Report - wingstoesassemble.com/cavtpcge95?adb=n&dev=r&key=8eed0af3ba88434b397fe82f5912d434&kqtzvbi=74&kw=["livecamrips","com","evelyn","jhonson3","live","show","recorded","on","2024-01-29","13","20","09"]&psid=livecamrips.com,livecamrips.com&refer=https://livecamrips.com/video/2292279&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=-5&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1&v=24.5.6485

Report Overview

Submitted URL
wingstoesassemble.com/cavtpcge95?adb=n&dev=r&key=8eed0af3ba88434b397fe82f5912d434&kqtzvbi=74&kw=["livecamrips","com","evelyn","jhonson3","live","show","recorded","on","2024-01-29","13","20","09"]&psid=livecamrips.com,livecamrips.com&refer=https://livecamrips.com/video/2292279&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=-5&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1&v=24.5.6485
IP
172.240.108.84
ASN
#7979 SERVERS-COM
Submitted
2024-05-04 00:32:43
Access
public
Website Title
LiveJasmin.com - Hot Live Sex Shows!
Final URL
crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
pt-static5.jsmsat.com	56136	2020-07-16	2020-07-24	2024-04-21	469 B	766 B	93.93.51.201
edttmar.com	unknown	2023-11-14	2024-01-14	2024-05-02	665 B	2.0 kB	93.93.51.223
galleryn3.vcmdiawe.com	unknown	2023-05-02	2023-05-04	2024-05-02	1.0 kB	16 kB	93.93.51.190
galleryn2.vcmdiawe.com	unknown	2023-05-02	2023-05-04	2024-04-30	1.6 kB	20 kB	93.93.51.190
pt-static2.jsmsat.com	60021	2020-07-16	2020-07-17	2024-05-03	438 B	89 kB	93.93.51.201
ccs.livejasmin.com	84146	2001-11-12	2019-09-26	2024-04-19	491 B	915 B	93.93.51.225
wingstoesassemble.com	unknown	unknown	No data	No data	5.2 kB	6.1 kB	192.243.61.225
galleryn1.vcmdiawe.com	unknown	2023-05-02	2023-05-04	2024-05-02	524 B	67 kB	93.93.51.190
crpdt.livejasmin.com	unknown	2001-11-12	2023-12-04	2024-05-02	1.7 kB	44 kB	93.93.51.191
pt-static4.jsmsat.com	49485	2020-07-16	2020-07-24	2024-04-28	4.0 kB	407 kB	93.93.51.201
pt-static1.jsmsat.com	52894	2020-07-16	2020-07-17	2024-05-02	1.4 kB	13 kB	93.93.51.201
twinfill.com	unknown	2023-08-08	2023-08-09	2024-04-21	1.7 kB	35 kB	104.18.39.86
pt-static3.jsmsat.com	50153	2020-07-16	2020-07-24	2024-05-01	466 B	2.2 kB	93.93.51.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-03	medium	wingstoesassemble.com	Sinkholed
2024-05-03	medium	wingstoesassemble.com	Sinkholed
2024-05-03	medium	wingstoesassemble.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	pt-static4.jsmsat.com/npe/bonuscredit/bonuscredit-v764270.js	26 kB	2024-04-28	2024-05-05
Pretty URL pt-static4.jsmsat.com/npe/bonuscredit/bonuscredit-v764270.js IP 93.93.51.201 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-28 04:11:38 Last Seen2024-05-05 15:02:13 Times Seen17 Hash cbf93127bf90c2c944c8c37704600e75 415d61f34ae782eb5b3da3e65b5db89d1af196b9 01f0b732146cc86c05d9c3622a9f45dbbb4b9ce09fe21a620c6ca73801bf1e73 Loading...

	pt-static2.jsmsat.com/npe/pu/play/script/pu.play-v764270.js	237 kB	2024-04-28	2024-05-05
Pretty URL pt-static2.jsmsat.com/npe/pu/play/script/pu.play-v764270.js IP 93.93.51.201 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-28 04:11:38 Last Seen2024-05-05 15:02:13 Times Seen18 Hash 370b3b3a937dcb49cd5a3127339a93f1 9afd3a07a4297227cd1ba2def55ee76328106488 65fcb140fc58dc5f13889f2f50318f1821e361c980dfab11e96dc07000277618 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	38 B	2023-03-07	2024-05-17
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:21 Last Seen2024-05-17 23:49:19 Times Seen1252 Hash 9a68d1de621cc55ec20c5baf4c3067ec 47c0540512403f26b3ead431eb04f651b33e0f2f ef3cf320924ae152bb5c997bd2e694ae638c18ca6b07f3461e1e4edfdc89640d Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	253 B	2023-03-07	2024-05-17
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:24 Last Seen2024-05-17 23:49:19 Times Seen1242 Hash 72ab34dd8b5a983259e40247f9090692 f6f5d277c22bcfa75537f12f11c74c930dcc88b8 9f4feff2d925ea3f1defa607391b4a3cd992820fd8c04d8874588f2779246155 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	6.0 kB	2024-04-28	2024-05-17
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 04:11:37 Last Seen2024-05-17 23:49:19 Times Seen37 Hash cd04a5238b7d5efb645071906bcecef6 f1615b0e26219b6f49467e4aca31bc0ba71986af 95762d9f80dd183598b0d077ef3ed0948d04cc88e1fa8b3872ad49b98c400930 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	218 B	2024-04-18	2024-05-17
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 10:15:34 Last Seen2024-05-17 23:49:19 Times Seen37 Hash 602508a4e476f049380fe6c191a1eac3 5105d7e6964f50b0ed4be7adfee58f4fc83efa84 9a2000a63f94ceb1c6e1637396b6cf43fbd811ab3408b14e50dfa5afee72e3de Loading...

	pt-static1.jsmsat.com/npe/_common/script/incognito/di.min-v764270.js	3.4 kB	2023-03-13	2024-05-17
Pretty URL pt-static1.jsmsat.com/npe/_common/script/incognito/di.min-v764270.js IP 93.93.51.201 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:24:56 Last Seen2024-05-17 23:49:20 Times Seen1254 Hash 12cc9fb78b56fb696198830bc9055d69 fc873e0ed9543c0a9f2cb9b9446f621625a4b588 7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	109 B	2023-03-07	2024-05-17
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:22 Last Seen2024-05-17 23:49:19 Times Seen1191 Hash 6c9b74157e4685c28af76039da9d83a3 0dce6b9242a8b9a51f0dc61e9a5fa3a3a763185a 41c4ce87e0d4fb5838464ed399c37c9f7b4b8747fa486949b83e52fe69d6c423 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	1.1 kB	2024-05-04	2024-05-04
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 02:32:49 Last Seen2024-05-04 02:32:49 Times Seen1 Hash 81e5ee62636f9c50c78c25a994048570 d9eecb989dafcd96b64bcfd80698c001debd45f9 148568794c417766eaf96e729e9afa4b85dc56f71fd763114eb515870bfdc8d4 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	9.6 kB	2024-05-04	2024-05-04
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 02:32:49 Last Seen2024-05-04 02:32:49 Times Seen1 Hash 9f31efbacd2c7f250d14779966e181ba 74656e809f85b539694aea910bef2e6f057a67be 9e562e727653444541d3dae5b21090f538961b46d08407069e5e9690da3db142 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	422 B	2024-05-04	2024-05-04
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 01:41:49 Last Seen2024-05-04 02:32:49 Times Seen2 Hash d249de3483d401c001a4289954cb11f6 d84888fcaa9f70bf51e295848fc4992cb2708b2a 5db47c735540639fc380c9f7f05bc40b288cb7544297783bc7d0a17f0e7f8f01 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	708 B	2024-05-04	2024-05-04
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 02:32:49 Last Seen2024-05-04 02:32:49 Times Seen1 Hash d4bc4f42cf4ba70505d27607fdf407ab 1190360be7fb2943475930440a7ee4cb9f26d4f9 a01f5206797141152ce836d914bab9628384a4cbeb883ae62fac0ddd59e539cc Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	4.1 kB	2024-05-04	2024-05-04
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 02:32:49 Last Seen2024-05-04 02:32:49 Times Seen1 Hash 7246dc5c6b1f1dcbd93b48c1518cb4e3 da4727877cd358b0c155704dbed381506ba55bd1 8dc9551a5d91e9468afb51b6bcf2cfc5714c2d602f9297fc66c3debffa6be965 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	973 B	2023-03-07	2024-05-10
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:19:05 Last Seen2024-05-10 01:42:32 Times Seen15 Hash 89f683f53271d3325eb2d88fb77d5a6d 81798cd25509880ac948480671ab57eb301b383c 5caf797d0fe823d068f7cffe6b846c88902336145e45824ff9f8a1b2056a6374 Loading...

	pt-static1.jsmsat.com/npe/_common/script/adblock/ad_left_-v764270.js	21 B	2023-03-07	2024-05-17
Pretty URL pt-static1.jsmsat.com/npe/_common/script/adblock/ad_left_-v764270.js IP 93.93.51.201 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-05-17 23:49:20 Times Seen2788 Hash 01c6e7ecb819ef28b0c9b962513a1596 1a49f493db7b91ed34a7040d36732352b9a5dc39 e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5 Loading...

HTTP Transactions (28)

URL IP Response Size

wingstoesassemble.com/cavtpcge95?adb=n&dev=r&key=8eed0af3ba88434b397fe82f5912d434&kqtzvbi=74&kw=[%22livecamrips%22,%22com%22,%22evelyn%22,%22jhonson3%22,%22live%22,%22show%22,%22recorded%22,%22on%22,%222024-01-29%22,%2213%22,%2220%22,%2209%22]&psid=livecamrips.com,livecamrips.com&refer=https://livecamrips.com/video/2292279&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=-5&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1&v=24.5.6485

192.243.61.225

1.7 kB

URL
wingstoesassemble.com/cavtpcge95?adb=n&dev=r&key=8eed0af3ba88434b397fe82f5912d434&kqtzvbi=74&kw=[%22livecamrips%22,%22com%22,%22evelyn%22,%22jhonson3%22,%22live%22,%22show%22,%22recorded%22,%22on%22,%222024-01-29%22,%2213%22,%2220%22,%2209%22]&psid=livecamrips.com,livecamrips.com&refer=https://livecamrips.com/video/2292279&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=-5&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1&v=24.5.6485
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document, ASCII text, with very long lines (972)
Size
1.7 kB (1716 bytes)
Hash
38eb8a50b02e44c1182a95a141d2c35a
4513cee54581062be61e709268612b2587eed6e6
2ee5cfefe74390c659ea92f7be7c414edf9fca6f39effc6772b5e363ad2674e4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cavtpcge95?adb=n&dev=r&key=8eed0af3ba88434b397fe82f5912d434&kqtzvbi=74&kw=[%22livecamrips%22,%22com%22,%22evelyn%22,%22jhonson3%22,%22live%22,%22show%22,%22recorded%22,%22on%22,%222024-01-29%22,%2213%22,%2220%22,%2209%22]&psid=livecamrips.com,livecamrips.com&refer=https://livecamrips.com/video/2292279&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=-5&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1&v=24.5.6485 HTTP/1.1
Host: wingstoesassemble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 00:32:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=22400125; expires=Sun, 05 May 2024 00:32:15 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjQwMDEyNSwiayI6IjhlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0Iiwic2lkIjoibGl2ZWNhbXJpcHMuY29tLGxpdmVjYW1yaXBzLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MjQxODc0OSwicGlkIjo4MTQ2NDAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTYsImFpZCI6MjgsInB0Ijo0LCJwayI6ImNhdnRwY2dlOTUiLCJjcGtzIjp7IjI5IjoiNWM0MTA2NzBlNjkwY2U5ZGYwZDlkYzk3NDM1MDM1ODgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpdmVjYW1yaXBzLmNvbS92aWRlby8yMjkyMjc5IiwiYXIiOltdfX0.WyA0C8xhaCE0AM0NopMTpR-Doti6od3wYm0uLDMbNh0; expires=Sat, 04 May 2024 00:33:15 GMT
uid_id2=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1; expires=Sat, 11 May 2024 00:32:15 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1bd2f5ac0dde3ca999bade75270cc1cf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

wingstoesassemble.com/api/users?token=L2NhdnRwY2dlOTU_YWRiPW4mZGV2PXIma2V5PThlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0JmtxdHp2Ymk9NzQma3c9JTVCJTIybGl2ZWNhbXJpcHMlMjIlMkMlMjJjb20lMjIlMkMlMjJldmVseW4lMjIlMkMlMjJqaG9uc29uMyUyMiUyQyUyMmxpdmUlMjIlMkMlMjJzaG93JTIyJTJDJTIycmVjb3JkZWQlMjIlMkMlMjJvbiUyMiUyQyUyMjIwMjQtMDEtMjklMjIlMkMlMjIxMyUyMiUyQyUyMjIwJTIyJTJDJTIyMDklMjIlNUQmcHNpZD1saXZlY2Ftcmlwcy5jb20lMkNsaXZlY2Ftcmlwcy5jb20mcHN0PTE3MTQ3ODI3OTUmcmVmZXI9aHR0cHMlM0ElMkYlMkZsaXZlY2Ftcmlwcy5jb20lMkZ2aWRlbyUyRjIyOTIyNzkmcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9MTA4MCZzY3JXaWR0aD0xOTIwJnNoaXA9JnNodT1jNWExZmRlNTY1MWE0NTlhN2VkZDczNTRhNjhkYjNlNmMzN2U5OWY1MGNkYmY1YjEwN2I2ZjUyMWRjYjA4YTk5YzhhODJmZjAwOTVhYWY1ZTdhNTgzY2QyZTJmNDBkNDY4YTZiOTQzMTRiZGJlZGFhNzVhMzgzODRlOTRkNjVkOTU1OGEyMGM2ODkwY2U4Zjk3OWJjMWY5ZTNjNTYxYmQxNzNhYWNmMTE2NTkwZDQxNDhiYTc5NmM1MDlmOSZzdWIzPWludm9rZV9sYXllciZ0ej0tNSZ1dWlkPTZjZmM3NDc2LWJiNjUtNGExYi04NTRmLTBmZjI4OWI3MDM4YyUzQTIlM0ExJnY9MjQuNS42NDg1&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c%3A2%3A1&pii=&in=false

192.243.61.225

0 B

URL
wingstoesassemble.com/api/users?token=L2NhdnRwY2dlOTU_YWRiPW4mZGV2PXIma2V5PThlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0JmtxdHp2Ymk9NzQma3c9JTVCJTIybGl2ZWNhbXJpcHMlMjIlMkMlMjJjb20lMjIlMkMlMjJldmVseW4lMjIlMkMlMjJqaG9uc29uMyUyMiUyQyUyMmxpdmUlMjIlMkMlMjJzaG93JTIyJTJDJTIycmVjb3JkZWQlMjIlMkMlMjJvbiUyMiUyQyUyMjIwMjQtMDEtMjklMjIlMkMlMjIxMyUyMiUyQyUyMjIwJTIyJTJDJTIyMDklMjIlNUQmcHNpZD1saXZlY2Ftcmlwcy5jb20lMkNsaXZlY2Ftcmlwcy5jb20mcHN0PTE3MTQ3ODI3OTUmcmVmZXI9aHR0cHMlM0ElMkYlMkZsaXZlY2Ftcmlwcy5jb20lMkZ2aWRlbyUyRjIyOTIyNzkmcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9MTA4MCZzY3JXaWR0aD0xOTIwJnNoaXA9JnNodT1jNWExZmRlNTY1MWE0NTlhN2VkZDczNTRhNjhkYjNlNmMzN2U5OWY1MGNkYmY1YjEwN2I2ZjUyMWRjYjA4YTk5YzhhODJmZjAwOTVhYWY1ZTdhNTgzY2QyZTJmNDBkNDY4YTZiOTQzMTRiZGJlZGFhNzVhMzgzODRlOTRkNjVkOTU1OGEyMGM2ODkwY2U4Zjk3OWJjMWY5ZTNjNTYxYmQxNzNhYWNmMTE2NTkwZDQxNDhiYTc5NmM1MDlmOSZzdWIzPWludm9rZV9sYXllciZ0ej0tNSZ1dWlkPTZjZmM3NDc2LWJiNjUtNGExYi04NTRmLTBmZjI4OWI3MDM4YyUzQTIlM0ExJnY9MjQuNS42NDg1&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c%3A2%3A1&pii=&in=false
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L2NhdnRwY2dlOTU_YWRiPW4mZGV2PXIma2V5PThlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0JmtxdHp2Ymk9NzQma3c9JTVCJTIybGl2ZWNhbXJpcHMlMjIlMkMlMjJjb20lMjIlMkMlMjJldmVseW4lMjIlMkMlMjJqaG9uc29uMyUyMiUyQyUyMmxpdmUlMjIlMkMlMjJzaG93JTIyJTJDJTIycmVjb3JkZWQlMjIlMkMlMjJvbiUyMiUyQyUyMjIwMjQtMDEtMjklMjIlMkMlMjIxMyUyMiUyQyUyMjIwJTIyJTJDJTIyMDklMjIlNUQmcHNpZD1saXZlY2Ftcmlwcy5jb20lMkNsaXZlY2Ftcmlwcy5jb20mcHN0PTE3MTQ3ODI3OTUmcmVmZXI9aHR0cHMlM0ElMkYlMkZsaXZlY2Ftcmlwcy5jb20lMkZ2aWRlbyUyRjIyOTIyNzkmcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9MTA4MCZzY3JXaWR0aD0xOTIwJnNoaXA9JnNodT1jNWExZmRlNTY1MWE0NTlhN2VkZDczNTRhNjhkYjNlNmMzN2U5OWY1MGNkYmY1YjEwN2I2ZjUyMWRjYjA4YTk5YzhhODJmZjAwOTVhYWY1ZTdhNTgzY2QyZTJmNDBkNDY4YTZiOTQzMTRiZGJlZGFhNzVhMzgzODRlOTRkNjVkOTU1OGEyMGM2ODkwY2U4Zjk3OWJjMWY5ZTNjNTYxYmQxNzNhYWNmMTE2NTkwZDQxNDhiYTc5NmM1MDlmOSZzdWIzPWludm9rZV9sYXllciZ0ej0tNSZ1dWlkPTZjZmM3NDc2LWJiNjUtNGExYi04NTRmLTBmZjI4OWI3MDM4YyUzQTIlM0ExJnY9MjQuNS42NDg1&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c%3A2%3A1&pii=&in=false HTTP/1.1
Host: wingstoesassemble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wingstoesassemble.com/api/users?token=L2NhdnRwY2dlOTU_a2V5PTljYTYwMWE5ZjQ3YzczNWRmNzZkNWNhNDZmYTI2YTY2JnN1Ym1ldHJpYz0yMjQwMDEyNQ
Cookie: u_pl=22400125; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjQwMDEyNSwiayI6IjhlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0Iiwic2lkIjoibGl2ZWNhbXJpcHMuY29tLGxpdmVjYW1yaXBzLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MjQxODc0OSwicGlkIjo4MTQ2NDAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTYsImFpZCI6MjgsInB0Ijo0LCJwayI6ImNhdnRwY2dlOTUiLCJjcGtzIjp7IjI5IjoiNWM0MTA2NzBlNjkwY2U5ZGYwZDlkYzk3NDM1MDM1ODgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpdmVjYW1yaXBzLmNvbS92aWRlby8yMjkyMjc5IiwiYXIiOltdfX0.WyA0C8xhaCE0AM0NopMTpR-Doti6od3wYm0uLDMbNh0; uid_id2=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Sat, 04 May 2024 00:32:16 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://twinfill.com/Redirect.eng?MediaSegmentId=23107&dcid=3_ctx_9595e033-3fa8-4d36-88db-feb23308b992&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=180&dst=False&v=pPgfHNGoGgkfACYWuK2TGK8lhf1TzrhgcChtV69mVpL2J-7EfWn8bwuJ3m4RUU3w2wFysKbnllXqzcdtKRO6iABzxKNLW4gyQs7PYJPeFyKdTdra64ehWOIWIbPVUCfyUtMgu8ogIrEwHuXdm5UVtl6ylemVo9LHOelVsP3dImxTJek7FnPFtU6FbKPO_XaN2kfEJMFnAwgQHpqSKXHT9zZZ4XQj8_KN5t_IT69HkvOaJJZQ2y1tjhvtoCt0juxBZSB9G50rBaDXfQ0N2aZEauJyZuW0sTOm3ZAOr-Ps7d6G-CkeLRXNOv1o3_dPc42PuDkAoIp3Vpy9LBf-yO8kQnXmRSMF3CYVZyQLLjbUNSm5Gsg-wFouTyqclqsO8ZstzRRI_ms87yereG42YRigNnx2XsbaE48d63QjHmCLfz_QVvpas4rXn4HWIPzRF_x238zwDzbEsRFsMUN3qEaq9FxaQEQMgLobEOEER12nPfDtfzYu5NW3QoHqyBO95Gf8jETdiB4je1l5ObRF8ah3TUWCqfii8UNooYkeR5SOa4xfX06e9Ll4C7jT9B8i0pfiSR9HeY_7uhs6-utl2xtQ00d3ffYVa-RAHAb3smfgZ75CP6c_v07u21fBvy9KnPjz9U79-mB-CJS3Qt73UsU40TSX5eGqtCcgQZ5vOjSrUuNQr2w3uXsA-XgtVVpuAo_5GzKIlz21JHefqN_Z9bH06n9gD3vy0fZFPO82Z5lV2zX8WvYHF2SKr4AHzdw2ukY063HkkrypaWG-YmfadheB12mX8A3WG_iwFUpFFIrrG_xMxx40CDZZTh8zZrIgoIPYk5eWOfeIbwM1ZIFnFQGcDHmc1esvNuwjpDf9fzH4-O1e7cTQ5murzTU50hzepU_kLdA_UdUzTWQD1dz1QU8X6_OiHEDsINOcYGZzrQ8VijOh-cpyPyqJu7JcP4Ya3usof4R-5u6SSSMP4jF6ph0JQA2&kw=&mw=1024&mh=768&ortb=1&at=
Set-Cookie: uid_id2=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1; expires=Sat, 11 May 2024 00:32:15 GMT
pdhtkv=true; expires=Sun, 05 May 2024 00:32:16 GMT
uncs=1; expires=Sun, 05 May 2024 00:32:16 GMT
pdhtkv28=true; expires=Sun, 05 May 2024 00:32:16 GMT
uncs28=1; expires=Sun, 05 May 2024 00:32:16 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6c15cdf5cac2506dc70f804ae1ab3d66
Strict-Transport-Security: max-age=0; includeSubdomains

wingstoesassemble.com/favicon.ico

172.240.108.76

0 B

URL
wingstoesassemble.com/favicon.ico
IP
172.240.108.76:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: wingstoesassemble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wingstoesassemble.com/api/users?token=L2NhdnRwY2dlOTU_a2V5PTljYTYwMWE5ZjQ3YzczNWRmNzZkNWNhNDZmYTI2YTY2JnN1Ym1ldHJpYz0yMjQwMDEyNQ
Cookie: u_pl=22400125; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjQwMDEyNSwiayI6IjhlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0Iiwic2lkIjoibGl2ZWNhbXJpcHMuY29tLGxpdmVjYW1yaXBzLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MjQxODc0OSwicGlkIjo4MTQ2NDAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTYsImFpZCI6MjgsInB0Ijo0LCJwayI6ImNhdnRwY2dlOTUiLCJjcGtzIjp7IjI5IjoiNWM0MTA2NzBlNjkwY2U5ZGYwZDlkYzk3NDM1MDM1ODgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpdmVjYW1yaXBzLmNvbS92aWRlby8yMjkyMjc5IiwiYXIiOltdfX0.WyA0C8xhaCE0AM0NopMTpR-Doti6od3wYm0uLDMbNh0; uid_id2=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1; cjs=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 00:32:16 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 993bee7fe69561030c07e85615f6d764
Strict-Transport-Security: max-age=0; includeSubdomains

pt-static1.jsmsat.com/npe/_common/script/adblock/ad_left_-v764270.js

93.93.51.201

200 OK

21 B

URL GET HTTP/2
pt-static1.jsmsat.com/npe/_common/script/adblock/ad_left_-v764270.js
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt.awempt.com
Fingerprint34:65:41:37:F8:CE:82:DC:CE:22:50:59:B8:3B:36:5E:E4:7A:A4:C6
ValidityMon, 29 Apr 2024 11:01:04 GMT - Sun, 28 Jul 2024 11:01:03 GMT

File type
ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
01c6e7ecb819ef28b0c9b962513a1596
1a49f493db7b91ed34a7040d36732352b9a5dc39
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

HTTP Headers

GET /npe/_common/script/adblock/ad_left_-v764270.js HTTP/1.1
Host: pt-static1.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: application/javascript
content-length: 21
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-15"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/pu/play/css/play-v764270.css

93.93.51.201

200 OK

45 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/pu/play/css/play-v764270.css
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
gzip compressed data, max speed, from Unix
Size
45 kB (45408 bytes)
Hash
9a047a8eaaa8c53ad8c243ae11557245
2934f51a0a58ee208a45baa0ad75e9feb7dff53e
07ff488aaa18a9b5c5a1c063d1d5ce831cd44c7469973a7b4541808f5bdaa2e4

HTTP Headers

GET /npe/pu/play/css/play-v764270.css HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 14:10:42 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66339ee2-17156"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/_common/fonts/roboto_regular-webfont-v764270.woff

93.93.51.201

200 OK

89 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/_common/fonts/roboto_regular-webfont-v764270.woff
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
Web Open Font Format, TrueType, length 89436, version 2.1101
Size
89 kB (89436 bytes)
Hash
27ebb57ca80d9efd1d7b2bb174af090f
527a35fa8eb34124d8bdc9bee973de676977637d
866c21d6cada368ff5a8049cb94a899b547fc763068036aacf94be7b24a2a40e

HTTP Headers

GET /npe/_common/fonts/roboto_regular-webfont-v764270.woff HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crpdt.livejasmin.com
DNT: 1
Connection: keep-alive
Referer: https://pt-static4.jsmsat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: application/font-woff
content-length: 89436
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-15d5c"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/_common/fonts/awepromotools-v764270.woff

93.93.51.201

200 OK

2.0 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/_common/fonts/awepromotools-v764270.woff
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
Web Open Font Format, TrueType, length 2012, version 0.0
Size
2.0 kB (2012 bytes)
Hash
fa3ce3d548dc5dee1dc96d2fc739f879
6a05a3a6c264d90e9780d20e0ee104401b21b35a
faf04186101fc9c07cae4daafc4fc83d2a0a0298634106b9d4482f81df4632e3

HTTP Headers

GET /npe/_common/fonts/awepromotools-v764270.woff HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crpdt.livejasmin.com
DNT: 1
Connection: keep-alive
Referer: https://pt-static4.jsmsat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: application/font-woff
content-length: 2012
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-7dc"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/bonuscredit/css/bonuscredit-v764270.css

93.93.51.201

200 OK

61 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/bonuscredit/css/bonuscredit-v764270.css
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
gzip compressed data, max speed, from Unix
Size
61 kB (60988 bytes)
Hash
18c1a1faa10a7f481c28ea05d070899c
6219522c155a6a7014d0abb2d5b790483b4eefb1
e364a7b905890cb48e788d56b42d424d8def6d21c1daa2669b994b3f56f713be

HTTP Headers

GET /npe/bonuscredit/css/bonuscredit-v764270.css HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 14:10:42 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66339ee2-8dc"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/_common/fonts/roboto_bold-webfont-v764270.woff

93.93.51.201

200 OK

90 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/_common/fonts/roboto_bold-webfont-v764270.woff
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
Web Open Font Format, TrueType, length 89584, version 2.1150
Size
90 kB (89584 bytes)
Hash
5da9ea748f871afd777b452f15c71f2f
65603d39f5473276cbff6bf6f23e984240ec4f68
e485cf8605b5490285c439b818a7123f5855c6a3e831b01046c6dc62718bac88

HTTP Headers

GET /npe/_common/fonts/roboto_bold-webfont-v764270.woff HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crpdt.livejasmin.com
DNT: 1
Connection: keep-alive
Referer: https://pt-static4.jsmsat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: application/font-woff
content-length: 89584
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-15df0"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f13/30d02e20d3d7aadf34c6f1b9082da89e_glamour_215x121.jpg?cno=1b00

93.93.51.190

200 OK

6.5 kB

URL GET HTTP/2
galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f13/30d02e20d3d7aadf34c6f1b9082da89e_glamour_215x121.jpg?cno=1b00
IP
93.93.51.190:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerSectigo Limited
Subject*.vcmdiawe.com
FingerprintCE:0E:FE:7C:F9:7E:6E:39:18:50:38:A4:A1:30:34:CA:86:47:16:2C
ValidityMon, 08 Apr 2024 00:00:00 GMT - Fri, 02 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 215x121, components 3
Size
6.5 kB (6468 bytes)
Hash
687654b3f299a1c8443863fc2bcefb4d
168b7cf831aff8da8040bd7f0d28e1633d114f23
e8869af5a95c706703d796b28f0e0d22ba87c287f4c75f854a36d05687e88670

HTTP Headers

GET /ff268cab8d9fbae1ed7506f97496274f13/30d02e20d3d7aadf34c6f1b9082da89e_glamour_215x121.jpg?cno=1b00 HTTP/1.1
Host: galleryn3.vcmdiawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: image/jpeg
content-length: 6468
last-modified: Mon, 15 Apr 2024 23:22:00 GMT
x-rgw-object-type: Normal
etag: "687654b3f299a1c8443863fc2bcefb4d"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static1.jsmsat.com/npe/image/smilies_ex.png

93.93.51.201

200 OK

8.5 kB

URL GET HTTP/2
pt-static1.jsmsat.com/npe/image/smilies_ex.png
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt.awempt.com
Fingerprint34:65:41:37:F8:CE:82:DC:CE:22:50:59:B8:3B:36:5E:E4:7A:A4:C6
ValidityMon, 29 Apr 2024 11:01:04 GMT - Sun, 28 Jul 2024 11:01:03 GMT

File type
PNG image data, 536 x 138, 8-bit colormap, non-interlaced
Size
8.5 kB (8533 bytes)
Hash
53fc00ebf44066190d5faea2a7931e7c
21178ac1ffb10f958d26d17a0fe49d5d31a00720
63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c

HTTP Headers

GET /npe/image/smilies_ex.png HTTP/1.1
Host: pt-static1.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: image/png
content-length: 8533
last-modified: Wed, 10 Apr 2024 06:53:03 GMT
etag: "6616374f-2155"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1a/a7cc01c291be77660272cef32853b117_glamour_215x121.jpg?cno=e1d6

93.93.51.190

200 OK

6.8 kB

URL GET HTTP/2
galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1a/a7cc01c291be77660272cef32853b117_glamour_215x121.jpg?cno=e1d6
IP
93.93.51.190:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerSectigo Limited
Subject*.vcmdiawe.com
FingerprintCE:0E:FE:7C:F9:7E:6E:39:18:50:38:A4:A1:30:34:CA:86:47:16:2C
ValidityMon, 08 Apr 2024 00:00:00 GMT - Fri, 02 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 215x121, components 3
Size
6.8 kB (6795 bytes)
Hash
c65f6ee390a9366d5ec7142015eb5978
b7430171cd391d60e9e2f5a571bb79973e3503ed
245ec55230f75f5bda3690ff3266ac6623a57d458d8d607a70918f9699f08ac8

HTTP Headers

GET /ff268cab8d9fbae1ed7506f97496274f1a/a7cc01c291be77660272cef32853b117_glamour_215x121.jpg?cno=e1d6 HTTP/1.1
Host: galleryn2.vcmdiawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: image/jpeg
content-length: 6795
last-modified: Thu, 22 Feb 2024 19:52:59 GMT
x-rgw-object-type: Normal
etag: "c65f6ee390a9366d5ec7142015eb5978"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2

galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f11/17549cf5cee1cfebd04b719e22039215_glamour_215x121.jpg?cno=91b7

93.93.51.190

200 OK

8.7 kB

URL GET HTTP/2
galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f11/17549cf5cee1cfebd04b719e22039215_glamour_215x121.jpg?cno=91b7
IP
93.93.51.190:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerSectigo Limited
Subject*.vcmdiawe.com
FingerprintCE:0E:FE:7C:F9:7E:6E:39:18:50:38:A4:A1:30:34:CA:86:47:16:2C
ValidityMon, 08 Apr 2024 00:00:00 GMT - Fri, 02 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 215x121, components 3
Size
8.7 kB (8703 bytes)
Hash
6a91e60b9db9f7421d573582861954a2
8f108fdc2abb93ae3df90137f6ce50813de2f824
6508b2bbad9efcc8946c4722dc2b17a1a2811d5caef307a85a9d60d82f478c98

HTTP Headers

GET /ff268cab8d9fbae1ed7506f97496274f11/17549cf5cee1cfebd04b719e22039215_glamour_215x121.jpg?cno=91b7 HTTP/1.1
Host: galleryn3.vcmdiawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: image/jpeg
content-length: 8703
last-modified: Sat, 20 Apr 2024 19:36:44 GMT
x-rgw-object-type: Normal
etag: "6a91e60b9db9f7421d573582861954a2"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2

galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f17/714fe3101ce16cf3d34bdd249d2f0f57_glamour_215x121.jpg?cno=59fd

93.93.51.190

200 OK

7.0 kB

URL GET HTTP/2
galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f17/714fe3101ce16cf3d34bdd249d2f0f57_glamour_215x121.jpg?cno=59fd
IP
93.93.51.190:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerSectigo Limited
Subject*.vcmdiawe.com
FingerprintCE:0E:FE:7C:F9:7E:6E:39:18:50:38:A4:A1:30:34:CA:86:47:16:2C
ValidityMon, 08 Apr 2024 00:00:00 GMT - Fri, 02 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 215x121, components 3
Size
7.0 kB (6998 bytes)
Hash
0d69bbeaf0b65887831a990941b41f63
0bdfa0616e62eaa7aed015b4827fd710122456bd
cd96b1dc342b22201e4ebf3a53c6831f765064c760246ea574edd1252e628636

HTTP Headers

GET /ff268cab8d9fbae1ed7506f97496274f17/714fe3101ce16cf3d34bdd249d2f0f57_glamour_215x121.jpg?cno=59fd HTTP/1.1
Host: galleryn2.vcmdiawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: image/jpeg
content-length: 6998
last-modified: Fri, 29 Mar 2024 19:26:52 GMT
x-rgw-object-type: Normal
etag: "0d69bbeaf0b65887831a990941b41f63"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static2.jsmsat.com/npe/pu/play/script/pu.play-v764270.js

93.93.51.201

200 OK

89 kB

URL GET HTTP/2
pt-static2.jsmsat.com/npe/pu/play/script/pu.play-v764270.js
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt.awempt.com
Fingerprint34:65:41:37:F8:CE:82:DC:CE:22:50:59:B8:3B:36:5E:E4:7A:A4:C6
ValidityMon, 29 Apr 2024 11:01:04 GMT - Sun, 28 Jul 2024 11:01:03 GMT

File type
gzip compressed data, max speed, from Unix
Size
89 kB (88570 bytes)
Hash
7ad072af35363c1d5850be8f861106c3
140f6f6f318dd1cfa464cc3dbca369fcf1f3d2ad
1427d9c1d9183c5b1faece0b990c5623955dd848c06467da72053cf5d1c8cdca

HTTP Headers

GET /npe/pu/play/script/pu.play-v764270.js HTTP/1.1
Host: pt-static2.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 14:10:42 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66339ee2-39c26"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2

galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f13/30d02e20d3d7aadf34c6f1b9082da89e_glamour_896x504.jpg

93.93.51.190

200 OK

66 kB

URL GET HTTP/2
galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f13/30d02e20d3d7aadf34c6f1b9082da89e_glamour_896x504.jpg
IP
93.93.51.190:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerSectigo Limited
Subject*.vcmdiawe.com
FingerprintCE:0E:FE:7C:F9:7E:6E:39:18:50:38:A4:A1:30:34:CA:86:47:16:2C
ValidityMon, 08 Apr 2024 00:00:00 GMT - Fri, 02 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3
Size
66 kB (66160 bytes)
Hash
8725e5161edd72ebc9c7c925cbe47acc
9f7d890c331a49e49d7b1e88a3764d4060b6a5c2
732b3185a78641d908d707f96da58d74570dc7bdeb3d8f0769a5203afea1db04

HTTP Headers

GET /ff268cab8d9fbae1ed7506f97496274f13/30d02e20d3d7aadf34c6f1b9082da89e_glamour_896x504.jpg HTTP/1.1
Host: galleryn1.vcmdiawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: image/jpeg
content-length: 66160
last-modified: Mon, 15 Apr 2024 23:22:01 GMT
x-rgw-object-type: Normal
etag: "8725e5161edd72ebc9c7c925cbe47acc"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static1.jsmsat.com/npe/_common/script/incognito/di.min-v764270.js

93.93.51.201

200 OK

3.2 kB

URL GET HTTP/2
pt-static1.jsmsat.com/npe/_common/script/incognito/di.min-v764270.js
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt.awempt.com
Fingerprint34:65:41:37:F8:CE:82:DC:CE:22:50:59:B8:3B:36:5E:E4:7A:A4:C6
ValidityMon, 29 Apr 2024 11:01:04 GMT - Sun, 28 Jul 2024 11:01:03 GMT

File type
gzip compressed data, max speed, from Unix
Size
3.2 kB (3174 bytes)
Hash
5eb32b94da5e6c5d94596f1f19b09b95
96ce11ea224f3054d4f6a507a7640b2cfe54515a
4fbde4023affedd948eb70df7788ffb388c24b959e6b1100f34ded13657c35a1

HTTP Headers

GET /npe/_common/script/incognito/di.min-v764270.js HTTP/1.1
Host: pt-static1.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 14:10:42 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66339ee2-d47"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2

pt-static5.jsmsat.com/npe/image/jsm/favicon-v764270.ico

93.93.51.201

200 OK

392 B

URL GET HTTP/2
pt-static5.jsmsat.com/npe/image/jsm/favicon-v764270.ico
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
392 B (392 bytes)
Hash
f56e924ea4f68fe44ee8838ac0b8e7c3
d7468113aa5fb5ba21e3aa3def804444f8a56e0e
7a50956463e19c120d3dc96067e46425223fee02d230233b14ed5dda3685f9ae

HTTP Headers

GET /npe/image/jsm/favicon-v764270.ico HTTP/1.1
Host: pt-static5.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: image/x-icon
content-length: 392
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-188"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

crpdt.livejasmin.com/nILMC/drU.gif?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed&mr=0&categoryName=girl&im=1

93.93.51.191

200 OK

43 B

URL GET HTTP/2
crpdt.livejasmin.com/nILMC/drU.gif?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed&mr=0&categoryName=girl&im=1
IP
93.93.51.191:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectcrpdt.livejasmin.com
FingerprintF3:55:B1:0F:67:DF:42:0D:1D:84:56:74:CE:4A:5C:7B:A6:6D:BF:D4
ValidityTue, 02 Apr 2024 15:01:06 GMT - Mon, 01 Jul 2024 15:01:05 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /nILMC/drU.gif?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed&mr=0&categoryName=girl&im=1 HTTP/1.1
Host: crpdt.livejasmin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 03-Jun-24 00:32:17 GMT; SameSite=None; Secure
expires: Sat, 04 May 2024 00:32:16 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

ccs.livejasmin.com/ccs.php?ccs=1&psid=ed_dbpmp0ww&subAffId=5580&psref=TwinRed&pstool=300_310

93.93.51.225

200 OK

69 B

URL GET HTTP/2
ccs.livejasmin.com/ccs.php?ccs=1&psid=ed_dbpmp0ww&subAffId=5580&psref=TwinRed&pstool=300_310
IP
93.93.51.225:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectccs.livejasmin.com
FingerprintA3:1A:F0:92:C1:0E:A2:D7:8F:57:87:9D:7F:33:77:E5:AA:B6:B0:CB
ValidityThu, 02 May 2024 13:01:05 GMT - Wed, 31 Jul 2024 13:01:04 GMT

File type
PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced
Size
69 B (69 bytes)
Hash
df15c61986fc44f0000081374bdcd6fb
da69991e3d456f15f1b9ac2f11d6c79a5240541d
126a629b1a5b11de957e290957f73e9bf7abf7cf63eb0ddb7eb5db95edfdff2a

HTTP Headers

GET /ccs.php?ccs=1&psid=ed_dbpmp0ww&subAffId=5580&psref=TwinRed&pstool=300_310 HTTP/1.1
Host: ccs.livejasmin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:22 GMT
content-type: image/png
content-length: 69
set-cookie: macctid=ed_dbpmp0ww; expires=Sat, 18-May-2024 00:32:22 GMT; Max-Age=1209600; path=/; domain=.livejasmin.com; secure; SameSite=None
ccs=YToxMDp7czo0OiJwc2lkIjtzOjExOiJlZF9kYnBtcDB3dyI7czo1OiJwc3JlZiI7czo3OiJUd2luUmVkIjtzOjY6InBzdG91ciI7czoyOiJ0MSI7czo5OiJwc3Byb2dyYW0iO3M6NDoiUkVWUyI7czo2OiJwc3Rvb2wiO3M6NzoiMzAwXzMxMCI7czoxMToiY2FtcGFpZ25faWQiO2k6MDtzOjEzOiJwc3BlcmZvcm1lcmlkIjtzOjA6IiI7czo5OiJwc2h0dHByZWYiO3M6Mzc6Imh0dHBzJTNBJTJGJTJGY3JwZHQubGl2ZWphc21pbi5jb20lMkYiO3M6MTA6ImNyZWF0ZWRfYXQiO2k6MTcxNDc4Mjc0MjtzOjk6ImFmZnBhcmFtcyI7czoyODoiZXlKemRXSkJabVpKWkNJNklqVTFPREFpZlE9PSI7fQ%3D%3D; expires=Sat, 18-May-2024 00:32:22 GMT; Max-Age=1209600; path=/; domain=.livejasmin.com; secure; SameSite=None
server: unknown
X-Firefox-Spdy: h2

twinfill.com/Redirect.eng?MediaSegmentId=23107&dcid=3_ctx_9595e033-3fa8-4d36-88db-feb23308b992&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=180&dst=False&v=pPgfHNGoGgkfACYWuK2TGK8lhf1TzrhgcChtV69mVpL2J-7EfWn8bwuJ3m4RUU3w2wFysKbnllXqzcdtKRO6iABzxKNLW4gyQs7PYJPeFyKdTdra64ehWOIWIbPVUCfyUtMgu8ogIrEwHuXdm5UVtl6ylemVo9LHOelVsP3dImxTJek7FnPFtU6FbKPO_XaN2kfEJMFnAwgQHpqSKXHT9zZZ4XQj8_KN5t_IT69HkvOaJJZQ2y1tjhvtoCt0juxBZSB9G50rBaDXfQ0N2aZEauJyZuW0sTOm3ZAOr-Ps7d6G-CkeLRXNOv1o3_dPc42PuDkAoIp3Vpy9LBf-yO8kQnXmRSMF3CYVZyQLLjbUNSm5Gsg-wFouTyqclqsO8ZstzRRI_ms87yereG42YRigNnx2XsbaE48d63QjHmCLfz_QVvpas4rXn4HWIPzRF_x238zwDzbEsRFsMUN3qEaq9FxaQEQMgLobEOEER12nPfDtfzYu5NW3QoHqyBO95Gf8jETdiB4je1l5ObRF8ah3TUWCqfii8UNooYkeR5SOa4xfX06e9Ll4C7jT9B8i0pfiSR9HeY_7uhs6-utl2xtQ00d3ffYVa-RAHAb3smfgZ75CP6c_v07u21fBvy9KnPjz9U79-mB-CJS3Qt73UsU40TSX5eGqtCcgQZ5vOjSrUuNQr2w3uXsA-XgtVVpuAo_5GzKIlz21JHefqN_Z9bH06n9gD3vy0fZFPO82Z5lV2zX8WvYHF2SKr4AHzdw2ukY063HkkrypaWG-YmfadheB12mX8A3WG_iwFUpFFIrrG_xMxx40CDZZTh8zZrIgoIPYk5eWOfeIbwM1ZIFnFQGcDHmc1esvNuwjpDf9fzH4-O1e7cTQ5murzTU50hzepU_kLdA_UdUzTWQD1dz1QU8X6_OiHEDsINOcYGZzrQ8VijOh-cpyPyqJu7JcP4Ya3usof4R-5u6SSSMP4jF6ph0JQA2&kw=&mw=1024&mh=768&ortb=1&at=

104.18.39.86

31 kB

URL
twinfill.com/Redirect.eng?MediaSegmentId=23107&dcid=3_ctx_9595e033-3fa8-4d36-88db-feb23308b992&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=180&dst=False&v=pPgfHNGoGgkfACYWuK2TGK8lhf1TzrhgcChtV69mVpL2J-7EfWn8bwuJ3m4RUU3w2wFysKbnllXqzcdtKRO6iABzxKNLW4gyQs7PYJPeFyKdTdra64ehWOIWIbPVUCfyUtMgu8ogIrEwHuXdm5UVtl6ylemVo9LHOelVsP3dImxTJek7FnPFtU6FbKPO_XaN2kfEJMFnAwgQHpqSKXHT9zZZ4XQj8_KN5t_IT69HkvOaJJZQ2y1tjhvtoCt0juxBZSB9G50rBaDXfQ0N2aZEauJyZuW0sTOm3ZAOr-Ps7d6G-CkeLRXNOv1o3_dPc42PuDkAoIp3Vpy9LBf-yO8kQnXmRSMF3CYVZyQLLjbUNSm5Gsg-wFouTyqclqsO8ZstzRRI_ms87yereG42YRigNnx2XsbaE48d63QjHmCLfz_QVvpas4rXn4HWIPzRF_x238zwDzbEsRFsMUN3qEaq9FxaQEQMgLobEOEER12nPfDtfzYu5NW3QoHqyBO95Gf8jETdiB4je1l5ObRF8ah3TUWCqfii8UNooYkeR5SOa4xfX06e9Ll4C7jT9B8i0pfiSR9HeY_7uhs6-utl2xtQ00d3ffYVa-RAHAb3smfgZ75CP6c_v07u21fBvy9KnPjz9U79-mB-CJS3Qt73UsU40TSX5eGqtCcgQZ5vOjSrUuNQr2w3uXsA-XgtVVpuAo_5GzKIlz21JHefqN_Z9bH06n9gD3vy0fZFPO82Z5lV2zX8WvYHF2SKr4AHzdw2ukY063HkkrypaWG-YmfadheB12mX8A3WG_iwFUpFFIrrG_xMxx40CDZZTh8zZrIgoIPYk5eWOfeIbwM1ZIFnFQGcDHmc1esvNuwjpDf9fzH4-O1e7cTQ5murzTU50hzepU_kLdA_UdUzTWQD1dz1QU8X6_OiHEDsINOcYGZzrQ8VijOh-cpyPyqJu7JcP4Ya3usof4R-5u6SSSMP4jF6ph0JQA2&kw=&mw=1024&mh=768&ortb=1&at=
IP
104.18.39.86:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
31 kB (30804 bytes)
Hash
5eaf03b318c353338e6494a8b5b1a2c9
68184cd5fd97dec2d55cfb02c61358725d9006c0
3b2317151cb5ec8aba5259e4f60e9413a2107412bf0b28c7dd5397a1fe9cd192

HTTP Headers

GET /Redirect.eng?MediaSegmentId=23107&dcid=3_ctx_9595e033-3fa8-4d36-88db-feb23308b992&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=180&dst=False&v=pPgfHNGoGgkfACYWuK2TGK8lhf1TzrhgcChtV69mVpL2J-7EfWn8bwuJ3m4RUU3w2wFysKbnllXqzcdtKRO6iABzxKNLW4gyQs7PYJPeFyKdTdra64ehWOIWIbPVUCfyUtMgu8ogIrEwHuXdm5UVtl6ylemVo9LHOelVsP3dImxTJek7FnPFtU6FbKPO_XaN2kfEJMFnAwgQHpqSKXHT9zZZ4XQj8_KN5t_IT69HkvOaJJZQ2y1tjhvtoCt0juxBZSB9G50rBaDXfQ0N2aZEauJyZuW0sTOm3ZAOr-Ps7d6G-CkeLRXNOv1o3_dPc42PuDkAoIp3Vpy9LBf-yO8kQnXmRSMF3CYVZyQLLjbUNSm5Gsg-wFouTyqclqsO8ZstzRRI_ms87yereG42YRigNnx2XsbaE48d63QjHmCLfz_QVvpas4rXn4HWIPzRF_x238zwDzbEsRFsMUN3qEaq9FxaQEQMgLobEOEER12nPfDtfzYu5NW3QoHqyBO95Gf8jETdiB4je1l5ObRF8ah3TUWCqfii8UNooYkeR5SOa4xfX06e9Ll4C7jT9B8i0pfiSR9HeY_7uhs6-utl2xtQ00d3ffYVa-RAHAb3smfgZ75CP6c_v07u21fBvy9KnPjz9U79-mB-CJS3Qt73UsU40TSX5eGqtCcgQZ5vOjSrUuNQr2w3uXsA-XgtVVpuAo_5GzKIlz21JHefqN_Z9bH06n9gD3vy0fZFPO82Z5lV2zX8WvYHF2SKr4AHzdw2ukY063HkkrypaWG-YmfadheB12mX8A3WG_iwFUpFFIrrG_xMxx40CDZZTh8zZrIgoIPYk5eWOfeIbwM1ZIFnFQGcDHmc1esvNuwjpDf9fzH4-O1e7cTQ5murzTU50hzepU_kLdA_UdUzTWQD1dz1QU8X6_OiHEDsINOcYGZzrQ8VijOh-cpyPyqJu7JcP4Ya3usof4R-5u6SSSMP4jF6ph0JQA2&kw=&mw=1024&mh=768&ortb=1&at= HTTP/1.1
Host: twinfill.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wingstoesassemble.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:16 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=cd8ae545-9324-4c64-8ab5-0a2b2a4b4335; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure
ISSH=73109C; path=/; SameSite=None; secure
VMI=d673803a-c04b-4aac-a532-8a1629a40029; path=/; SameSite=None; secure
IPLH=#{"28253":[{"SId":"73109C","D":"24/5/3T17:32:16"}]}; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[28253]; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#~1~F~6~71714780800000)%5c%2f%22~911185~c5580~a%22Norway%22~b0~d0~e0~f14588~g80~h6~i16108~j19996~k23982~l28253~m38646~n1~q~r~u~v~x~z~C~P~L~N_DT-1_OS-100_Br-2_PlM-0_OSV-100_ABR-false~R~T_isPr-false_IA-false_N-2~U0_POR-false_DD-%22a649de6d-2b93-4301-9b82-e05c3227a163%22_Tz-180_TzD-false_BrV-96_F-0_A2-9902_Ca2-36016_Pl2-64257_Do-196706_UPCO-false_Wi-1024_He-768~G0~H"2024-06-02T17:32:16.2060273-07:00~2; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Sat, 04-May-2024 04:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#1/1/0001 12:00:00 AM; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure
IOPT=#[]; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{"14588":[{"SId":"73109C","D":"24/5/3T17:32:16"}]}; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[14588]; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{"38646":[{"SId":"73109C","D":"24/5/3T17:32:16"}]}; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[38646]; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{"5580":[{"SId":"73109C","D":"24/5/3T17:32:16"}]}; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[5580]; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{"16108":[{"SId":"73109C","D":"24/5/3T17:32:16"}]}; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[16108]; expires=Thu, 04-May-2034 00:32:16 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87e46484bf34b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/_common/fonts/oswald-bold-webfont-v764270.woff

93.93.51.201

200 OK

60 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/_common/fonts/oswald-bold-webfont-v764270.woff
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
Web Open Font Format, TrueType, length 60252, version 1.0
Size
60 kB (60252 bytes)
Hash
32e83b35ba2644f4307eff171d132a59
33c926293da5233bf23b983adddee7c60d123029
47f5891f562e379f8824e0dfabfb3502336ae3d158e29268725c9d04ac1bfa5f

HTTP Headers

GET /npe/_common/fonts/oswald-bold-webfont-v764270.woff HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crpdt.livejasmin.com
DNT: 1
Connection: keep-alive
Referer: https://pt-static4.jsmsat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: application/font-woff
content-length: 60252
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-eb5c"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f15/5d3b271e610e68061afa22e76e0a53d4_glamour_215x121.jpg?cno=96ac

93.93.51.190

200 OK

5.0 kB

URL GET HTTP/2
galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f15/5d3b271e610e68061afa22e76e0a53d4_glamour_215x121.jpg?cno=96ac
IP
93.93.51.190:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerSectigo Limited
Subject*.vcmdiawe.com
FingerprintCE:0E:FE:7C:F9:7E:6E:39:18:50:38:A4:A1:30:34:CA:86:47:16:2C
ValidityMon, 08 Apr 2024 00:00:00 GMT - Fri, 02 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 215x121, components 3
Size
5.0 kB (4966 bytes)
Hash
3e46f378b51ecab4011b94a957c4ff12
1e1e9bed2b2833d6a97f66ec767138ba2b83416f
40007418db76fc940cc315bbf66deb98b4a47d310bd776e74ec1acbb0824e623

HTTP Headers

GET /ff268cab8d9fbae1ed7506f97496274f15/5d3b271e610e68061afa22e76e0a53d4_glamour_215x121.jpg?cno=96ac HTTP/1.1
Host: galleryn2.vcmdiawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: image/jpeg
content-length: 4966
last-modified: Thu, 25 Apr 2024 20:09:21 GMT
x-rgw-object-type: Normal
etag: "3e46f378b51ecab4011b94a957c4ff12"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/image/more_models_jsm-v764270.png

93.93.51.201

200 OK

31 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/image/more_models_jsm-v764270.png
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
PNG image data, 180 x 101, 8-bit/color RGBA, non-interlaced
Size
31 kB (30562 bytes)
Hash
4eaea38e52a7403de85f0b183fb2b972
712a0f0d0009ab7bbe36110c15ec30a7f2df1711
551007f217235bc96a341ca01ce1eecb98dc509ae5fbc47e5013c7ac6ac8a9d2

HTTP Headers

GET /npe/image/more_models_jsm-v764270.png HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pt-static4.jsmsat.com/npe/pu/play/css/play-v764270.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: image/png
content-length: 30562
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-7762"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static3.jsmsat.com/npe/image/jsm/apple-touch-icon-v764270.png

93.93.51.201

200 OK

1.8 kB

URL GET HTTP/2
pt-static3.jsmsat.com/npe/image/jsm/apple-touch-icon-v764270.png
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1816 bytes)
Hash
a027cfe96f15d9209260f3db74b8d89f
1468c1ff6998f83e5b4cbd3f6cea2a93ee8910fa
ac1f03bb6732b2b6252172c350ca2e2b666f5752c2acda4200cd4a464401869b

HTTP Headers

GET /npe/image/jsm/apple-touch-icon-v764270.png HTTP/1.1
Host: pt-static3.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: image/png
content-length: 1816
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-718"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/bonuscredit/bonuscredit-v764270.js

93.93.51.201

200 OK

26 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/bonuscredit/bonuscredit-v764270.js
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
JavaScript source, ASCII text, with very long lines (25465), with no line terminators
Size
26 kB (25465 bytes)
Hash
cbf93127bf90c2c944c8c37704600e75
415d61f34ae782eb5b3da3e65b5db89d1af196b9
01f0b732146cc86c05d9c3622a9f45dbbb4b9ce09fe21a620c6ca73801bf1e73

HTTP Headers

GET /npe/bonuscredit/bonuscredit-v764270.js HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:17 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 14:10:42 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66339ee2-6379"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Sat, 18 May 2024 00:32:17 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2

crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0

93.93.51.191

200 OK

43 kB

URL User Request GET HTTP/2
crpdt.livejasmin.com/pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
IP
93.93.51.191:443
ASN
#34655 JWE S.a r.l.

Certificate
IssuerLet's Encrypt
Subjectcrpdt.livejasmin.com
FingerprintF3:55:B1:0F:67:DF:42:0D:1D:84:56:74:CE:4A:5C:7B:A6:6D:BF:D4
ValidityTue, 02 Apr 2024 15:01:06 GMT - Mon, 01 Jul 2024 15:01:05 GMT

File type
JavaScript source, ASCII text, with very long lines (2543)
Size
43 kB (42742 bytes)
Hash
fdfd87056853211082a129db200df192
b0af4aa3d7901aaaee91ed1433d738e32253a8f1
0fc18209ab7c55ef24723a316f5c4e653d9f9fbab3225f1feb7dfa340e23c8d1

HTTP Headers

GET /pu/play/st?ms_rnd=1714782736.65701&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 HTTP/1.1
Host: crpdt.livejasmin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://edttmar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-ud-id: nILMC/drU
cache-control: no-cache
date: Sat, 04 May 2024 00:32:17 GMT
server: unknown
x-cache-status: R-MISS
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 03-Jun-24 00:32:17 GMT; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2

edttmar.com/pu/?psid=ed_dbpmp0ww&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=5580&sub_source=TwinRed%20Exchange%20Partner_ID%205580

93.93.51.223

200 OK

1.7 kB

URL User Request GET HTTP/2
edttmar.com/pu/?psid=ed_dbpmp0ww&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=5580&sub_source=TwinRed%20Exchange%20Partner_ID%205580
IP
93.93.51.223:443
ASN
#34655 JWE S.a r.l.

Certificate
IssuerLet's Encrypt
Subjectctjdmar.com
Fingerprint98:31:BD:CD:1F:97:85:B5:BF:0F:A6:DB:82:95:33:1D:A7:B5:8F:13
ValidityThu, 14 Mar 2024 14:01:05 GMT - Wed, 12 Jun 2024 14:01:04 GMT

File type
HTML document, ASCII text, with very long lines (1877), with no line terminators
Size
1.7 kB (1734 bytes)
Hash
c0514f64e3352c58a1630a65d51fa6a4
91c3c239914ee0c1d703a0865d68f8f1569fe8f2
01033fd2dc954107d866621f0a8ee2b0d78e7c270da39d71021c1e7001d935a1

HTTP Headers

GET /pu/?psid=ed_dbpmp0ww&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=5580&sub_source=TwinRed%20Exchange%20Partner_ID%205580 HTTP/1.1
Host: edttmar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://twinfill.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 00:32:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-target-pstool: 300_310
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Mon, 03-Jun-24 00:32:16 GMT; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML