none]x[none], YUV color, decoders should clamp
Size
13 kB (12800 bytes)
Hash
be89c4c06eb3f1011c23865fb88bb107
2ddbb038259c7a51ab1ece51d0f14ec0c8ac2b7f
edd57e5ef49abc313394b878754f866c511bfe078cc061378f2b0a453e70fcb6

HTTP Headers

GET /thumb/177635.jpg HTTP/1.1
Host: mydesi-static.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: image/webp
content-length: 12800
server: BunnyCDN-DE1-1075
cdn-pullzone: 453889
cdn-uid: 247e525c-8dac-4b66-bfe3-8c3765d1a096
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 16 Apr 2024 18:41:26 GMT
x-bo-server: ASB-198
x-downloadsize: 19338
x-bo-origindownloadtime: 122
x-bo-processingtime: 4
x-bo-compressionratio: 33.81%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/16/2024 18:41:26
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: 82877658e030500f21b8212151d69b59
cdn-cache: HIT
X-Firefox-Spdy: h2

HEAD mydesi.quest/category/shemale/

104.21.36.153

200 OK

0 B

URL HEAD HTTP/3
mydesi.quest/category/shemale/
IP
104.21.36.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /category/shemale/ HTTP/1.1
Host: mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mydesi.quest/category/shemale/
DNT: 1
Connection: keep-alive
Cookie: _lscache_vary=b158e29b1c48bff09d5c2af9639eee29; _ga_LJJTGK1TF1=GS1.1.1714502779.1.0.1714502779.0.0.0; _ga=GA1.1.789398409.1714502779
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
link: <https://mydesi.quest/wp-json/>; rel="https://api.w.org/", <https://mydesi.quest/wp-json/wp/v2/categories/744>; rel="alternate"; type="application/json"
x-litespeed-cache-control: public,max-age=16800
x-litespeed-tag: 86c_HTTP.200,86c_category,86c_URL.e862f7858bfad85a98b9327d7dd9d30f,86c_T.744,86c_
vary: User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JZiMi9dTqoNagTN9FJTfcoERbH2GByVTUkQMd4dhU1L9jlvdtwBPf9MfGissj31YnO64R%2BBD42sQTz%2Fe4b4FE7z4LbhUhAo%2FByP70hgh61Ye2n0R7rFyYjYWnvT5GeQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b1a34a9a56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET mydesi-static.b-cdn.net/thumb/175846.jpg

169.150.247.40

200 OK

13 kB

URL GET HTTP/2
mydesi-static.b-cdn.net/thumb/175846.jpg
IP
169.150.247.40:443
ASN
#60068 Datacamp Limited

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 854x480, Scaling: [none]x[none], YUV color, decoders should clamp
Size
13 kB (12984 bytes)
Hash
e28fb0855ea3a360e14956bc73b624a3
67b4403b9dbcd998b6a2e62eea626e4085af8cb6
02a4a7984c4ae78a1acc2669271a6915d583efc6d34bc0b0429c2656fb42b9d7

HTTP Headers

GET /thumb/175846.jpg HTTP/1.1
Host: mydesi-static.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: image/webp
content-length: 12984
server: BunnyCDN-DE1-1075
cdn-pullzone: 453889
cdn-uid: 247e525c-8dac-4b66-bfe3-8c3765d1a096
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 16 Apr 2024 18:42:43 GMT
x-bo-server: ASB-211
x-downloadsize: 19914
x-bo-origindownloadtime: 101
x-bo-processingtime: 4
x-bo-compressionratio: 34.8%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/16/2024 18:42:43
cdn-edgestorageid: 1054
cdn-status: 200
cdn-requestid: 96e345d28c8becc2bc128dcdb844f981
cdn-cache: HIT
X-Firefox-Spdy: h2

GET mydesi-static.b-cdn.net/thumb/173405.jpg

169.150.247.40

200 OK

9.4 kB

URL GET HTTP/2
mydesi-static.b-cdn.net/thumb/173405.jpg
IP
169.150.247.40:443
ASN
#60068 Datacamp Limited

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 854x480, Scaling: [none]x[none], YUV color, decoders should clamp
Size
9.4 kB (9402 bytes)
Hash
5079d0cf6cd6139ddd5d1ed27cb3f97d
823a76ad9aa55ca30a114c3e65b0c370124c600f
32e45ae1c1c5f44a7d1fac5c09c14b5fceb4a6f8792705cd33702a89c59b8150

HTTP Headers

GET /thumb/173405.jpg HTTP/1.1
Host: mydesi-static.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: image/webp
content-length: 9402
server: BunnyCDN-DE1-1075
cdn-pullzone: 453889
cdn-uid: 247e525c-8dac-4b66-bfe3-8c3765d1a096
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 16 Apr 2024 18:42:43 GMT
x-bo-server: DE-260
x-downloadsize: 16499
x-bo-origindownloadtime: 11
x-bo-processingtime: 4
x-bo-compressionratio: 43.01%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/16/2024 18:42:43
cdn-edgestorageid: 1049
cdn-status: 200
cdn-requestid: 07a0d2bd5f96556dbe8ceb7cac7d9b73
cdn-cache: HIT
X-Firefox-Spdy: h2

GET mydesi-static.b-cdn.net/thumb/177561.jpg

169.150.247.40

200 OK

12 kB

URL GET HTTP/2
mydesi-static.b-cdn.net/thumb/177561.jpg
IP
169.150.247.40:443
ASN
#60068 Datacamp Limited

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 854x480, Scaling: [none]x[none], YUV color, decoders should clamp
Size
12 kB (12532 bytes)
Hash
571fef93e25dfef3c682db2fe6f985eb
e12cda6e75a88573f53a45bb00dba13a2f022e14
1f1c5d73f19e28def18c8702264ab49dc201ec7fff8d8e7c5ffefb20697a134f

HTTP Headers

GET /thumb/177561.jpg HTTP/1.1
Host: mydesi-static.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: image/webp
content-length: 12532
server: BunnyCDN-DE1-1075
cdn-pullzone: 453889
cdn-uid: 247e525c-8dac-4b66-bfe3-8c3765d1a096
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 16 Apr 2024 18:42:39 GMT
x-bo-server: DE-266
x-downloadsize: 20848
x-bo-origindownloadtime: 12
x-bo-processingtime: 4
x-bo-compressionratio: 39.89%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/16/2024 18:42:39
cdn-edgestorageid: 1055
cdn-status: 200
cdn-requestid: 1b913891fd8d735f027d42e5ff1e70ee
cdn-cache: HIT
X-Firefox-Spdy: h2

