urlscan.io logo urlscan.io
SecurityTrails logo

avfacebook.twsex123.com Open in urlscan Pro
2606:4700:3037::681b:8091  Public Scan

Go To Rescan Add Verdict Report
URL: https://avfacebook.twsex123.com/
Submission Tags: @phishunt_io
Submission: On December 05 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3037::681b:8091, located in United States and belongs to CLOUDFLARENET, US. The main domain is avfacebook.twsex123.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2020. Valid for: a year.
This is the only time avfacebook.twsex123.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
12 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
8 2606:4700:303... 13335 (CLOUDFLAR...)
5 104.75.88.112 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
5 185.94.237.101 42567 (MOJHOST-EU)
1 209.126.105.32 30083 (AS-30083-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2.18.235.40 16625 (AKAMAI-AS)
39 12
1    2606:4700:3037::681b:8091 (United States)

ASN13335 (CLOUDFLARENET, US)
avfacebook.twsex123.com
12    2606:4700:3036::681c:1cfe (United States)

ASN13335 (CLOUDFLARENET, US)
18av.andygod.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
8    2606:4700:3034::681c:142b (United States)

ASN13335 (CLOUDFLARENET, US)
www.av-yoyo.com
5    104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    185.94.237.101 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
adserver.juicyads.com
1    209.126.105.32 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: condor1031.server4you.de
xb99.net
2    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
Domain Requested by
12 18av.andygod.com avfacebook.twsex123.com
8 www.av-yoyo.com avfacebook.twsex123.com
5 adserver.juicyads.com avfacebook.twsex123.com
3 www.google-analytics.com avfacebook.twsex123.com
www.google-analytics.com
3 s7.addthis.com avfacebook.twsex123.com
s7.addthis.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 xb99.net avfacebook.twsex123.com
1 code.jquery.com avfacebook.twsex123.com
1 ajax.googleapis.com avfacebook.twsex123.com
1 avfacebook.twsex123.com
39 12
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-10 -
2021-07-10		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1		 2020-07-22 -
2021-10-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.juicyads.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-20 -
2022-04-23		 2 years crt.sh
xb99.net
R3		 2020-12-03 -
2021-03-03		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2021-03-17		 a year crt.sh

This page contains 9 frames:

Primary Page: https://avfacebook.twsex123.com/
Frame ID: 92429998A256139842DB6D55F61CC4AE
Requests: 31 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=518632
Frame ID: F4C6D8B3FEB33DC9A7D5ACB6149EF26F
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=518636
Frame ID: E4340AF50A23A55B0908019D6D2D21A6
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=518633
Frame ID: C2AC03398F62AAD1EF62F75FC800028D
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=518634
Frame ID: 3E4A1B5980FB1D7A94A24F0C3231D5BE
Requests: 1 HTTP requests in this frame

Frame: https://xb99.net/cgi-bin/ad300_250.cgi?id=shop
Frame ID: 45599B48EA79A9587C25042D97B5622E
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=518639
Frame ID: A3F97E1E69D02EA910041AA41146B100
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 384EDCCA177D0C62A7F910FF27E1A8C5
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D1C072CB0FFD37E6F6164E08A53751B2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

39
Requests

97 %
HTTPS

64 %
IPv6

11
Domains

12
Subdomains

12
IPs

4
Countries

358 kB
Transfer

705 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
avfacebook.twsex123.com/ 		21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:8091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8931200576aefa0ffb662ac7affcc8eae68fa625bd4f32299a56710b6e556d42

Request headers

:method
GET
:authority
avfacebook.twsex123.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 04:19:32 GMT
content-type
text/html;charset=UTF-8
set-cookie
__cfduid=db0da2827d7e49c25df0da75f8cf8d38b1607141971; expires=Mon, 04-Jan-21 04:19:31 GMT; path=/; domain=.twsex123.com; HttpOnly; SameSite=Lax
cf-cache-status
DYNAMIC
cf-request-id
06d2b96d240000175a09005000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UgvgUeUlAenVMGVG2vz1S50Kf0HqGON4fsmrzNHlnZ20CI9TEjPSulqa43L0KwMgqMRR9FbVAvIy0bPeHv9rW%2BP8nbqX%2FR2RFgSxW0YdKKB4JaSjB5730Zhi48tFF9yzZ7VR4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5fcaf8283e9f175a-FRA
content-encoding
br
style.css
18av.andygod.com/images/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://18av.andygod.com/images/style.css
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:1cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
dark.css
18av.andygod.com/images/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://18av.andygod.com/images/dark.css
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:1cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
large.css
18av.andygod.com/images/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://18av.andygod.com/images/large.css
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:1cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
right.css
18av.andygod.com/images/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://18av.andygod.com/images/right.css
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:1cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
horizontal.css
18av.andygod.com/images/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://18av.andygod.com/images/horizontal.css
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:1cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
colors.css
18av.andygod.com/images/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://18av.andygod.com/images/colors.css
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:1cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
jquery.bxslider.css
18av.andygod.com/images/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://18av.andygod.com/images/jquery.bxslider.css
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:1cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
responsive.css
18av.andygod.com/images/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://18av.andygod.com/images/responsive.css
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:1cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.2/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 12:55:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141861
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34009
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Dec 2021 12:55:11 GMT
jquery-migrate-1.4.0.min.js
code.jquery.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-migrate-1.4.0.min.js
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
9f176243815d4e6dbc79434d408273e49a1d4cc085e7f977da0e4bc1f530654a

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 04:19:32 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2016 18:26:11 GMT
server
nginx
etag
W/"56d098c3-25a0"
vary
Accept-Encoding
x-hw
1607141972.dop223.fr8.t,1607141972.cds280.fr8.hn,1607141972.cds014.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3885
43866.jpg
www.av-yoyo.com/cover/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.av-yoyo.com/cover/43866.jpg
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:142b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4583f63d1451f07959f596dee31e4f03ac11463359a44b04dcbaf957a9f8c502

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 04:19:33 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Mar 2018 09:50:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7mnBfDXJ%2FH2QE2%2F6IO5862fts03hPyHUw34Uu2ooafXgV6nQWNIV%2B3itXXGZhnCQLBEy16w6d%2BApRK7uriYZJ5BUo5zhWZG927RAof9bxWCpRPEZVLJSPW9EkYo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fcaf82f2dd82bd2-FRA
content-length
30539
cf-request-id
06d2b9717600002bd2e0145000000001
79446.jpg
www.av-yoyo.com/cover/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.av-yoyo.com/cover/79446.jpg
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:142b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d92b6bd5da6c9e6b0c7a5ec8364d3b019ae48d47511959c072e69fd0fbb50bea

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 04:19:33 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Jul 2018 09:18:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ueAQfapbobr%2BKfg%2FgyiPbVl8C4Rp4hKidAJQ3XCVlfBn0Oo789gh71m%2BAT%2BMucqRIM8PTwCxvlKS1l%2BdoiJXzqPlARhBBlWVs%2BPlYmdhn8OuxxJ24EOrgKtShXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fcaf82f2dda2bd2-FRA
content-length
22694
cf-request-id
06d2b9717600002bd25e130000000001
43875.jpg
www.av-yoyo.com/cover/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.av-yoyo.com/cover/43875.jpg
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:142b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a0e90a81b338f69bb9418d67011f60ff1849d2913c7d323fa5d0590e5e0c0e8

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 04:19:33 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Mar 2018 09:47:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OJXrjxOuK5KraxJCV%2BLXFhyxg21y0BGyELkxc169Jqiu8ezEL4%2FRROHmojj0lljQEtPvG2iFQh%2FxlTQeFJfDoE8ADK5DxXmnzVChxnuwBtpd6PqZPQ9P6FjJhn0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fcaf82f2ddb2bd2-FRA
content-length
14703
cf-request-id
06d2b9717600002bd212a27000000001
60650.jpg
www.av-yoyo.com/cover/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.av-yoyo.com/cover/60650.jpg
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:142b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f35a0b068d5691f1bfafcb25d125964311ff0c5d1b44cc10c17126308385571d

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 04:19:33 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Mar 2018 10:27:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fzCzphVmZMDWDYRfsKfIrLhJRUtwYfmVAcZUnkHMIZjkmT62vv8ywvwWuKPOsslvAa%2F12RBl16X%2F7s%2FQxAwR3XS5aSlvs6sZ%2FzBPSPpUzALS1MRgDqhwA07QEYs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fcaf82f2ddc2bd2-FRA
content-length
35379
cf-request-id
06d2b9717600002bd2e40a6000000001
58649.jpg
www.av-yoyo.com/cover/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.av-yoyo.com/cover/58649.jpg
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:142b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecbb993f8e6e69e4983311c72cc3c3c4e528cb5b527e23eb0bde8ce52c0f0a8c

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 04:19:33 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Mar 2018 09:01:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pu%2B1g3bilpl96Tz%2BXRvIccxpFtIPlIdfWRoOwlnbqMuFcgQfl9IIzzBODCWJne3D86VT21QsTPp5xE1%2FQuL4OYDuFtfsAz1XMGjvClXDId09ahPxEdMq6Po1tBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fcaf82f2ddd2bd2-FRA
content-length
27728
cf-request-id
06d2b9717600002bd2f3199000000001
79392.jpg
www.av-yoyo.com/cover/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.av-yoyo.com/cover/79392.jpg
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:142b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a74cb0e8c4687aa8c38e1a54a4514c2f29f89e0dc3a1880027b0a1de71e5268a

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 04:19:32 GMT
cf-cache-status
MISS
last-modified
Thu, 29 Mar 2018 09:01:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GHWdqpbMREtztf9l%2F75h3xyBUjkOXS9RmdKKRHxw0s08x5PHVChc2CDHHBa9fxtVIIiC89rMJYbGcJIuyyajYTFRj%2FCJbpzUP1%2FlFTBBOKDNSBoQcHaRw%2B0ystA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fcaf82f2dde2bd2-FRA
content-length
13972
cf-request-id
06d2b9717600002bd227b72000000001
43910.jpg
www.av-yoyo.com/cover/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.av-yoyo.com/cover/43910.jpg
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:142b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad8e731241969570eb40da769b0815bc8d989074146e3798aa59ad5522f70d64

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 04:19:33 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Mar 2018 09:28:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pIC1k3NLOx9won7d8lPiq7nWlCav5wQGUixe%2FEnT4HqEorMxya2t%2FPEV96riaNwud466S8%2BXQQ8yA8xxZUthS3iMH8cJ7D1UpIrNy74b673Sw7E1XxMp1srwu3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fcaf82f4dfd2bd2-FRA
content-length
17258
cf-request-id
06d2b9718b00002bd23d3f2000000001
60627.jpg
www.av-yoyo.com/cover/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.av-yoyo.com/cover/60627.jpg
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:142b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa2c9f62525791cf85c34d76df6085a16f754e2bfe9e63186510fceaef13caa1

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 04:19:33 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Mar 2018 08:55:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OQ7qsV8G1xc6L3i7uZdBTtkBpWVCdgXEoCXlrqXEN2XD%2BOfQ12zJnaxj3hWWsIRLw4J6KD6StvfwvPqjs42aVIg%2FYHsypjKpk66Qa4F5OFQFyCPtejyfwxioKo0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fcaf82f4dfb2bd2-FRA
content-length
18410
cf-request-id
06d2b9718a00002bd2f9a4f000000001
selectnav.js
18av.andygod.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://18av.andygod.com/js/selectnav.js
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:1cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
main.js
18av.andygod.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://18av.andygod.com/js/main.js
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:1cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
jQuery.ba-resize.min.js
18av.andygod.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://18av.andygod.com/js/jQuery.ba-resize.min.js
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:1cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
jquery.bxslider.min.js
18av.andygod.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://18av.andygod.com/js/jquery.bxslider.min.js
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:1cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Sat, 05 Dec 2020 04:19:32 GMT
x-host
s7.addthis.com
content-length
116325
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1812
date
Sat, 05 Dec 2020 03:49:20 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sat, 05 Dec 2020 05:49:20 GMT
Cookie set adshow.php
adserver.juicyads.com/ Frame F4C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adserver.juicyads.com/adshow.php?adzone=518632
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.237.101 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash

Request headers

Host
adserver.juicyads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://avfacebook.twsex123.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://avfacebook.twsex123.com/

Response headers

Server
nginx
Date
Sat, 05 Dec 2020 04:19:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=9739df391af4ba206f0c316b875b0b39; expires=Sun, 05-Dec-2021 04:19:32 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps41127=1; expires=Sun, 06-Dec-2020 04:19:32 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjExMjIzMjk7aToxNjA3NDAxMTcyO30%3D; expires=Tue, 08-Dec-2020 04:19:32 GMT; Max-Age=259200; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 08-Dec-2020 04:19:32 GMT; Max-Age=259200; domain=juicyads.com
Content-Encoding
gzip
Cookie set adshow.php
adserver.juicyads.com/ Frame E434 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adserver.juicyads.com/adshow.php?adzone=518636
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.237.101 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash

Request headers

Host
adserver.juicyads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://avfacebook.twsex123.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://avfacebook.twsex123.com/

Response headers

Server
nginx
Date
Sat, 05 Dec 2020 04:19:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=9739df391af4ba206f0c316b875b0b39; expires=Sun, 05-Dec-2021 04:19:32 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps41127=1; expires=Sun, 06-Dec-2020 04:19:32 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjExMjIzNjM7aToxNjA3NDAxMTcyO30%3D; expires=Tue, 08-Dec-2020 04:19:32 GMT; Max-Age=259200; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 08-Dec-2020 04:19:32 GMT; Max-Age=259200; domain=juicyads.com
Content-Encoding
gzip
Cookie set adshow.php
adserver.juicyads.com/ Frame C2AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adserver.juicyads.com/adshow.php?adzone=518633
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.237.101 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash

Request headers

Host
adserver.juicyads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://avfacebook.twsex123.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://avfacebook.twsex123.com/

Response headers

Server
nginx
Date
Sat, 05 Dec 2020 04:19:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=9739df391af4ba206f0c316b875b0b39; expires=Sun, 05-Dec-2021 04:19:32 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps41127=1; expires=Sun, 06-Dec-2020 04:19:32 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjExMjIzNjM7aToxNjA3NDAxMTcyO30%3D; expires=Tue, 08-Dec-2020 04:19:32 GMT; Max-Age=259200; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 08-Dec-2020 04:19:32 GMT; Max-Age=259200; domain=juicyads.com
Content-Encoding
gzip
Cookie set adshow.php
adserver.juicyads.com/ Frame 3E4A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adserver.juicyads.com/adshow.php?adzone=518634
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.237.101 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash

Request headers

Host
adserver.juicyads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://avfacebook.twsex123.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://avfacebook.twsex123.com/

Response headers

Server
nginx
Date
Sat, 05 Dec 2020 04:19:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=9739df391af4ba206f0c316b875b0b39; expires=Sun, 05-Dec-2021 04:19:32 GMT; Max-Age=31536000; path=/; domain=.juicyads.com juicy_data_1=YTowOnt9; expires=Tue, 08-Dec-2020 04:19:32 GMT; Max-Age=259200; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 08-Dec-2020 04:19:32 GMT; Max-Age=259200; domain=juicyads.com
Content-Encoding
gzip
ad300_250.cgi
xb99.net/cgi-bin/ Frame 4559 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xb99.net/cgi-bin/ad300_250.cgi?id=shop
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.126.105.32 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
condor1031.server4you.de
Software
Apache / PleskLin
Resource Hash

Request headers

Host
xb99.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://avfacebook.twsex123.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://avfacebook.twsex123.com/

Response headers

Date
Sat, 05 Dec 2020 04:19:32 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1404
Keep-Alive
timeout=1, max=50
Connection
Keep-Alive
Content-Type
text/html
Cookie set adshow.php
adserver.juicyads.com/ Frame A3F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adserver.juicyads.com/adshow.php?adzone=518639
Requested by
Host: avfacebook.twsex123.com
URL: https://avfacebook.twsex123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.237.101 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash

Request headers

Host
adserver.juicyads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://avfacebook.twsex123.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://avfacebook.twsex123.com/

Response headers

Server
nginx
Date
Sat, 05 Dec 2020 04:19:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=9739df391af4ba206f0c316b875b0b39; expires=Sun, 05-Dec-2021 04:19:32 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps31464=1; expires=Sun, 06-Dec-2020 04:19:32 GMT; Max-Age=86400; path=/; domain=.juicyads.com imps31463=1; expires=Sun, 06-Dec-2020 04:19:32 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToyOntpOjEwNzcxNTk7aToxNjA3NDAxMTcyO2k6MTA3NzE0NDtpOjE2MDc0MDExNzI7fQ%3D%3D; expires=Tue, 08-Dec-2020 04:19:32 GMT; Max-Age=259200; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 08-Dec-2020 04:19:32 GMT; Max-Age=259200; domain=juicyads.com
Content-Encoding
gzip
collect
www.google-analytics.com/j/ 		2 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=656331139&t=pageview&_s=1&dl=https%3A%2F%2Favfacebook.twsex123.com%2F&ul=en-us&de=UTF-8&dt=FB%E6%88%90%E4%BA%BA%E8%87%89%E6%9B%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2035014849&gjid=1587803649&cid=1451239564.1607141972&tid=UA-77542941-25&_gid=821136180.1607141972&_r=1&_slc=1&z=1738642840
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 05 Dec 2020 04:19:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://avfacebook.twsex123.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 04:19:32 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=24518
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-570364ef01bebe1a/ 		34 B
138 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-570364ef01bebe1a/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2cfc87cde7d1d87e0e1cb7cae35006a9a842d436e348d4b223b87efc484b5b5d

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 04:19:32 GMT
cache-control
no-transform, s-maxage=0, max-age=0
content-length
34
content-type
application/json
300lo.json
m.addthis.com/live/red_lojson/ 		50 B
154 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=5fcb0a54e6bbfc98&bkl=0&bl=1&pdt=972&sid=5fcb0a54e6bbfc98&pub=ra-570364ef01bebe1a&rev=v8.28.8-wp&ln=zh&pc=men&cb=1&ab=-&dp=avfacebook.twsex123.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1607141972608&jsl=1&uvs=5fcb0a5453b1cc19000&skipb=1&callback=addthis.cbs.jsonp__0108465861855511210
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b95bc1da788c22e0c0d20999de7a50ec361269ea12b99cd9b6b637ea54955d2

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 04:19:32 GMT
cache-control
no-transform, s-maxage=0, max-age=0
content-length
50
content-type
application/json
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 384E 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame D1C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://avfacebook.twsex123.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://avfacebook.twsex123.com/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
etag
W/"5ed917ff-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Sat, 05 Dec 2020 04:19:32 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
client.zh.min.json
s7.addthis.com/l10n/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/l10n/client.zh.min.json
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
a07132c63f32901121bd4b72134ab4f12b5bb4074dac39927f72a01456122e78
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 15:15:17 GMT
server
nginx/1.15.8
etag
W/"5d77be05-a39"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=604800
date
Sat, 05 Dec 2020 04:19:32 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
1523
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=656331139&t=timing&_s=2&dl=https%3A%2F%2Favfacebook.twsex123.com%2F&ul=en-us&de=UTF-8&dt=FB%E6%88%90%E4%BA%BA%E8%87%89%E6%9B%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2629&pdt=156&dns=21&rrt=0&srt=777&tcp=16&dit=1403&clt=1403&_gst=1110&_gbt=1170&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1451239564.1607141972&tid=UA-77542941-25&_gid=821136180.1607141972&z=327026951
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://avfacebook.twsex123.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Dec 2020 13:43:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52542
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_config object| addthis_share boolean| __@@##MUH string| addthis_services_loc string| addthis_services_loc_mob object| addthis_translations

7 Cookies

Domain/Path Name / Value
.addthis.com/ Name: uvc
Value: 1%7C49
avfacebook.twsex123.com/ Name: __atuvs
Value: 5fcb0a5453b1cc19000
.twsex123.com/ Name: _gat
Value: 1
avfacebook.twsex123.com/ Name: __atuvc
Value: 1%7C49
.twsex123.com/ Name: _ga
Value: GA1.2.1451239564.1607141972
.twsex123.com/ Name: _gid
Value: GA1.2.821136180.1607141972
.twsex123.com/ Name: __cfduid
Value: db0da2827d7e49c25df0da75f8cf8d38b1607141971

1 Console Messages

Source Level URL
Text
console-api log URL: https://code.jquery.com/jquery-migrate-1.4.0.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18av.andygod.com
adserver.juicyads.com
ajax.googleapis.com
avfacebook.twsex123.com
code.jquery.com
m.addthis.com
s7.addthis.com
v1.addthisedge.com
www.av-yoyo.com
www.google-analytics.com
xb99.net
z.moatads.com
s7.addthis.com
104.75.88.112
185.94.237.101
2.18.235.40
2001:4de0:ac19::1:b:1b
209.126.105.32
2606:4700:3034::681c:142b
2606:4700:3036::681c:1cfe
2606:4700:3037::681b:8091
2a00:1450:4001:806::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:824::200e
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
2cfc87cde7d1d87e0e1cb7cae35006a9a842d436e348d4b223b87efc484b5b5d
4583f63d1451f07959f596dee31e4f03ac11463359a44b04dcbaf957a9f8c502
6b95bc1da788c22e0c0d20999de7a50ec361269ea12b99cd9b6b637ea54955d2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8931200576aefa0ffb662ac7affcc8eae68fa625bd4f32299a56710b6e556d42
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9
9a0e90a81b338f69bb9418d67011f60ff1849d2913c7d323fa5d0590e5e0c0e8
9f176243815d4e6dbc79434d408273e49a1d4cc085e7f977da0e4bc1f530654a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a07132c63f32901121bd4b72134ab4f12b5bb4074dac39927f72a01456122e78
a74cb0e8c4687aa8c38e1a54a4514c2f29f89e0dc3a1880027b0a1de71e5268a
aa2c9f62525791cf85c34d76df6085a16f754e2bfe9e63186510fceaef13caa1
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad8e731241969570eb40da769b0815bc8d989074146e3798aa59ad5522f70d64
d92b6bd5da6c9e6b0c7a5ec8364d3b019ae48d47511959c072e69fd0fbb50bea
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ecbb993f8e6e69e4983311c72cc3c3c4e528cb5b527e23eb0bde8ce52c0f0a8c
f35a0b068d5691f1bfafcb25d125964311ff0c5d1b44cc10c17126308385571d