| yjrjw.rigelbetelgeuse.top/?pl=evEDv2qbh0GeSir8AYVTqQ&click_id=mwwy9xuokti&sub_id=push | 172.67.205.133 | | 0 B |
URL yjrjw.rigelbetelgeuse.top/?pl=evEDv2qbh0GeSir8AYVTqQ&click_id=mwwy9xuokti&sub_id=push IP172.67.205.133:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=evEDv2qbh0GeSir8AYVTqQ&click_id=mwwy9xuokti&sub_id=push HTTP/1.1
Host: yjrjw.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 08:37:38 GMT
content-length: 0
location: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
set-cookie: evEDv2qbh0GeSir8AYVTqQ=16; max-age=345600; path=/; samesite=lax
__pl=f3d5c20f-f830-467b-86fb-89d987031f03; expires=Sun, 10 May 2026 08:37:38 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BKZoBxUPLCEX1xysEnAGuohllq7s%2B2iwx7%2BLA%2BIHXFQjoNF80z4LJNSrAPOJOeCgwiKQ7LD5daWyxu%2FkKvNmCZfoDMrtcxIyRstLxB5lIXrQYf%2BLuUcn1UHPINkZcw0puBoE2VfMTNlB5ixC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88189bc26d8bb4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| yjrjw.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg | 104.21.58.39 | | 221 kB |
URL yjrjw.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg IP104.21.58.39:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 977x370, components 3 Size221 kB (220788 bytes) Hashbde3fee065c7408f2ba31b7633552644 75d8d5e0f57af3ac24337d0c496fcc549566c4fc 1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21
GET /video-bit/assets/pc-after-video.jpg HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: image/jpeg
content-length: 220788
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-35e74"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9NHBsV7DE0%2BRdmWx7hjiBBJIjFIGfyKZneiwxGPnjyNyQG1lcNXaXMwU8v0BrfHenhY9w1Czr0YGLtOA00ZR63oAnSf%2BHwM0Rn9N3l4S7uvpHoFhBe7TMGGXNPR2x2YZK1xlSM%2Fqy9ob60rCjSU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc56e2256c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| yjrjw.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg | 104.21.58.39 | | 163 kB |
URL yjrjw.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg IP104.21.58.39:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3 Size163 kB (162651 bytes) Hash2f5daa5004b75049f0bec772965b7943 a1336e046340afce9445ced5e26dc006fd47f6e9 121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63
GET /video-bit/assets/pc-sidebar.jpg HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: image/jpeg
content-length: 162651
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27b5b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iI347rox%2FVbgou5yy3G4f1U1NeqIX6rPNqG1ERpzwBQp4CTTmOJbyTxpXREKrklNhhhcyTMhhG2CRWl48GnXubZpnadnKxKvAAOLMQ%2Bf6d3ysDsQ0iaFCcM4%2FX8AKuMJGRO%2B9oFKiTY%2Fz2jD%2F00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc56e2956c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| yjrjw.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png | 104.21.58.39 | | 160 kB |
URL yjrjw.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png IP104.21.58.39:0
File typePNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced Size160 kB (159828 bytes) Hashd443d6dbbc102de6552453c20708a93b 591fa73cc4a0406124ca56dce015db983f540a12 60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93
GET /video-bit/assets/mobile-after-video.png HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: image/png
content-length: 159828
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27054"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mxVEvy5D9XUb3mOHciz4BynoWmkoKe3BGh5I5IWeNA8PRTBziwwbvP6RorgapWmizmGS1xQR5Ug3SvlKFUpm1dKEGzKdy%2BpUq40cpxotx9YNzxJ5KtnhUmXtKGZ09G6nOKmdF3ZhLbRZL03s4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc56e2756c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| yjrjw.check-tl-ver-54-3.com/video-bit/assets/mobile-header.jpg | 104.21.58.39 | | 16 kB |
URL yjrjw.check-tl-ver-54-3.com/video-bit/assets/mobile-header.jpg IP104.21.58.39:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 623x71, components 3 Hashcd2599ebcf088e38b0136da54be6056b 831aa894f796523bb13da5295773fad0adf08a43 bad51e23bda3b86050e80b64301111fb7dab284ef6a5d40bc042f711d6844f5a
GET /video-bit/assets/mobile-header.jpg HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: image/jpeg
content-length: 15684
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-3d44"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s56OkutkA23yHbW4LO%2FT%2F%2FMRzjjp%2B0X1ppiTB7tAX7oQZp10JbZi9GlotgFEPGTBasxUseOGv6%2BxOucC%2BuyPWb0JB0lzWKtg9IFlrmkl%2FrRve3KQYYrinpoApe8qOx2RZpthVPYSrCxrJw%2BDH2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc56e1756c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| yjrjw.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg | 104.21.58.39 | | 78 kB |
URL yjrjw.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg IP104.21.58.39:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x124, components 3 Hash7b5471d796895489e8526d789b9d40f6 0239e9afbff1cf03adb273fd5b24e68f17f52659 f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac
GET /video-bit/assets/pc-header.jpg HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: image/jpeg
content-length: 78090
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-1310a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lb9nOuSqVQigJBoxa2WNLn8mxMf4MqCx0LTPxL9MOVoh9ARYpGNVjbEWU%2FKoFCdSTtT%2BRiFGqo00AmY9rlK77I8CbvRbtf8gGbCO4OpP5Fl3n9pqF8ksTmJeR%2B03pMx0%2BzDNEr5%2FAseduUcV3jo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc56e1056c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| yjrjw.check-tl-ver-54-3.com/video-bit/assets/video.gif | 104.21.58.39 | | 1.3 MB |
URL yjrjw.check-tl-ver-54-3.com/video-bit/assets/video.gif IP104.21.58.39:0
File typeGIF image data, version 89a, 300 x 225 Size1.3 MB (1261197 bytes) Hash219f73ae12fc4696639ce99694cb6463 4265f8a22afe580964444a549afab5a07edde5c6 19bc7986406ae576bed6b1ce20044821d45e6377442e0756ea506e17ead6b59c
GET /video-bit/assets/video.gif HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: image/gif
content-length: 1261197
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-133e8d"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qbY68qZH%2FPXvToiSQnwR2%2F8MCBRrPIqJH1P%2BsM3dCZVoqhJ0p4m7m%2FQp8ptGBRQKTPEHHX9Q33XZHWuSYJX2JfpwnGO36hViEvLruC%2Br8NKF9zK5%2Ft6%2B6LVAAseg33J3nhQj7gkIubBKZT57lJQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc56e1b56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| yjrjw.check-tl-ver-54-3.com/video-bit/assets/style.css | 104.21.58.39 | | 1.9 kB |
URL yjrjw.check-tl-ver-54-3.com/video-bit/assets/style.css IP104.21.58.39:0
File typegzip compressed data, from Unix Hashed5c6f52019ab66fd7e8db93f10d08d8 421b915ae025cb3f498d3a4f45e92557e46e1864 be6d556b888684a37fa81ff2db963d729b92f01c8e04d31f0b7b47ce495fae06
GET /video-bit/assets/style.css HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1a3c"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SDXai3HCK2vh3nEOhFb1md9gi5zEW%2BBd%2FVZtCZW9bV3txSfr8f1%2FVwxhDy2etaC1OiSHfBEUY46Bq3g0l71ea7eTYf5M0EvzfJqHy0SHLkIVn%2Fyi4OzAgfEA7peHMpZeVUdgNVFLFihMsRSnOFI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc56e0756c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js | 142.250.74.163 | | 9.3 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js IP142.250.74.163:0
File typeJavaScript source, ASCII text, with very long lines (28368) Hash9900403b65514fad7df39a4e788a6e45 75f9ba061ef4e72bb23528c700f2a11c56d637e9 a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:57:01 GMT
expires: Fri, 09 May 2025 01:57:01 GMT
cache-control: public, max-age=31536000
age: 110438
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.163 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.163:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:03:17 GMT
expires: Sat, 10 May 2025 02:03:17 GMT
cache-control: public, max-age=31536000
age: 23662
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| oa.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png | 188.114.96.1 | | 160 kB |
URL oa.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png IP188.114.96.1:0
File typePNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced Size160 kB (159828 bytes) Hashd443d6dbbc102de6552453c20708a93b 591fa73cc4a0406124ca56dce015db983f540a12 60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93
GET /video-bit/assets/mobile-after-video.png HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/png
content-length: 159828
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27054"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZhvf4cPrdY6m4LWPlu8HB4%2FoVcW5hMNa%2FBKMRMxAWN5fo7JlfS0tm3FBbOj%2FK7NR%2BcGM1jEHhBQUi%2FeACiNb%2BnEZq92UmPornStHRtxYG4FPNjNOfAXZJ0iePnRUih%2FK8grEOxuzIq%2FIvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc99f480b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oa.check-tl-ver-54-3.com/video-bit/assets/mobile-header.jpg | 188.114.96.1 | | 16 kB |
URL oa.check-tl-ver-54-3.com/video-bit/assets/mobile-header.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 623x71, components 3 Hashcd2599ebcf088e38b0136da54be6056b 831aa894f796523bb13da5295773fad0adf08a43 bad51e23bda3b86050e80b64301111fb7dab284ef6a5d40bc042f711d6844f5a
GET /video-bit/assets/mobile-header.jpg HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/jpeg
content-length: 15684
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-3d44"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fauTxwqsx6YvUqO5lA7kWOdkvo4QaBkon%2BtcCuh9Y%2BfUjX7APhgeN6W5PUnkHF%2FbjvbjG8zyAzTDRk9E6d9CFWUKRvxrsa90Xu7kjrheC0mDoX7eMdo60bWloKdu4AtvBlOHzmxPuFH50ac%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc98f390b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oa.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg | 188.114.96.1 | | 78 kB |
URL oa.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x124, components 3 Hash7b5471d796895489e8526d789b9d40f6 0239e9afbff1cf03adb273fd5b24e68f17f52659 f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac
GET /video-bit/assets/pc-header.jpg HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/jpeg
content-length: 78090
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-1310a"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hB1jd3HooVTqi5AQb1oCh%2FikQ%2FWSRWFNgpbhRUPzz1RHFydeXx7n7l32OpnjswAPdUFazsYH1tIcHbFwEfFDuE8X2gV9FOFWKEmgpHYhlniz6jv6bVWKR0Wt4DyM0eEaOR%2F4Od1WKiN07CI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc98f2e0b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oa.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg | 188.114.96.1 | | 163 kB |
URL oa.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3 Size163 kB (162651 bytes) Hash2f5daa5004b75049f0bec772965b7943 a1336e046340afce9445ced5e26dc006fd47f6e9 121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63
GET /video-bit/assets/pc-sidebar.jpg HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/jpeg
content-length: 162651
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27b5b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZcEIbCj0Dd5MrBzrosRLXqgOX8OcMJ1SGyrmfzaBQrp9%2F7kgaY0L9UHtsUG1zOUhngdcpHWL4ak%2BMsT5upeQloD5ICm3rC4DGgeSl8dG9q4SL9fmm%2BjS5ZuMujV1O94h3xXL9XciWiDVhsw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc99f500b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oa.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg | 188.114.96.1 | | 221 kB |
URL oa.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg IP188.114.96.1:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 977x370, components 3 Size221 kB (220788 bytes) Hashbde3fee065c7408f2ba31b7633552644 75d8d5e0f57af3ac24337d0c496fcc549566c4fc 1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21
GET /video-bit/assets/pc-after-video.jpg HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/jpeg
content-length: 220788
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-35e74"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mDOx4ZesvpVECS45tdbN9ahe%2BDfzi%2BszHXplw%2F%2FJnOR%2FDtplxcyXaqXGzDfC0YsEIkL11lXJYgVGWoV%2FChFkvfICfzwEMVvASmgambrbctJ5PJYuBTN4o044kzYAYkOrjrSCan7ou2dokMc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc99f450b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| yjrjw.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2 | 104.21.58.39 | | 1.3 MB |
URL yjrjw.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2 IP104.21.58.39:0
File typeJavaScript source, ASCII text, with CRLF line terminators Size1.3 MB (1262410 bytes) Hash7224243dd0b18bb2508a1d77d4b2a0b2 bd833c24aa241861316053fd8bd46a1bef3d343f 920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-dee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4009
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EXIpaDxg5x1jw7M3I54%2BcyQINUpED%2Bkgv68QY62kp4bI24kahBk6C%2B0t5GeJz9b5lBvtgxNfnuQQyY6JBEEKUzRfoPLixlsYBJLkWYokFhxUGruDdmCTyTjvSTXUvalxhn8aqd%2Bi0z5QtjoPnGM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc57e2c56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdnstatic.check-tl-ver-54-3.com/ps/config.js?id=evEDv2qbh0GeSir8AYVTqQ | 188.114.96.1 | | 9.6 kB |
URL cdnstatic.check-tl-ver-54-3.com/ps/config.js?id=evEDv2qbh0GeSir8AYVTqQ IP188.114.96.1:0
File typeJavaScript source, ASCII text, with very long lines (28370), with CRLF, LF line terminators Hashdd2ee4bb74245ebe50e3c8c00f257fe4 1d21907a65f443cd44ec09da7924488ba491c8df b45a2bdd8dc35968239a48b988dd676ff64550c5c060b40af7bcaa1024492b4e
GET /ps/config.js?id=evEDv2qbh0GeSir8AYVTqQ HTTP/1.1
Host: cdnstatic.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/
Cookie: __psu=99c0ae9f-0e69-487f-90fd-5dad81997078
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPGgoJabjJYmciRY0sVuLtrL16kJ3astcTrEw9wWfCTXuvEIDhIcKw2zMcclbqDGBoqXL8KhKXUFyOoMcbpJ1AGEj7aStiB%2F%2BwzyGqf79e7jqq48Ain0K4503RFU5F8uxWLcPT7h3H3J24QtqHAH2fRA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bca98ee0b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.163 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.163:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:03:17 GMT
expires: Sat, 10 May 2025 02:03:17 GMT
cache-control: public, max-age=31536000
age: 23662
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ob.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg | 104.21.58.39 | | 78 kB |
URL ob.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg IP104.21.58.39:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x124, components 3 Hash7b5471d796895489e8526d789b9d40f6 0239e9afbff1cf03adb273fd5b24e68f17f52659 f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac
GET /video-bit/assets/pc-header.jpg HTTP/1.1
Host: ob.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/jpeg
content-length: 78090
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-1310a"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vrANrg4CPXBgG%2BgNTJDfoYAi81AL44zmfaG%2BcH8VKSM%2B1h0zJPF%2BBDKcko5D6gW0QtvAlG5Sq%2FLKDPsjyVHbhtb9fcGOS5y%2FGUW7evo2nQIPH8Ay4z%2Fur5InDCE2bRDNlZTTKKdgLfiOJjc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcc38e156c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oa.check-tl-ver-54-3.com/video-bit/assets/v_F.ico | 188.114.96.1 | | 17 kB |
URL oa.check-tl-ver-54-3.com/video-bit/assets/v_F.ico IP188.114.96.1:0
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash183cab2f5d4582ef71ae37efc8d458dd 7c230eba9c1ce7900ea9bbf53dde00ea068dc995 c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e
GET /video-bit/assets/v_F.ico HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/x-icon
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-47e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IBJZ1TAJPx17TGfYCj6IjqMqiflSuOjnrjGDBzppUdJLrzEVzvhXjql00b5606jpzd8YXal8CK9JUXDpzcmf0CdeRBu0Co2kaqLWiTQ4qVCGixoeR5LXIWDadXMfxl4jcPbqG0enKnF%2BX8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcb39b00b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ob.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg | 104.21.58.39 | | 163 kB |
URL ob.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg IP104.21.58.39:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3 Size163 kB (162651 bytes) Hash2f5daa5004b75049f0bec772965b7943 a1336e046340afce9445ced5e26dc006fd47f6e9 121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63
GET /video-bit/assets/pc-sidebar.jpg HTTP/1.1
Host: ob.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/jpeg
content-length: 162651
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27b5b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pKX86CVo3t49QyG8vWWTI6DA7qzgYjSRU7VU5j4ITjwNrxPlZKt%2FI1OFLX%2BKyNuV1wyLTTrvMtSmx7e4BIZSEE%2BplPpijPQdBu5QJDFhld7YJYeN01ItAkxNf6IQ2bfnS3q2hP0nWCagXRY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcc490556c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ob.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png | 104.21.58.39 | | 160 kB |
URL ob.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png IP104.21.58.39:0
File typePNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced Size160 kB (159828 bytes) Hashd443d6dbbc102de6552453c20708a93b 591fa73cc4a0406124ca56dce015db983f540a12 60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93
GET /video-bit/assets/mobile-after-video.png HTTP/1.1
Host: ob.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/png
content-length: 159828
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27054"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aR1kQDeIdrxM3yFUIYAbTWLGXS3fgXColG2Ede%2BtuCo8Pb0ECoBAqBxEbsvhY6QENwaf%2B9ryTPWC0QGcmlpoCtGTsZKy0QPPZfb2gzJwFnR%2Bco3tVZfQzXRZhVwD6J0DhUXi1eykJwFnvGw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcc48ff56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ob.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg | 104.21.58.39 | | 221 kB |
URL ob.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg IP104.21.58.39:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 977x370, components 3 Size221 kB (220788 bytes) Hashbde3fee065c7408f2ba31b7633552644 75d8d5e0f57af3ac24337d0c496fcc549566c4fc 1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21
GET /video-bit/assets/pc-after-video.jpg HTTP/1.1
Host: ob.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/jpeg
content-length: 220788
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-35e74"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TagnVuCaIZRaMTHy9KUpWA%2Bs4kN%2BYxK9uQtCH68zKsm8OK7PRKjHhLwmJJG9q%2FgdakUYKj0KIVyYQ3CxJFD%2BGGNpyM8npB9%2FSCo2NHi2AdflR1%2FqDl56n0zRwUdBbc0T51vdPjKyQ%2FE%2FtAU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcc48f356c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558 | 188.114.96.1 | | 1.3 MB |
URL oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558 IP188.114.96.1:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (445), with CRLF line terminators Size1.3 MB (1262123 bytes) Hashed5b4a74eaf9de7de46d51d21953a87b 31907e53e698aaf1305093e593af4dad86ae1fdf 5e72c0f8a8788d43991964250a03ffb7864eb2e2e5b24e779c43012741b2519a
GET /video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558 HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3A3UN65egknIVgE3y0dv17yioXhxLvRAQ%2FYsAwRscjUwdtFJiFse8x6UOG%2BLxVidjwFB4RZ08llJ%2FSpSTGfL3mq3ccsILlNK4x5CAZcOpKqpSkpKgLFk%2B5PIFwd64I2rrIFBifv9upFW7iA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88189bc8fe6a0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| yjrjw.check-tl-ver-54-3.com/video-bit/assets/v_F.ico | 104.21.58.39 | | 10 kB |
URL yjrjw.check-tl-ver-54-3.com/video-bit/assets/v_F.ico IP104.21.58.39:0
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash183cab2f5d4582ef71ae37efc8d458dd 7c230eba9c1ce7900ea9bbf53dde00ea068dc995 c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e
GET /video-bit/assets/v_F.ico HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/x-icon
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-47e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7G5tZSmKgV0SqbPy%2Fz9suY4Uvy88%2BQBkhAG0gowljR2eSfkasuzQFQ77QRkgZ23bO7s8faq0m30iDJ63b2JQBMbmvHCfP3UaRoZ52%2B2Q5Y4yB%2F4ims2aTlVLpn9l9XQIm1r3FUszOs1He64nZo0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc7391456c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ob.check-tl-ver-54-3.com/video-bit/assets/style.css | 104.21.58.39 | | 25 kB |
URL ob.check-tl-ver-54-3.com/video-bit/assets/style.css IP104.21.58.39:0
File typegzip compressed data, from Unix Hashf5947c06d589fcfde0b3a26a281f0b4b 6fbb7c94b82a4d822689a92a8f0318c75a730777 525172b61da53ff8f2e5e7c6d5d6ee75f0281607d4d114c12ae607866d45135a
GET /video-bit/assets/style.css HTTP/1.1
Host: ob.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1a3c"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cA1sDrOwCta19t1qhHT%2FGFoj1AjNlszvaAx9HRn8Tygg54izHl960wPbct6sBzl0%2BVgZcF4NY1oaphmKyPgtM1AKNf4Pu0xyQNisR%2FKus0POST3vsWupMSBia2yEPQJwxbgEVai3H%2FOargU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcc38df56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.163 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.163:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:03:17 GMT
expires: Sat, 10 May 2025 02:03:17 GMT
cache-control: public, max-age=31536000
age: 23663
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ob.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2 | 104.21.58.39 | | 7.6 kB |
URL ob.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2 IP104.21.58.39:0
File typeJavaScript source, ASCII text, with CRLF line terminators Hash7224243dd0b18bb2508a1d77d4b2a0b2 bd833c24aa241861316053fd8bd46a1bef3d343f 920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: ob.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-dee"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qFgr4yq8zfKgXW%2BqYgLvp6onN05OKkmz3GnyWJGia2e9ulEdqr2M%2BjpiPxVdjXTfGmr%2BhOkEwk7wRpo5yFyU7divHgAy%2Fx8Cvx9u3%2FK8p8P%2BdqAsvyFNg9kQnvcuMtnLUhGwQIO%2FQ5qLmmw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcc590c56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| oc.check-tl-ver-54-3.com/video-bit/assets/mobile-header.jpg | 104.21.58.39 | | 16 kB |
URL oc.check-tl-ver-54-3.com/video-bit/assets/mobile-header.jpg IP104.21.58.39:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 623x71, components 3 Hashcd2599ebcf088e38b0136da54be6056b 831aa894f796523bb13da5295773fad0adf08a43 bad51e23bda3b86050e80b64301111fb7dab284ef6a5d40bc042f711d6844f5a
GET /video-bit/assets/mobile-header.jpg HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/jpeg
content-length: 15684
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-3d44"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0tRf0vtwMWPqV%2BBrA0ec4E%2FToppCbhEvrEW92vphE7MnV1Dk9y7PNPR%2FKlKALANfIvAOukbjoY5sk0IJ3kA8bAWw0X2kfkPbsmp7A4QOfpyc9%2FjmBwUcgJNMehMaEeU8DUuOCXS9wzEZzEk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0dfac56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oc.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg | 104.21.58.39 | | 78 kB |
URL oc.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg IP104.21.58.39:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x124, components 3 Hash7b5471d796895489e8526d789b9d40f6 0239e9afbff1cf03adb273fd5b24e68f17f52659 f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac
GET /video-bit/assets/pc-header.jpg HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/jpeg
content-length: 78090
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-1310a"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LxlwX7ZhBtGtjS0tD4aBlCtq3h3bHsbEF1SCSeYmu4t6PCcYybSrqQ7S2DbMbv33%2BhVt38%2BwpnucBbuCJpBwFvi18bjpqub4n3uyxniong7hK7oVT%2FHnASQfKcdpzvXONysxgUbCinfKF6Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0dfaa56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oc.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png | 104.21.58.39 | | 160 kB |
URL oc.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png IP104.21.58.39:0
File typePNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced Size160 kB (159828 bytes) Hashd443d6dbbc102de6552453c20708a93b 591fa73cc4a0406124ca56dce015db983f540a12 60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93
GET /video-bit/assets/mobile-after-video.png HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/png
content-length: 159828
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27054"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAxasYiH3S73PYepBYsrgSZauyoju0OvUTBfa8lj0APOhC%2F%2FXXOaCKZLjeFhQQvCFTh2qqwITOoaPyWL%2BLMNtY8HkdIahbQsQOwT5ZpDcqS%2FOZZLnVil6q020dwoGqXRiea3knpBX9B5qIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0dfb756c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oc.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg | 104.21.58.39 | | 163 kB |
URL oc.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg IP104.21.58.39:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3 Size163 kB (162651 bytes) Hash2f5daa5004b75049f0bec772965b7943 a1336e046340afce9445ced5e26dc006fd47f6e9 121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63
GET /video-bit/assets/pc-sidebar.jpg HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/jpeg
content-length: 162651
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27b5b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TpYJlknKuv37z4PJgN5Xy8JTbUljTZngL4RA2iP%2BTrGr0iLpx8VUxo96T86u%2F0rIdI5aTIgB0nu2nBG3%2Bl8DEZXpylRlT7XxtLSRhqTcBECm3i1ULTYjrbR%2FuprTmbxOh6aZMRWIpG3czNk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0efbb56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oc.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg | 104.21.58.39 | | 221 kB |
URL oc.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg IP104.21.58.39:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 977x370, components 3 Size221 kB (220788 bytes) Hashbde3fee065c7408f2ba31b7633552644 75d8d5e0f57af3ac24337d0c496fcc549566c4fc 1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21
GET /video-bit/assets/pc-after-video.jpg HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/jpeg
content-length: 220788
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-35e74"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=niQv2jQpmtTiGGKJQ0CkiRu2%2FNjU%2BU26XRtiOmvF%2Fiv042Lt9ZUuuHzfEgT%2BhEw5euuT06kso%2BvkITlnJ5r8G849WLrKxaD9Q5PhYy9aSCv8sKyAvHD6CGEnZYFHTBz1JPaiNbACuZShrbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0dfb456c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oc.check-tl-ver-54-3.com/video-bit/assets/video.gif | 104.21.58.39 | | 1.3 MB |
URL oc.check-tl-ver-54-3.com/video-bit/assets/video.gif IP104.21.58.39:0
File typeGIF image data, version 89a, 300 x 225 Size1.3 MB (1261197 bytes) Hash219f73ae12fc4696639ce99694cb6463 4265f8a22afe580964444a549afab5a07edde5c6 19bc7986406ae576bed6b1ce20044821d45e6377442e0756ea506e17ead6b59c
GET /video-bit/assets/video.gif HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/gif
content-length: 1261197
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-133e8d"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tuH%2BWQQUr5Yz0OIyHFlFdw4d7imCekkHXEMvTGuGeQP4zEjDvxYrw3lC%2BFRJca1%2BPzVRYfV3z46tBakLJJju1dpgMfRLa2BjM1PI2tztTY2BefABl%2BMx6MX8F%2BdPThfcu9Ugv4CgBCLiPmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0dfaf56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnstatic.check-tl-ver-54-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-54-3.com&timeout=30&tb=true&nrid=6395e15d871a4f89a03b59e6a642a4ee | 188.114.96.1 | | 23 kB |
URL cdnstatic.check-tl-ver-54-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-54-3.com&timeout=30&tb=true&nrid=6395e15d871a4f89a03b59e6a642a4ee IP188.114.96.1:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61629) Hash4889e533d2f884a733b09219feff7536 566afdc9e9437acf41dde9d84e7efb866a2b1392 99cf258c21c6850b6e2f0e3e5283d11ebe5da0eebcb48d14db12ef3c4d2dbed3
GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-54-3.com&timeout=30&tb=true&nrid=6395e15d871a4f89a03b59e6a642a4ee HTTP/1.1
Host: cdnstatic.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/
Cookie: __psu=99c0ae9f-0e69-487f-90fd-5dad81997078
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UWfvH2CPtYGlVZTgIRvKmfQ7JmKzmVo%2BoTDCUT%2BO6n%2B1VTcHsl%2FbR2k9qnh4vekB4Jc5iZ9S3%2FPvj7dHeAPTyvIYq%2ByJPaQC%2BWJPsrS%2Bv%2BeiGYcdAJuvL0MyxmkoWyY8Sia8QIGli43xG2e3V04oC7ru"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd17b0b0b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.163 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.163:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:03:17 GMT
expires: Sat, 10 May 2025 02:03:17 GMT
cache-control: public, max-age=31536000
age: 23663
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdnstatic.check-tl-ver-54-3.com/ps/config.js?id=evEDv2qbh0GeSir8AYVTqQ | 188.114.96.1 | | 16 kB |
URL cdnstatic.check-tl-ver-54-3.com/ps/config.js?id=evEDv2qbh0GeSir8AYVTqQ IP188.114.96.1:0
File typegzip compressed data, from Unix Hashdeee9dd13fdba173b412203922cc8e0c d32854390e63837becbf9af9013beac04abd4b63 740ebbc952e2b0ee1f1cbba22ab7279da6a0c8713df6266848a2a499b5984f68
GET /ps/config.js?id=evEDv2qbh0GeSir8AYVTqQ HTTP/1.1
Host: cdnstatic.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/
Cookie: __psu=99c0ae9f-0e69-487f-90fd-5dad81997078
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BMORwm6O9m5je7iNGFkQ02fM7aVqX98GZ5Uq6ithLotrsxNDjzkxXmNLEnnLPUd4U1t28RugJGiZOfPdowTk2v%2Br8nlQ6pr9HMNPUgkLbpB3ZR%2F7E32HAZeMQf6MCb2%2FvxNpHXzlaPgEVfNpc3U18M6h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd22bd90b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558 | 104.21.58.39 | | 79 kB |
URL od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558 IP104.21.58.39:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (445), with CRLF line terminators Hashed5b4a74eaf9de7de46d51d21953a87b 31907e53e698aaf1305093e593af4dad86ae1fdf 5e72c0f8a8788d43991964250a03ffb7864eb2e2e5b24e779c43012741b2519a
GET /video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558 HTTP/1.1
Host: od.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:41 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PDHY7zfFp58xNudyx5r1FrG%2BGUwuiamnix%2FLdpX%2BkloP%2FytysqI1gyabEXCP6qCT8U2HWO0R4ZoQLPDP%2B2V%2FNcAJogemIdldhja7AVBkgoFmH1%2BO4UIgj9lXjBrkACUq3Nwi2wshrHy%2Bh7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88189bd35be256c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| od.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png | 104.21.58.39 | | 160 kB |
URL od.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png IP104.21.58.39:0
File typePNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced Size160 kB (159828 bytes) Hashd443d6dbbc102de6552453c20708a93b 591fa73cc4a0406124ca56dce015db983f540a12 60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93
GET /video-bit/assets/mobile-after-video.png HTTP/1.1
Host: od.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:41 GMT
content-type: image/png
content-length: 159828
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27054"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=INqQ9boiXZjeA7pZjDVKokHxugbAAS80JZbirlGJoLrQY82Lx1MlgUkixnDGUNWM81KEAUMzY9x2GwBK1b7FG1mCblYRFYMKtRiA%2F6s48QpRTw0m31RUrG03uucDUpytdwGG9ty1nLLv3oU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd41d5156c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| od.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg | 104.21.58.39 | | 163 kB |
URL od.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg IP104.21.58.39:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3 Size163 kB (162651 bytes) Hash2f5daa5004b75049f0bec772965b7943 a1336e046340afce9445ced5e26dc006fd47f6e9 121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63
GET /video-bit/assets/pc-sidebar.jpg HTTP/1.1
Host: od.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:41 GMT
content-type: image/jpeg
content-length: 162651
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27b5b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7CQD40wQzQbafUw%2F5MFL8kaXgJhesvw7s2jxUlbRcZ25Nd6X1p0vUi%2BR%2FHj1XSXWnTgfnWIvzHC5EEHsdUC7iU1vxW%2FC9bO2%2F3gBKGPiEkJ4tVtSHSEcjhfYkexiXlOkXd8JlqonTZByP1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd41d5656c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| od.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg | 104.21.58.39 | | 221 kB |
URL od.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg IP104.21.58.39:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 977x370, components 3 Size221 kB (220788 bytes) Hashbde3fee065c7408f2ba31b7633552644 75d8d5e0f57af3ac24337d0c496fcc549566c4fc 1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21
GET /video-bit/assets/pc-after-video.jpg HTTP/1.1
Host: od.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:41 GMT
content-type: image/jpeg
content-length: 220788
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-35e74"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wHDa7WSerAt%2BVTfqG6qdumkzK1MN03HQ2XR7AtiB2Eg4Lem4grErFqUqbsKwotNIBJmIMVugx4kddKesQBBaeOaIPzwC3DNQxOzHV4zkqYvtqayxX%2FuuKbZjZXlKvC4%2B%2BD%2Bbw9gTAuZTRJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd41d4c56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| od.check-tl-ver-54-3.com/video-bit/assets/video.gif | 104.21.58.39 | | 1.3 MB |
URL od.check-tl-ver-54-3.com/video-bit/assets/video.gif IP104.21.58.39:0
File typeGIF image data, version 89a, 300 x 225 Size1.3 MB (1261197 bytes) Hash219f73ae12fc4696639ce99694cb6463 4265f8a22afe580964444a549afab5a07edde5c6 19bc7986406ae576bed6b1ce20044821d45e6377442e0756ea506e17ead6b59c
GET /video-bit/assets/video.gif HTTP/1.1
Host: od.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:41 GMT
content-type: image/gif
content-length: 1261197
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-133e8d"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zx0dNqNda2ULN6P9D7t1mxc2k%2BhzDVKwANwHM9Nn82wkPyMUqidnt8BRbqQHOf6XSF26jxIreL2EdzI8ncVHTKTkbu9Ec9GsiukQeJz81pBBv1QuGcoaMIhY72Nse0QIHQE%2Bdi4DVP3Gjl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd41d4856c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| od.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2 | 104.21.58.39 | | 10 kB |
URL od.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2 IP104.21.58.39:0
File typeJavaScript source, ASCII text, with CRLF line terminators Hash7224243dd0b18bb2508a1d77d4b2a0b2 bd833c24aa241861316053fd8bd46a1bef3d343f 920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: od.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:41 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-dee"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3fZpePW4kyjtHkxVaczOg5hCZgkC2bvZpSHNlKWlVFufN7OXJnTlgisjS03fK9siqwhInEvGLDK%2Bq9FnTzkvHY7KPQv5GUgltt%2FY1LDhWvicSa4uKel96SoMCO1nxFXX%2BcAiPuDXdGAW1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd42d6356c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.163 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.163:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://od.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:03:17 GMT
expires: Sat, 10 May 2025 02:03:17 GMT
cache-control: public, max-age=31536000
age: 23664
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback | 185.155.186.17 | 200 OK | 4.8 kB |
URL User Request GET HTTP/1.1sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback IP185.155.186.17:443
CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (533), with CRLF line terminators Hashe9fbc45f4200f05f6509dc3cc2383d2d 4135d4ec1239dd296a0f28c43bd234699053e9ed 11ffe79b165b16b983f28ee1c57f7ccdfa6fd66c4a0827e73fedf704f166a058
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:41 GMT
Content-Type: text/html
Content-Length: 4755
Connection: keep-alive
set-cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v; path=/
cache-control: private, no-transform
|
|
| sexcool-dating.life/media/dating/dirtysinder/css/style.css | 185.155.186.17 | 200 OK | 16 kB |
URL GET HTTP/1.1sexcool-dating.life/media/dating/dirtysinder/css/style.css IP185.155.186.17:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
File typeASCII text, with CRLF line terminators Hashfdf9ef7b632886c1ab15b32f6196cc81 4026acd6911dd4c6c3557cc5eea0a019a22ecb5a 9c0fba4352f346a81523df1f943addecb49b9f082cd6fee3962b1681a7fbd5f5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /media/dating/dirtysinder/css/style.css HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:41 GMT
Content-Type: text/css
Content-Length: 15885
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "fdf9ef7b632886c1ab15b32f6196cc81"
Last-Modified: Mon, 20 Feb 2023 09:31:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17CE136FB73F3D2F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843512#999936088/gid:0/gname:root/mode:33188/mtime:1655386830#645185000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:30.645185Z
Expires: Sat, 10 May 2025 08:37:41 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
|
| ob.check-tl-ver-54-3.com/video-bit/assets/spinning-circles2.svg | 104.21.58.39 | | 1.2 kB |
URL ob.check-tl-ver-54-3.com/video-bit/assets/spinning-circles2.svg IP104.21.58.39:0
File typeSVG Scalable Vector Graphics image Hash14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f
GET /video-bit/assets/spinning-circles2.svg HTTP/1.1
Host: ob.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/svg+xml
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1f7"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Z8JgPD2yjiZOB%2BN0z5jubuIJLL6%2Bt%2BdXIjZerKb61XDfO8q3Q%2F5UCkxVuG3VbvRq5E2fZY2LUtGMT%2BASA7g78VCkbsKqp3vrY2%2BaQ5%2B5dF9XHD%2BgbLbfsPJEpH%2BlRU9Ahhu4zFU0VTAqG8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcc48ec56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sexcool-dating.life/media/exit-new/exit1.js | 185.155.186.17 | 200 OK | 3.5 kB |
URL GET HTTP/1.1sexcool-dating.life/media/exit-new/exit1.js IP185.155.186.17:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
File typeJavaScript source, ASCII text, with very long lines (641), with CRLF line terminators Hash625e5e2950612f771e246beb33c9ea61 e4fc251c6c000496c285f8dc3fa097040b031681 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /media/exit-new/exit1.js HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: text/javascript
Content-Length: 3473
Connection: keep-alive
ETag: "625e5e2950612f771e246beb33c9ea61"
Last-Modified: Tue, 21 Nov 2023 12:30:04 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CE12F08105EEC9
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223389#507714946/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
|
| sexcool-dating.life/util/utils.js | 185.155.186.17 | 200 OK | 7.5 kB |
URL GET HTTP/1.1sexcool-dating.life/util/utils.js IP185.155.186.17:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
File typeJavaScript source, ASCII text, with very long lines (641), with CRLF line terminators Hash01816d15ca03032751161a746e2fb7c3 dcc72ea5fa1356490ba473288159df9786b4a3c3 8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /util/utils.js HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: application/javascript
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Mon, 20 Feb 2023 09:36:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17CE12E09E78D129
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676885559#334512232/gid:0/gname:root/mode:33188/mtime:1659085489#684136000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:04:49.684136Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
|
| fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700 | 142.250.74.170 | 200 OK | 1.3 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700 IP142.250.74.170:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashf9c11e2690d9b940a3cedc2171125a68 127ee283462829eeb8e74f83e634dbc3387b201d f378201c6b6844df8a8fe7f0d698d64948940b232b14cfd7e7e783454158bfe6
GET /css?family=Monoton|Raleway:400,700|Roboto:300,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 08:37:42 GMT
date: Fri, 10 May 2024 08:37:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| sexcool-dating.life/media/dating/dirtysinder/js/main.js | 185.155.186.17 | 200 OK | 3.1 kB |
URL GET HTTP/1.1sexcool-dating.life/media/dating/dirtysinder/js/main.js IP185.155.186.17:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
File typeJavaScript source, ASCII text Hash4ff0f5ad435331f44d0b0691647bc6f9 ab7dd8e1113df02e4783dc4a714d644fe939984d 2c03acf3d158e2105bd0881aab875eadf0cca1167beb22d930888b28f34ae5a5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /media/dating/dirtysinder/js/main.js HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: application/javascript
Content-Length: 3141
Connection: keep-alive
ETag: "4ff0f5ad435331f44d0b0691647bc6f9"
Last-Modified: Wed, 20 Sep 2023 15:22:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CE136FE3FD1F48
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134505#148011626/gid:0/gname:root/mode:33188/mtime:1659086093#41156000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:14:53.041156Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
|
| sexcool-dating.life/media/dating/dirtysinder/js/trls.js | 185.155.186.17 | 200 OK | 18 kB |
URL GET HTTP/1.1sexcool-dating.life/media/dating/dirtysinder/js/trls.js IP185.155.186.17:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
Hash0d71a75c3acc2f59514014dd333c64c8 4b24c64041e32ea6853f313f7196740d6c33fabd 1a7eb7795296faf56df1f30f1c6771b7eaa9290c60127e3e9d86696668ea48c8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /media/dating/dirtysinder/js/trls.js HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: application/javascript
Content-Length: 17753
Connection: keep-alive
ETag: "0d71a75c3acc2f59514014dd333c64c8"
Last-Modified: Wed, 20 Sep 2023 15:22:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CE13C90052B9BB
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134505#148011626/gid:0/gname:root/mode:33188/mtime:1659086093#225156000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:14:53.225156Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
|
| oc.check-tl-ver-54-3.com/video-bit/assets/style.css | 104.21.58.39 | | 42 kB |
URL oc.check-tl-ver-54-3.com/video-bit/assets/style.css IP104.21.58.39:0
File typegzip compressed data, from Unix Hash0c508c2c2b28bc8a667a9adff0c07ea2 dfe0812898bc6294d8309254382c468d91218ae3 e7d1b6766481e1c1cb75e8888cfaf43413adba5b54d41fd84ac1494195c563ac
GET /video-bit/assets/style.css HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1a3c"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQJq%2Fdq1%2BPRTv2bPKOp1ZLwi508Yb9sJz73e4%2FLgTullLCSDkb4EARTm4dd8JUwjOozYpgCctLrPVAWtir6%2Fxp96MqAvoz1%2BOAh5XGZwNBVGFleEnNA4bfDFXPb0tmeO9CFCtCrPHrkh3Ck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0dfa556c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sexcool-dating.life/media/dating/dirtysinder/js/jquery-2.2.4.min.js | 185.155.186.17 | 200 OK | 86 kB |
URL GET HTTP/1.1sexcool-dating.life/media/dating/dirtysinder/js/jquery-2.2.4.min.js IP185.155.186.17:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /media/dating/dirtysinder/js/jquery-2.2.4.min.js HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: application/javascript
Content-Length: 85578
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "2f6b11a7e914718e0290410e85366fe9"
Last-Modified: Mon, 20 Feb 2023 09:31:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17CE136FE4506C57
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676801238#996470130/gid:0/gname:root/mode:33188/mtime:1659086092#969156000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:14:52.969156Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
|
| oc.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2 | 104.21.58.39 | | 5.7 kB |
URL oc.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2 IP104.21.58.39:0
File typeJavaScript source, ASCII text, with CRLF line terminators Hash7224243dd0b18bb2508a1d77d4b2a0b2 bd833c24aa241861316053fd8bd46a1bef3d343f 920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-dee"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lMheA49YdW5RLmpRV8GsSTCh2qsByFw8j5Aj6Komx4EKBPgb1QR%2FBl%2BPpJ6tKymliRTkroC2BTnldAiRCK%2FRIBxXKNSW9psRbjVetm8RBUu7cHHqhnl%2FhnbmeQLdY3NMeQb6rGJ9GQMioSM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0efbe56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sexcool-dating.life/media/dating/dirtysinder/images/2.jpg | 185.155.186.17 | 200 OK | 124 kB |
URL GET HTTP/1.1sexcool-dating.life/media/dating/dirtysinder/images/2.jpg IP185.155.186.17:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1928x988, components 3 Size124 kB (124409 bytes) Hash5dbe2191356b93f88f1d7bf68e119848 5f2c28df3272384c709af2752dc74d266adf9543 2949d919c1cbfea9a960e5a7a9fe4fe5086c1f9073c278d7e653980917a5a740
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /media/dating/dirtysinder/images/2.jpg HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: image/jpeg
Content-Length: 124409
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5dbe2191356b93f88f1d7bf68e119848"
Last-Modified: Mon, 20 Feb 2023 09:31:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17CE13701C8F648E
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843512#999936088/gid:0/gname:root/mode:33188/mtime:1655386828#689181000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:28.689181Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
|
| sexcool-dating.life/media/dating/dirtysinder/images/3.jpg | 185.155.186.17 | 200 OK | 149 kB |
URL GET HTTP/1.1sexcool-dating.life/media/dating/dirtysinder/images/3.jpg IP185.155.186.17:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1928x988, components 3 Size149 kB (149377 bytes) Hash1d9b9c419c00167969ce9b891aeb923b f28345bb8b79013536cc78f84b32147ae0f214d2 8f31c428593d808f5dd1697233414338d03fdc0f7f88334ef3be339efc2ebda2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /media/dating/dirtysinder/images/3.jpg HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: image/jpeg
Content-Length: 149377
Connection: keep-alive
ETag: "1d9b9c419c00167969ce9b891aeb923b"
Last-Modified: Wed, 20 Sep 2023 15:22:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CE13701A3C2554
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134505#144011613/gid:0/gname:root/mode:33188/mtime:1655386828#841181000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:28.841181Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15740, version 1.0 Hashb9c29351c46f3e8c8631c4002457f48a e57e59c5780995ff2937ab2b511a769212974a87 f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sexcool-dating.life
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:32:46 GMT
expires: Fri, 09 May 2025 02:32:46 GMT
cache-control: public, max-age=31536000
age: 108296
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| sexcool-dating.life/util/flag-icon/flags/4x3/no.svg | 185.155.186.17 | 200 OK | 331 B |
URL GET HTTP/1.1sexcool-dating.life/util/flag-icon/flags/4x3/no.svg IP185.155.186.17:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
File typeSVG Scalable Vector Graphics image Hashc7ecfe59439b5fd23924fd206cf2fded 056fbd2b17c7f08bfb480d21973a96bf86fbd72a 4027f3320608508754640a6de4cb1cdabdef4654b5a214e875c134802345683f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /util/flag-icon/flags/4x3/no.svg HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/util/flag-icon/css/flag-icon.css
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: image/svg+xml
Content-Length: 331
Connection: keep-alive
ETag: "c7ecfe59439b5fd23924fd206cf2fded"
Last-Modified: Tue, 21 Nov 2023 12:30:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CE13C90CB22F4A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223577#340125150/gid:0/gname:root/mode:33188/mtime:1655386305#848080000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:45.84808Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
|
| sexcool-dating.life/media/dating/dirtysinder/images/1.jpg | 185.155.186.17 | 200 OK | 145 kB |
URL GET HTTP/1.1sexcool-dating.life/media/dating/dirtysinder/images/1.jpg IP185.155.186.17:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1928x988, components 3 Size145 kB (144999 bytes) Hashd7c3dbb1072324f863945d8511916660 ca9bb3432a9e5ac9faabe45c62c4405bf76cc7c1 37a751df9353725b7e06bec81bc5c9f42c77c21701e4717465a13f4df5c0540d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /media/dating/dirtysinder/images/1.jpg HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: image/jpeg
Content-Length: 144999
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "d7c3dbb1072324f863945d8511916660"
Last-Modified: Mon, 20 Feb 2023 09:31:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17CE13C909904360
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843512#995936083/gid:0/gname:root/mode:33188/mtime:1655386827#657179000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:27.657179Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
|
| fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2 IP216.58.207.227:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48336, version 1.0 Hashbfe7ad4aa54cff8909b2d7632073cc30 7c2e625bea4d449ca78cde09ab59dc6c9cb4726f 47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
GET /s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sexcool-dating.life
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 16:38:17 GMT
expires: Fri, 09 May 2025 16:38:17 GMT
cache-control: public, max-age=31536000
age: 57565
last-modified: Wed, 01 May 2024 20:31:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| sexcool-dating.life/favicon.ico | 185.155.186.17 | 204 No Content | 0 B |
URL GET HTTP/1.1sexcool-dating.life/favicon.ico IP185.155.186.17:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Connection: keep-alive
Cache-Control: no-transform
|
|
| od.check-tl-ver-54-3.com/video-bit/assets/spinning-circles2.svg | 104.21.58.39 | | 12 kB |
URL od.check-tl-ver-54-3.com/video-bit/assets/spinning-circles2.svg IP104.21.58.39:0
File typeSVG Scalable Vector Graphics image Hash14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f
GET /video-bit/assets/spinning-circles2.svg HTTP/1.1
Host: od.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:41 GMT
content-type: image/svg+xml
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1f7"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mxp7y%2FSEby%2Bo3nIbJ85vFVfxwJn%2B%2BX6P1ECK3ToUOTmjsH1U1DAFcSp6Y%2Fu9C0oOAuEeR0v8Qx0f4hKRHHCmG2%2BWdB36OSamFLbn2JticQ0Td9tFTV1pJ8SnIZbUsLTEUG%2Bl0a0Q2pshLww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd41d4a56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| oa.check-tl-ver-54-3.com/video-bit/assets/style.css | 188.114.96.1 | | 10 kB |
URL oa.check-tl-ver-54-3.com/video-bit/assets/style.css IP188.114.96.1:0
File typegzip compressed data, from Unix Hash95b0195aa5e091746b0fe0750094344b d723203c88e2507a1a93341aca1682b71870f839 d489d8c757cd917acd06a4de3711b6ea2fdc51885186023e48a6a7be321415dd
GET /video-bit/assets/style.css HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1a3c"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2BiGWlWJGW9JzfMKs5M5RvvjNSUhsoIXl76Q3ZWMzfu4JB%2F5nbWHmM4OamvDq2Xqragnq%2F07bHdAI2RH4XNeTKHpKjSOqpLBOXC11uXKZHaUJ8sPj%2Fl%2Fr5bNSWupS%2B58a8boKTo%2BFFxkRk4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc98f2a0b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sexcool-dating.life/media/dating/dirtysinder/images/logo-loveme_black1.svg | 185.155.186.17 | 200 OK | 4.4 kB |
URL GET HTTP/1.1sexcool-dating.life/media/dating/dirtysinder/images/logo-loveme_black1.svg IP185.155.186.17:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
File typeSVG Scalable Vector Graphics image Hashdd7c878edba4cdb49d5f62fa54c32c1f 809cf681db218d93e82a9cd129b84e51b4849f62 7e8874640758a3442b5ebc4cd548fc41c6e10a39212ba0b25592d8c80dd5cc5e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /media/dating/dirtysinder/images/logo-loveme_black1.svg HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: image/svg+xml
Content-Length: 4449
Connection: keep-alive
ETag: "586f137204e47e4f50e5492ae49dd67c"
Last-Modified: Tue, 21 Nov 2023 12:29:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CE136FE2DE1541
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223323#383566011/gid:0/gname:root/mode:33188/mtime:1655386830#429185000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:30.429185Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
|
| sexcool-dating.life/media/bb.js | 185.155.186.17 | 200 OK | 639 B |
URL GET HTTP/1.1sexcool-dating.life/media/bb.js IP185.155.186.17:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
File typeASCII text, with very long lines (646), with no line terminators Hash3c6fc6bd71ed6acb63511a3ac2482c21 f13c5518659a2eef705ab5f01d1527d5dbc9af7b 7594d10aa0d238eae772197c8c676c270c551ba780cea720c52435af146c28e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /media/bb.js HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: application/javascript
Content-Length: 639
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0d553e4bac91c74bfee2dbabba61e99e"
Last-Modified: Mon, 20 Feb 2023 09:29:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17CE139B28E259F6
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676832256#258761277/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.852764Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
|
| sexcool-dating.life/util/flag-icon/css/flag-icon.css | 185.155.186.17 | 200 OK | 41 kB |
URL GET HTTP/1.1sexcool-dating.life/util/flag-icon/css/flag-icon.css IP185.155.186.17:443
Requested byhttps://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback CertificateIssuerLet's Encrypt Subjectsexcool-dating.life Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50 ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT
File typeASCII text, with CRLF line terminators Hash0a47b937981e7389e3ebe63e4a503066 01b395ad016a1d9d15016d765f7d2c51a6e2809b d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /util/flag-icon/css/flag-icon.css HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: text/css
Content-Length: 40627
Connection: keep-alive
ETag: "0a47b937981e7389e3ebe63e4a503066"
Last-Modified: Wed, 20 Sep 2023 15:26:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CE13B44D499496
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134513#296037122/gid:0/gname:root/mode:33188/mtime:1655386274#684017000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:14.684017Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
|