GET roastoup.com/tag.min.js

139.45.197.242

200 OK

28 kB

URL GET HTTP/2
roastoup.com/tag.min.js
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerLet's Encrypt
Subjectroastoup.com
Fingerprint9A:BE:8B:FD:91:F5:FA:F3:2A:04:BB:69:B2:C7:8C:CC:7B:DE:BF:3E
ValiditySun, 31 Mar 2024 05:22:32 GMT - Sat, 29 Jun 2024 05:22:31 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
28 kB (28328 bytes)
Hash
3c0cfdeae8624491d4a5121fdb0bcc97
23d8a0beeab8522832e6c01284ccb96d9547cc89
b89d08a0709feb8fbef2fd8ef1441f24ac71b2ddc23a58d5538ca22441605cc0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: roastoup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: text/javascript; charset=utf-8
content-length: 28328
content-encoding: br
x-trace-id: 8212ae291547fbec22034945b4e422ae
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Tue, 30 Apr 2024 13:40:59 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

HEAD mydesi.quest/category/shemale/

172.67.196.117

200 OK

72 kB

URL HEAD HTTP/3
mydesi.quest/category/shemale/
IP
172.67.196.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type
HTML document, ASCII text, with very long lines (14025)
Size
72 kB (72457 bytes)
Hash
00c632dfcbc7f81f4e0422e544a5ee50
d299d90081ec3118503c5d108d72ec1c09489834
197f3ebbe9632c651d27c64029b8b7cee997cf76349f023167b1165ddc05c3fb

HTTP Headers

GET /category/shemale/ HTTP/1.1
Host: mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _lscache_vary=b158e29b1c48bff09d5c2af9639eee29
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:18 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
link: <https://mydesi.quest/wp-json/>; rel="https://api.w.org/", <https://mydesi.quest/wp-json/wp/v2/categories/744>; rel="alternate"; type="application/json"
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2Fp94aG8i43PzVDy2ieGU%2B79kXlFKKIEwB%2BFFyybxBVgkeAVY1VRAQmrMaVbKN2nsxYiHd5pi3CgYO1GsoQ8BytAVtzD1piYndS%2B%2FtVxB%2BYkCbQ2MlvtPxQu583emZQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b19e8b2a56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET mydesi-static.b-cdn.net/thumb/178471.jpg

169.150.247.40

200 OK

16 kB

URL GET HTTP/2
mydesi-static.b-cdn.net/thumb/178471.jpg
IP
169.150.247.40:443
ASN
#60068 Datacamp Limited

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 854x480, Scaling: [none]x[none], YUV color, decoders should clamp
Size
16 kB (16238 bytes)
Hash
226d1598c1a84ee4098ea190d78a324b
f2e411f67a7b6fd76a39103c43b6240dc6d493bb
8e7b8547083619441385285f99242c9f127e971e59b1a8d91bbb54efac71ee18

HTTP Headers

GET /thumb/178471.jpg HTTP/1.1
Host: mydesi-static.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: image/webp
content-length: 16238
server: BunnyCDN-DE1-1075
cdn-pullzone: 453889
cdn-uid: 247e525c-8dac-4b66-bfe3-8c3765d1a096
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 16 Apr 2024 18:43:04 GMT
x-bo-server: DE-95
x-downloadsize: 21240
x-bo-origindownloadtime: 27
x-bo-processingtime: 3
x-bo-compressionratio: 23.55%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/16/2024 18:43:04
cdn-edgestorageid: 1078
cdn-status: 200
cdn-requestid: 8eeeb85d49b5a6fcbd87a261f56b09ff
cdn-cache: HIT
X-Firefox-Spdy: h2

GET mydesi-static.b-cdn.net/thumb/178441.jpg

169.150.247.40

200 OK

8.2 kB

URL GET HTTP/2
mydesi-static.b-cdn.net/thumb/178441.jpg
IP
169.150.247.40:443
ASN
#60068 Datacamp Limited

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 854x480, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.2 kB (8220 bytes)
Hash
d0e0964529ce492916c5794fc197abad
29760832200ecabac025c6f9ca3f5eaef82ee44c
3c3062c0fc55120841c5f4c093e6b71110f895eec70fad89faf48cb7601debf7

HTTP Headers

GET /thumb/178441.jpg HTTP/1.1
Host: mydesi-static.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: image/webp
content-length: 8220
server: BunnyCDN-DE1-1075
cdn-pullzone: 453889
cdn-uid: 247e525c-8dac-4b66-bfe3-8c3765d1a096
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 16 Apr 2024 18:41:36 GMT
x-bo-server: DE-136
x-downloadsize: 14960
x-bo-origindownloadtime: 26
x-bo-processingtime: 5
x-bo-compressionratio: 45.05%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/16/2024 18:41:36
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: d2c260b084fee1b6acd30e0aec4c606a
cdn-cache: HIT
X-Firefox-Spdy: h2

GET mydesi-static.b-cdn.net/thumb/177736.jpg

169.150.247.40

200 OK

13 kB

URL GET HTTP/2
mydesi-static.b-cdn.net/thumb/177736.jpg
IP
169.150.247.40:443
ASN
#60068 Datacamp Limited

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 854x480, Scaling: [none]x[none], YUV color, decoders should clamp
Size
13 kB (12600 bytes)
Hash
4672484569459941f8854b69b213755b
4f8fc7896e080d951b056c85d2153c4acbcdd176
e10777127668df246923502b956e568fd8902941e545588b7a9104510ec75744

HTTP Headers

GET /thumb/177736.jpg HTTP/1.1
Host: mydesi-static.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: image/webp
content-length: 12600
server: BunnyCDN-DE1-1075
cdn-pullzone: 453889
cdn-uid: 247e525c-8dac-4b66-bfe3-8c3765d1a096
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 16 Apr 2024 18:42:38 GMT
x-bo-server: DE-185
x-downloadsize: 19595
x-bo-origindownloadtime: 26
x-bo-processingtime: 5
x-bo-compressionratio: 35.7%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/16/2024 18:42:38
cdn-edgestorageid: 1077
cdn-status: 200
cdn-requestid: 715853e645a57d533b6461e56a7e0b4e
cdn-cache: HIT
X-Firefox-Spdy: h2

GET mydesi-static.b-cdn.net/thumb/177637.jpg

169.150.247.40

200 OK

20 kB

URL GET HTTP/2
mydesi-static.b-cdn.net/thumb/177637.jpg
IP
169.150.247.40:443
ASN
#60068 Datacamp Limited

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 854x480, Scaling: [none]x[none], YUV color, decoders should clamp
Size
20 kB (19666 bytes)
Hash
4c0127db8f79043ca01421fe6ac29477
3b7afcab3e95ada3a85c26945e51f829febcab2b
7e6934e0148905ef8e939001129f904fcf9d9fb5b167a29c8afb0d21bbcbdddc

HTTP Headers

GET /thumb/177637.jpg HTTP/1.1
Host: mydesi-static.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: image/webp
content-length: 19666
server: BunnyCDN-DE1-1075
cdn-pullzone: 453889
cdn-uid: 247e525c-8dac-4b66-bfe3-8c3765d1a096
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 16 Apr 2024 18:43:06 GMT
x-bo-server: DE-133
x-downloadsize: 26857
x-bo-origindownloadtime: 38
x-bo-processingtime: 6
x-bo-compressionratio: 26.78%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/16/2024 18:43:06
cdn-edgestorageid: 1053
cdn-status: 200
cdn-requestid: 03933741907c83c10a20b66c5cb7c007
cdn-cache: HIT
X-Firefox-Spdy: h2

GET my.rtmark.net/gid.js?userId=00804e624bd74f30f271a77edcb9c259

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=00804e624bd74f30f271a77edcb9c259
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
63584bc78ccc17f93d361a7ce9102738
7ebfa1bb50ca7f0dc456fb250590c6fd72a72735
c8847d0c11a50ed18167cd8465f5456e08634b7ff91686db5c767727d2bd34af

HTTP Headers

GET /gid.js?userId=00804e624bd74f30f271a77edcb9c259 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydesi.quest
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 18:46:20 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://mydesi.quest
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=00804e624bd74f30f271a77edcb9c259; expires=Wed, 30 Apr 2025 18:46:20 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET burialsupple.com/watch.597200842586.js?key=b032ce620926cc9f6b0fdc75d238b238&kw=%5B%22shemale%22%2C%22-%22%2C%22mydesi%22%2C%22net%22%5D&refer=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&tz=0&dev=e&res=14.2071&uuid=72611812-bd33-4eba-b18d-5d6a1d7cca22%3A2%3A1

172.240.108.68

307 Temporary Redirect

0 B

URL GET HTTP/1.1
burialsupple.com/watch.597200842586.js?key=b032ce620926cc9f6b0fdc75d238b238&kw=%5B%22shemale%22%2C%22-%22%2C%22mydesi%22%2C%22net%22%5D&refer=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&tz=0&dev=e&res=14.2071&uuid=72611812-bd33-4eba-b18d-5d6a1d7cca22%3A2%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerLet's Encrypt
Subjectburialsupple.com
Fingerprint11:A8:82:0B:E5:A2:FE:92:CB:27:6A:45:0E:1E:E7:84:5D:B8:A6:52
ValidityMon, 29 Apr 2024 08:14:08 GMT - Sun, 28 Jul 2024 08:14:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.597200842586.js?key=b032ce620926cc9f6b0fdc75d238b238&kw=%5B%22shemale%22%2C%22-%22%2C%22mydesi%22%2C%22net%22%5D&refer=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&tz=0&dev=e&res=14.2071&uuid=72611812-bd33-4eba-b18d-5d6a1d7cca22%3A2%3A1 HTTP/1.1
Host: burialsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydesi.quest
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Tue, 30 Apr 2024 18:46:20 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mydesi.quest
Access-Control-Allow-Origin: https://mydesi.quest
Access-Control-Allow-Credentials: true
Location: https://burialsupple.com/watch.597200842586.js?dev=e&key=b032ce620926cc9f6b0fdc75d238b238&kw=%5B%22shemale%22%2C%22-%22%2C%22mydesi%22%2C%22net%22%5D&pst=1714502840&refer=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&res=14.2071&rmtc=t&shu=9995dab72613e3341667b9b67eee3280bf67b4b42b56db535193bdc848743c97a9836da90eee5bb2fd7ec3d9d7f39b928a73cc7ee9a57f718c2f0b581d91597988891351c5ed87b5f5d06fe83c64a97342dbb895df2a8a6b19cd404fb099&tz=0&uuid=72611812-bd33-4eba-b18d-5d6a1d7cca22%3A2%3A1
Set-Cookie: u_pl=21265881; expires=Wed, 01 May 2024 18:46:20 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTI2NTg4MSwiayI6ImIwMzJjZTYyMDkyNmNjOWY2YjBmZGM3NWQyMzhiMjM4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMTk5MjgwLCJwaWQiOjM0MDI5MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoia256Ym44OGF3cSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL215ZGVzaS5xdWVzdC9jYXRlZ29yeS9zaGVtYWxlLyIsImFyIjpbXX19.fhqHd750pxZgO_H55nSMRS4QFU7VrA3KiM7kg90aqWE; expires=Tue, 30 Apr 2024 18:47:20 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a682e9354934545f0dedf59ed6583341
Strict-Transport-Security: max-age=0; includeSubdomains

GET enraptureshut.com/watch.366235863836.js?key=af7ddcd8f5f1483a72f87f5e1436ec3f&kw=%5B%22shemale%22%2C%22-%22%2C%22mydesi%22%2C%22net%22%5D&refer=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&tz=0&dev=e&res=14.2071&uuid=eb004446-277f-48a6-bdd9-31ce3e0951e2%3A2%3A1

192.243.59.13

307 Temporary Redirect

0 B

URL GET HTTP/1.1
enraptureshut.com/watch.366235863836.js?key=af7ddcd8f5f1483a72f87f5e1436ec3f&kw=%5B%22shemale%22%2C%22-%22%2C%22mydesi%22%2C%22net%22%5D&refer=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&tz=0&dev=e&res=14.2071&uuid=eb004446-277f-48a6-bdd9-31ce3e0951e2%3A2%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerLet's Encrypt
Subjectenraptureshut.com
Fingerprint1D:09:0B:4D:F8:08:58:15:8B:41:5A:C9:BA:21:61:3A:BF:2F:54:96
ValidityMon, 29 Apr 2024 08:19:25 GMT - Sun, 28 Jul 2024 08:19:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.366235863836.js?key=af7ddcd8f5f1483a72f87f5e1436ec3f&kw=%5B%22shemale%22%2C%22-%22%2C%22mydesi%22%2C%22net%22%5D&refer=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&tz=0&dev=e&res=14.2071&uuid=eb004446-277f-48a6-bdd9-31ce3e0951e2%3A2%3A1 HTTP/1.1
Host: enraptureshut.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydesi.quest
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 30 Apr 2024 18:46:20 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mydesi.quest
Access-Control-Allow-Origin: https://mydesi.quest
Access-Control-Allow-Credentials: true
Location: https://enraptureshut.com/watch.366235863836.js?dev=e&key=af7ddcd8f5f1483a72f87f5e1436ec3f&kw=%5B%22shemale%22%2C%22-%22%2C%22mydesi%22%2C%22net%22%5D&pst=1714502840&refer=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&res=14.2071&rmtc=t&shu=4983b4ee3a9517c0f0ae4e96ad455d50d0c9687bdcef37dc3e258cabdfedf271f8b0a994ea339e693a442d50e0403d5296c6053c0a0ea5ba7957b482393a119cbf0a1f27f7cb2c4f52036e0380f5e40cdb8dfad8f374f8eaf5e64bff700f3b&tz=0&uuid=eb004446-277f-48a6-bdd9-31ce3e0951e2%3A2%3A1
Set-Cookie: u_pl=21265888; expires=Wed, 01 May 2024 18:46:20 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTI2NTg4OCwiayI6ImFmN2RkY2Q4ZjVmMTQ4M2E3MmY4N2Y1ZTE0MzZlYzNmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMTk5MjgwLCJwaWQiOjM0MDI5MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJ0N3RpYjNnM2ciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9teWRlc2kucXVlc3QvY2F0ZWdvcnkvc2hlbWFsZS8iLCJhciI6W119fQ.FCWFKoLjic8why09BYu2PHYFT9asqbG08cppndYsjgo; expires=Tue, 30 Apr 2024 18:47:20 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5faaeb70feaa8a20374cd90206d175a2
Strict-Transport-Security: max-age=0; includeSubdomains

GET burialsupple.com/watch.597200842586.js?dev=e&key=b032ce620926cc9f6b0fdc75d238b238&kw=%5B%22shemale%22%2C%22-%22%2C%22mydesi%22%2C%22net%22%5D&pst=1714502840&refer=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&res=14.2071&rmtc=t&shu=9995dab72613e3341667b9b67eee3280bf67b4b42b56db535193bdc848743c97a9836da90eee5bb2fd7ec3d9d7f39b928a73cc7ee9a57f718c2f0b581d91597988891351c5ed87b5f5d06fe83c64a97342dbb895df2a8a6b19cd404fb099&tz=0&uuid=72611812-bd33-4eba-b18d-5d6a1d7cca22%3A2%3A1

172.240.108.68

200 OK

2.0 kB

URL GET HTTP/1.1
burialsupple.com/watch.597200842586.js?dev=e&key=b032ce620926cc9f6b0fdc75d238b238&kw=%5B%22shemale%22%2C%22-%22%2C%22mydesi%22%2C%22net%22%5D&pst=1714502840&refer=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&res=14.2071&rmtc=t&shu=9995dab72613e3341667b9b67eee3280bf67b4b42b56db535193bdc848743c97a9836da90eee5bb2fd7ec3d9d7f39b928a73cc7ee9a57f718c2f0b581d91597988891351c5ed87b5f5d06fe83c64a97342dbb895df2a8a6b19cd404fb099&tz=0&uuid=72611812-bd33-4eba-b18d-5d6a1d7cca22%3A2%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerLet's Encrypt
Subjectburialsupple.com
Fingerprint11:A8:82:0B:E5:A2:FE:92:CB:27:6A:45:0E:1E:E7:84:5D:B8:A6:52
ValidityMon, 29 Apr 2024 08:14:08 GMT - Sun, 28 Jul 2024 08:14:07 GMT

File type
JavaScript source, ASCII text, with very long lines (2525)
Size
2.0 kB (2041 bytes)
Hash
b29ec989c17a2a6410a8581df05f3f6a
e79c945865800539ffa9a976cf040b321a24c26b
c3e2ee5136fda06c9b2633fc2e1981603d2777583b8f08e788ece9b83e1b8f27

HTTP Headers

GET /watch.597200842586.js?dev=e&key=b032ce620926cc9f6b0fdc75d238b238&kw=%5B%22shemale%22%2C%22-%22%2C%22mydesi%22%2C%22net%22%5D&pst=1714502840&refer=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&res=14.2071&rmtc=t&shu=9995dab72613e3341667b9b67eee3280bf67b4b42b56db535193bdc848743c97a9836da90eee5bb2fd7ec3d9d7f39b928a73cc7ee9a57f718c2f0b581d91597988891351c5ed87b5f5d06fe83c64a97342dbb895df2a8a6b19cd404fb099&tz=0&uuid=72611812-bd33-4eba-b18d-5d6a1d7cca22%3A2%3A1 HTTP/1.1
Host: burialsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydesi.quest
DNT: 1
Connection: keep-alive
Cookie: u_pl=21265881; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTI2NTg4MSwiayI6ImIwMzJjZTYyMDkyNmNjOWY2YjBmZGM3NWQyMzhiMjM4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMTk5MjgwLCJwaWQiOjM0MDI5MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoia256Ym44OGF3cSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL215ZGVzaS5xdWVzdC9jYXRlZ29yeS9zaGVtYWxlLyIsImFyIjpbXX19.fhqHd750pxZgO_H55nSMRS4QFU7VrA3KiM7kg90aqWE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 30 Apr 2024 18:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mydesi.quest
Access-Control-Allow-Origin: https://mydesi.quest
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=72611812-bd33-4eba-b18d-5d6a1d7cca22:2:1; expires=Tue, 07 May 2024 18:46:20 GMT; secure; SameSite=None
iprc6b27282bb6ed1ae03216cc063d451bfc=5191640; expires=Wed, 01 May 2024 18:46:20 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 01 May 2024 18:46:20 GMT; secure; SameSite=None
uncs=1; expires=Wed, 01 May 2024 18:46:20 GMT; secure; SameSite=None
pdhtkv23=true; expires=Wed, 01 May 2024 18:46:20 GMT; secure; SameSite=None
uncs23=1; expires=Wed, 01 May 2024 18:46:20 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 202776ddea770c32dc74b1a5aed9c741
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET enraptureshut.com/watch.366235863836.js?dev=e&key=af7ddcd8f5f1483a72f87f5e1436ec3f&kw=%5B%22shemale%22%2C%22-%22%2C%22mydesi%22%2C%22net%22%5D&pst=1714502840&refer=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&res=14.2071&rmtc=t&shu=4983b4ee3a9517c0f0ae4e96ad455d50d0c9687bdcef37dc3e258cabdfedf271f8b0a994ea339e693a442d50e0403d5296c6053c0a0ea5ba7957b482393a119cbf0a1f27f7cb2c4f52036e0380f5e40cdb8dfad8f374f8eaf5e64bff700f3b&tz=0&uuid=eb004446-277f-48a6-bdd9-31ce3e0951e2%3A2%3A1

192.243.59.13

200 OK

2.0 kB

URL GET HTTP/1.1
enraptureshut.com/watch.366235863836.js?dev=e&key=af7ddcd8f5f1483a72f87f5e1436ec3f&kw=%5B%22shemale%22%2C%22-%22%2C%22mydesi%22%2C%22net%22%5D&pst=1714502840&refer=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&res=14.2071&rmtc=t&shu=4983b4ee3a9517c0f0ae4e96ad455d50d0c9687bdcef37dc3e258cabdfedf271f8b0a994ea339e693a442d50e0403d5296c6053c0a0ea5ba7957b482393a119cbf0a1f27f7cb2c4f52036e0380f5e40cdb8dfad8f374f8eaf5e64bff700f3b&tz=0&uuid=eb004446-277f-48a6-bdd9-31ce3e0951e2%3A2%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerLet's Encrypt
Subjectenraptureshut.com
Fingerprint1D:09:0B:4D:F8:08:58:15:8B:41:5A:C9:BA:21:61:3A:BF:2F:54:96
ValidityMon, 29 Apr 2024 08:19:25 GMT - Sun, 28 Jul 2024 08:19:24 GMT

File type
JavaScript source, ASCII text, with very long lines (2520)
Size
2.0 kB (2037 bytes)
Hash
a6c470191f873413a44e30d8df7446bf
ba4113b0094f8d0319bad26a6b76ec8ac2c97a53
5bd9aeaa3214c4f1f192eead4859f0c27647baa550a27344d787d0cfad5f80b0

HTTP Headers

GET /watch.366235863836.js?dev=e&key=af7ddcd8f5f1483a72f87f5e1436ec3f&kw=%5B%22shemale%22%2C%22-%22%2C%22mydesi%22%2C%22net%22%5D&pst=1714502840&refer=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&res=14.2071&rmtc=t&shu=4983b4ee3a9517c0f0ae4e96ad455d50d0c9687bdcef37dc3e258cabdfedf271f8b0a994ea339e693a442d50e0403d5296c6053c0a0ea5ba7957b482393a119cbf0a1f27f7cb2c4f52036e0380f5e40cdb8dfad8f374f8eaf5e64bff700f3b&tz=0&uuid=eb004446-277f-48a6-bdd9-31ce3e0951e2%3A2%3A1 HTTP/1.1
Host: enraptureshut.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydesi.quest
DNT: 1
Connection: keep-alive
Cookie: u_pl=21265888; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTI2NTg4OCwiayI6ImFmN2RkY2Q4ZjVmMTQ4M2E3MmY4N2Y1ZTE0MzZlYzNmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMTk5MjgwLCJwaWQiOjM0MDI5MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJ0N3RpYjNnM2ciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9teWRlc2kucXVlc3QvY2F0ZWdvcnkvc2hlbWFsZS8iLCJhciI6W119fQ.FCWFKoLjic8why09BYu2PHYFT9asqbG08cppndYsjgo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 30 Apr 2024 18:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mydesi.quest
Access-Control-Allow-Origin: https://mydesi.quest
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=eb004446-277f-48a6-bdd9-31ce3e0951e2:2:1; expires=Tue, 07 May 2024 18:46:20 GMT; secure; SameSite=None
iprc5e10b5e1ecadb8e19873d8097de242cd=5191357; expires=Wed, 01 May 2024 18:46:20 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 01 May 2024 18:46:20 GMT; secure; SameSite=None
uncs=1; expires=Wed, 01 May 2024 18:46:20 GMT; secure; SameSite=None
pdhtkv5=true; expires=Wed, 01 May 2024 18:46:20 GMT; secure; SameSite=None
uncs5=1; expires=Wed, 01 May 2024 18:46:20 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 35487063eca3db44558a775a692826eb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET xdn.mydesi.quest/wp-content/uploads/2023/11/cropped-2021-05-07_021735-192x192-1-150x150.png

104.21.36.153

403 Forbidden

608 B

URL GET HTTP/3
xdn.mydesi.quest/wp-content/uploads/2023/11/cropped-2021-05-07_021735-192x192-1-150x150.png
IP
104.21.36.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type
JSON text data
Size
608 B (608 bytes)
Hash
86e025cbb5cb017e0c9ce831e833b166
72203fb4f88088877857bb33e602e6587a047799
1ab329e820d8ef8e95a3da9d3c79fb56ac0a194a30a1c36f1ea84bc5400c365e

HTTP Headers

GET /wp-content/uploads/2023/11/cropped-2021-05-07_021735-192x192-1-150x150.png HTTP/1.1
Host: xdn.mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _ga_LJJTGK1TF1=GS1.1.1714502779.1.0.1714502779.0.0.0; _ga=GA1.1.789398409.1714502779
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
date: Tue, 30 Apr 2024 18:46:20 GMT
content-type: application/json;charset=utf-8
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=63072000
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tHIpC%2Fq6JJhj3mYE9irCJcazf943bYzkQpshk1URHUoei3at8qRegYxRwc5ZYLUAKpGJ33YpnGlTwmfc4OlFTrCMxtavKt4dauu0SLn1nyhQc4qZY2hersfatLqdCC9zL2LB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b1aa5c6056bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET cdn.cloudimagesb.com/cti/17/19/34/171934cf2a024c013ac2c2b0805d9eae/1711620479.jpg

45.133.44.10

200 OK

75 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/17/19/34/171934cf2a024c013ac2c2b0805d9eae/1711620479.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, baseline, precision 8, 300x250, components 3
Size
75 kB (75237 bytes)
Hash
156f3383d85fab2d082c4d0e64549de1
0b475fdfafa1cfae8ddd899beb3d2e7120f99d06
ae5f621f49ad4c3cd9b5c19f1e244097c627a02349dc9c50da49455f4c44a107

HTTP Headers

GET /cti/17/19/34/171934cf2a024c013ac2c2b0805d9eae/1711620479.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:20 GMT
content-type: image/jpeg
content-length: 75237
server: nginx/1.21.6
last-modified: Thu, 28 Mar 2024 10:08:08 GMT
etag: "66054188-125e5"
expires: Thu, 02 May 2024 18:46:20 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdn.cloudimagesb.com/cti/4d/d9/00/4dd9001a8b835337ba6f030efe1c7f96/1711621579.jpg

45.133.44.10

200 OK

64 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/4d/d9/00/4dd9001a8b835337ba6f030efe1c7f96/1711621579.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, baseline, precision 8, 728x90, components 3
Size
64 kB (63639 bytes)
Hash
c416d00adf54f22a0a7059110288f1ba
041feade34f9021e60d153b9d82d3d2c5ac8c945
3d5e90fa0e3b161d4b31e354eefebe2e01913b4510ef7975a88be2a39a711d93

HTTP Headers

GET /cti/4d/d9/00/4dd9001a8b835337ba6f030efe1c7f96/1711621579.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:20 GMT
content-type: image/jpeg
content-length: 63639
server: nginx/1.21.6
last-modified: Thu, 28 Mar 2024 10:26:28 GMT
etag: "660545d4-f897"
expires: Thu, 02 May 2024 18:46:20 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET mydesi.quest/wp-content/themes/kolortube/img/search.svg

104.21.36.153

200 OK

716 B

URL GET HTTP/3
mydesi.quest/wp-content/themes/kolortube/img/search.svg
IP
104.21.36.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type
SVG Scalable Vector Graphics image
Size
716 B (716 bytes)
Hash
badc43f440da5acae3c1151a264b1d09
3ca5af684c0360fb8ad2428b8416d951a6e9440a
9841b28b09c142e18c221e098143467612eddabc3094b9f1e93ddd0055a31d66

HTTP Headers

GET /wp-content/themes/kolortube/img/search.svg HTTP/1.1
Host: mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mydesi.quest/category/shemale/
DNT: 1
Connection: keep-alive
Cookie: _lscache_vary=b158e29b1c48bff09d5c2af9639eee29
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 30 Apr 2024 18:46:18 GMT
content-type: image/svg+xml
cache-control: public, max-age=315576
expires: Sat, 04 May 2024 10:22:28 GMT
last-modified: Thu, 09 Nov 2023 21:47:04 GMT
etag: W/"2cc-654d5358-ae62968cf56cb7a5;br"
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 206
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xU%2FwBP3MBhcfvf1pOdyX58zNmtMaeCUsGaG4xWP6XB6KxwPtHFKaZq0u5XSk0y6qDpGcx7vaynVeYvz%2Bq1MoqlbpkMi3loO7HpEI9lBzohot%2FoBnKftcfWgugdUkq2c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b1a05dd756bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mydesi.quest
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Apr 2024 00:31:40 GMT
expires: Wed, 30 Apr 2025 00:31:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 65678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET mydesi-static.b-cdn.net/thumb/177636.jpg

169.150.247.40

200 OK

11 kB

URL GET HTTP/2
mydesi-static.b-cdn.net/thumb/177636.jpg
IP
169.150.247.40:443
ASN
#60068 Datacamp Limited

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 854x480, Scaling: [none]x[none], YUV color, decoders should clamp
Size
11 kB (10938 bytes)
Hash
4632d311fee3ecafeb049075e7f15564
d526e7ce91679d5601c905616373ea9e4b752eb0
64e13c664cca4b10019c0b2ed8e26cfc3ffcb0888de39dc122ba405b31e30764

HTTP Headers

GET /thumb/177636.jpg HTTP/1.1
Host: mydesi-static.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: image/webp
content-length: 10938
server: BunnyCDN-DE1-1075
cdn-pullzone: 453889
cdn-uid: 247e525c-8dac-4b66-bfe3-8c3765d1a096
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 16 Apr 2024 18:43:06 GMT
x-bo-server: DE-264
x-downloadsize: 18766
x-bo-origindownloadtime: 27
x-bo-processingtime: 4
x-bo-compressionratio: 41.71%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/16/2024 18:43:06
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 426d8fd6c601decce47da662f031ded1
cdn-cache: HIT
X-Firefox-Spdy: h2

GET xdn.mydesi.quest/wp-content/uploads/2023/11/cropped-2021-05-07_021735-192x192-1.png

104.21.36.153

403 Forbidden

0 B

URL GET HTTP/3
xdn.mydesi.quest/wp-content/uploads/2023/11/cropped-2021-05-07_021735-192x192-1.png
IP
104.21.36.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/uploads/2023/11/cropped-2021-05-07_021735-192x192-1.png HTTP/1.1
Host: xdn.mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _ga_LJJTGK1TF1=GS1.1.1714502779.1.0.1714502779.0.0.0; _ga=GA1.1.789398409.1714502779
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
date: Tue, 30 Apr 2024 18:46:20 GMT
content-type: application/json;charset=utf-8
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=63072000
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ssTK5d355hr3o3bf5P9bnmeE15cY31dxkO1L0Loe%2FtDi7VdkXjBwf1hYyb%2BK%2Fs%2Fx%2BGGmaMHlGmR9v%2BEqKawre3J7I%2FTSh9AO%2BiFXjXmUly5xqM31%2FIv5WiEaT5eBYk%2Fd4kT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b1aa5c5e56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700&display=swap&ver=1.0.0

142.250.74.170

200 OK

7.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700&display=swap&ver=1.0.0
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (7193), with no line terminators
Size
7.0 kB (7004 bytes)
Hash
79cd7cd1cadc1ca5448ecf2a39abb598
207c2428f747b5b92bb58fbcee9e4a346049cb82
b61c6fd07676b7d995377646f3b437dadf319ec707e935b3d287da3ac2b848c6

HTTP Headers

GET /css?family=Roboto%3A400%2C500%2C700&display=swap&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 30 Apr 2024 18:46:18 GMT
date: Tue, 30 Apr 2024 18:46:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET xdn.mydesi.quest/wp-content/uploads/2023/11/180431-400x225.jpg

104.21.36.153

403 Forbidden

0 B

URL GET HTTP/3
xdn.mydesi.quest/wp-content/uploads/2023/11/180431-400x225.jpg
IP
104.21.36.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/uploads/2023/11/180431-400x225.jpg HTTP/1.1
Host: xdn.mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _ga_LJJTGK1TF1=GS1.1.1714502779.1.0.1714502779.0.0.0; _ga=GA1.1.789398409.1714502779
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: application/json;charset=utf-8
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=63072000
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKOmJIF0aiB6o5pMHujU%2BY8w4eXOVclrqM1ite%2B6dnwseUj%2B9YZn%2BZTU2evKIyya3WfgWSOfg7S47k7TwaOQ2TnRVIV%2F55nY3axG1MX1tg%2BCqxsmEQfvBNaOz%2BRhE%2BfqxmO5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b1a37ade56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET mydesi.quest/wp-content/themes/kolortube/img/search.svg

104.21.36.153

200 OK

716 B

URL GET HTTP/3
mydesi.quest/wp-content/themes/kolortube/img/search.svg
IP
104.21.36.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type
SVG Scalable Vector Graphics image
Size
716 B (716 bytes)
Hash
badc43f440da5acae3c1151a264b1d09
3ca5af684c0360fb8ad2428b8416d951a6e9440a
9841b28b09c142e18c221e098143467612eddabc3094b9f1e93ddd0055a31d66

HTTP Headers

GET /wp-content/themes/kolortube/img/search.svg HTTP/1.1
Host: mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mydesi.quest/category/shemale/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: _lscache_vary=b158e29b1c48bff09d5c2af9639eee29; _ga_LJJTGK1TF1=GS1.1.1714502779.1.0.1714502779.0.0.0; _ga=GA1.1.789398409.1714502779
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=315576
expires: Sat, 04 May 2024 10:22:28 GMT
last-modified: Thu, 09 Nov 2023 21:47:04 GMT
etag: W/"2cc-654d5358-ae62968cf56cb7a5;br"
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 207
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r41275%2F0qoiYbZxI%2BTNHFaE8XuuEpUNmszlJQgRonJB3qZWieEHJkaYR7KzVuDTtHVWXhkGODqcc4jf7pXwJGwYfR3VsvWaNQxeHYfu8NG1Xh2WiAoA4I1prLsOQ9Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b1a41be056bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET roastoup.com/?rb=--ywvl3RrgRrGy0GKEasGokmG944tBh1QYCcZe4xTpL0q0mY5mcE7mAFP0TuSfA7DyyoUlNli0fphyd_w8TSVGuXPNHdkrzhwB0i4A40HorZMjL0fYu7NqTMUpih_QDN2K8IQpybyB9G4L92z6SISVErnLlyXILu_9ZSgH0G9MReYZU-BdtmV9PixJzYfjKmMFL7eP-dkfd2h_DTt5CDTCcWRELvfUV3bmK8R5YI-ZA%3D&request_ab2=0&zoneid=6454854&js_build=iclick-v1.788.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.0&navlng=en-US&pnt=1&pnrc=0&bs=5556c052-3690-4789-b205-ad4c45246b17&wasm=1&userId=00804e624bd74f30f271a77edcb9c259&m=link

139.45.197.242

200 OK

2.3 kB

URL GET HTTP/2
roastoup.com/?rb=--ywvl3RrgRrGy0GKEasGokmG944tBh1QYCcZe4xTpL0q0mY5mcE7mAFP0TuSfA7DyyoUlNli0fphyd_w8TSVGuXPNHdkrzhwB0i4A40HorZMjL0fYu7NqTMUpih_QDN2K8IQpybyB9G4L92z6SISVErnLlyXILu_9ZSgH0G9MReYZU-BdtmV9PixJzYfjKmMFL7eP-dkfd2h_DTt5CDTCcWRELvfUV3bmK8R5YI-ZA%3D&request_ab2=0&zoneid=6454854&js_build=iclick-v1.788.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.0&navlng=en-US&pnt=1&pnrc=0&bs=5556c052-3690-4789-b205-ad4c45246b17&wasm=1&userId=00804e624bd74f30f271a77edcb9c259&m=link
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerLet's Encrypt
Subjectroastoup.com
Fingerprint9A:BE:8B:FD:91:F5:FA:F3:2A:04:BB:69:B2:C7:8C:CC:7B:DE:BF:3E
ValiditySun, 31 Mar 2024 05:22:32 GMT - Sat, 29 Jun 2024 05:22:31 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2280), with no line terminators
Size
2.3 kB (2257 bytes)
Hash
bdc77e8ac2be3517e7990834531110ae
8e85828e61b3e81985db846e7de5e3cf043292c4
750e8d0c7da78a27c7294f8310cbf67ee9ada0ac41ed9254ae2e47c0234a863a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=--ywvl3RrgRrGy0GKEasGokmG944tBh1QYCcZe4xTpL0q0mY5mcE7mAFP0TuSfA7DyyoUlNli0fphyd_w8TSVGuXPNHdkrzhwB0i4A40HorZMjL0fYu7NqTMUpih_QDN2K8IQpybyB9G4L92z6SISVErnLlyXILu_9ZSgH0G9MReYZU-BdtmV9PixJzYfjKmMFL7eP-dkfd2h_DTt5CDTCcWRELvfUV3bmK8R5YI-ZA%3D&request_ab2=0&zoneid=6454854&js_build=iclick-v1.788.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fmydesi.quest%2Fcategory%2Fshemale%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.0&navlng=en-US&pnt=1&pnrc=0&bs=5556c052-3690-4789-b205-ad4c45246b17&wasm=1&userId=00804e624bd74f30f271a77edcb9c259&m=link HTTP/1.1
Host: roastoup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydesi.quest
DNT: 1
Connection: keep-alive
Cookie: OAID=00804e624bd74f30f271a77edcb9c259; oaidts=1714502779
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 18:46:20 GMT
content-type: application/json
x-trace-id: c7c9552088a29954f3dd292657b9f260
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://mydesi.quest
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00804e624bd74f30f271a77edcb9c259; expires=Wed, 30 Apr 2025 18:46:20 GMT; path=/; secure; SameSite=None
oaidts=1714502780; expires=Wed, 30 Apr 2025 18:46:20 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 07 May 2024 18:46:20 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

GET mydesi.quest/wp-content/litespeed/css/19d0115e4617c5787da7754ef5055120.css?ver=cc1f1

172.67.196.117

200 OK

458 kB

URL GET HTTP/2
mydesi.quest/wp-content/litespeed/css/19d0115e4617c5787da7754ef5055120.css?ver=cc1f1
IP
172.67.196.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type

Size
458 kB (457892 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/litespeed/css/19d0115e4617c5787da7754ef5055120.css?ver=cc1f1 HTTP/1.1
Host: mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mydesi.quest/category/shemale/
DNT: 1
Connection: keep-alive
Cookie: _lscache_vary=b158e29b1c48bff09d5c2af9639eee29
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:18 GMT
content-type: text/css
cache-control: public, max-age=315576
expires: Sat, 04 May 2024 09:06:52 GMT
last-modified: Fri, 26 Apr 2024 12:24:25 GMT
etag: W/"6fca4-662b9cf9-a5c1cb74d5e67ee0;br"
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qyBMzCfDgvaRhNrsrnzIIJuVeL5v2nlh%2FhkqWu9u55faPiWA2E3bXv7I8Hbi9VfP6sX3UeZQYjLKa5wxlFE%2B4pZrEWBT6vKe4UX8FiBycVnMnpPKvpG6HZHVBOHen68%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b19f1ccc56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET xdn.mydesi.quest/wp-content/uploads/2024/02/185153-400x225.jpg

104.21.36.153

403 Forbidden

0 B

URL GET HTTP/3
xdn.mydesi.quest/wp-content/uploads/2024/02/185153-400x225.jpg
IP
104.21.36.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/uploads/2024/02/185153-400x225.jpg HTTP/1.1
Host: xdn.mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _ga_LJJTGK1TF1=GS1.1.1714502779.1.0.1714502779.0.0.0; _ga=GA1.1.789398409.1714502779
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: application/json;charset=utf-8
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=63072000
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1xKfiu1haePLlkK65vIqlbHbnWKLA2ZCqsqemjb6ALx99qO%2FUCzy4GrsvvTS8mI6KYh0bQ175v8WGVwsJq7y7KJSOdseoWC9wFseFOJsnwNWXLFQcwTcmdQP2xWuLElsE1T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b1a36ac656bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET roastoup.com/5/6454854/?oo=1&aab=1

139.45.197.242

200 OK

2.8 kB

URL GET HTTP/2
roastoup.com/5/6454854/?oo=1&aab=1
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerLet's Encrypt
Subjectroastoup.com
Fingerprint9A:BE:8B:FD:91:F5:FA:F3:2A:04:BB:69:B2:C7:8C:CC:7B:DE:BF:3E
ValiditySun, 31 Mar 2024 05:22:32 GMT - Sat, 29 Jun 2024 05:22:31 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3060), with no line terminators
Size
2.8 kB (2816 bytes)
Hash
e60038d1449b5b11758a0ff9a6efca1d
5685e4e2344b1afe6ac495a83250b0eccdd44446
68a8dd625c57a20e4bbfbaf7956bb5999a736cc28016ab371e239fdea365ce0b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6454854/?oo=1&aab=1 HTTP/1.1
Host: roastoup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydesi.quest
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: application/json
x-trace-id: 91bdff0ef88a1e7296cc1f77ae6fba76
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://mydesi.quest
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00804e624bd74f30f271a77edcb9c259; expires=Wed, 30 Apr 2025 18:46:19 GMT; path=/; secure; SameSite=None
oaidts=1714502779; expires=Wed, 30 Apr 2025 18:46:19 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-LJJTGK1TF1

142.250.74.40

200 OK

305 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-LJJTGK1TF1
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
305 kB (305405 bytes)
Hash
9e10ce8a8de27a243c2b90d840384ee3
fa55cd492e93b8c4acb3343f12c1fb234861671c
a07491fff22fe7c25c9616ce210d1e2045375418b1fc2b65d8eff28d50e3d1f2

HTTP Headers

GET /gtag/js?id=G-LJJTGK1TF1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 30 Apr 2024 18:46:18 GMT
expires: Tue, 30 Apr 2024 18:46:18 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101559
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET xdn.mydesi.quest/wp-content/uploads/2023/12/181728-400x225.jpg

104.21.36.153

403 Forbidden

0 B

URL GET HTTP/3
xdn.mydesi.quest/wp-content/uploads/2023/12/181728-400x225.jpg
IP
104.21.36.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/uploads/2023/12/181728-400x225.jpg HTTP/1.1
Host: xdn.mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _ga_LJJTGK1TF1=GS1.1.1714502779.1.0.1714502779.0.0.0; _ga=GA1.1.789398409.1714502779
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
date: Tue, 30 Apr 2024 18:46:19 GMT
content-type: application/json;charset=utf-8
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=63072000
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HExPQhdYrxnCNxLY4DeKjzodqr5M79e9YrKaqlvim%2FPRVGeIZUPUAPJZoVuCZ5jxFddL76Ab%2F9%2BicBdanS0Xat8CZaQQ%2FhFjVh3UQZfRzUG6yvkGB6piitKW94HuCDjvI2cF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b1a37ad056bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET mydesi.quest/wp-content/litespeed/js/79f13d3cc52481ea871e3525afa58b00.js?ver=cc1f1

172.67.196.117

200 OK

171 kB

URL GET HTTP/2
mydesi.quest/wp-content/litespeed/js/79f13d3cc52481ea871e3525afa58b00.js?ver=cc1f1
IP
172.67.196.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subjectmydesi.quest
Fingerprint9E:DC:C7:9B:C1:29:FF:F1:2E:FA:84:BD:53:40:BA:BC:29:19:C0:43
ValidityWed, 24 Apr 2024 11:22:42 GMT - Tue, 23 Jul 2024 11:22:41 GMT

File type
JavaScript source, ASCII text, with very long lines (27390)
Size
171 kB (171268 bytes)
Hash
79f13d3cc52481ea871e3525afa58b00
c04f8f1dd86e883eca76f9ff60edbc6050d06a60
384d20b5e807e06ef743486dc426f566ec29876a3e2e2f6b554c00a5fd3f603a

HTTP Headers

GET /wp-content/litespeed/js/79f13d3cc52481ea871e3525afa58b00.js?ver=cc1f1 HTTP/1.1
Host: mydesi.quest
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mydesi.quest/category/shemale/
DNT: 1
Connection: keep-alive
Cookie: _lscache_vary=b158e29b1c48bff09d5c2af9639eee29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 Apr 2024 18:46:18 GMT
content-type: application/javascript
cache-control: public, max-age=315576
expires: Sat, 04 May 2024 10:18:10 GMT
last-modified: Fri, 26 Apr 2024 12:24:25 GMT
etag: W/"29d04-662b9cf9-241ad54e8d5d11b3;br"
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 463
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2Fqd5kjqsPKwFGT64%2BYssLX4cFubnMelsyfParQnjUc3uEKGeE7lHskip%2Be%2FkwRtC0dDC9abBfz7ospSSFIVMgMK196Zm7LOgfwHIjIH1ma6vZfHFaH2iV4k9I2Ergc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 87c9b19f7da956cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mydesi.quest/category/shemale/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mydesi.quest
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:02:10 GMT
expires: Sat, 26 Apr 2025 06:02:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 391449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN