Report - compositeclauseviscount.com/cavtpcge95?adb=n&adb=n&dev=e&key=8eed0af3ba88434b397fe82f5912d434&kw=["livecamrips","com","helgahot002","live","show","recorded","on","2024-02-05","23","16","13"]&psid=livecamrips.com,livecamrips.com&refer=https://livecamrips.com/video/2372930&res=14.1055&scrHeight=864&scrWidth=1536&ship=&sjjr=56&sub3=invoke_layer&tz=2&uuid=61839d45-39a9-421a-b781-4ee805969747:2:1&v=24.5.6485

Report Overview

Submitted URL
compositeclauseviscount.com/cavtpcge95?adb=n&adb=n&dev=e&key=8eed0af3ba88434b397fe82f5912d434&kw=["livecamrips","com","helgahot002","live","show","recorded","on","2024-02-05","23","16","13"]&psid=livecamrips.com,livecamrips.com&refer=https://livecamrips.com/video/2372930&res=14.1055&scrHeight=864&scrWidth=1536&ship=&sjjr=56&sub3=invoke_layer&tz=2&uuid=61839d45-39a9-421a-b781-4ee805969747:2:1&v=24.5.6485
IP
192.243.61.225
ASN
#39572 DataWeb Global Group B.V.
Submitted
2024-05-03 23:41:42
Access
public
Website Title
LiveJasmin.com - Hot Live Sex Shows!
Final URL
crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
galleryn0.vcmdiawe.com	unknown	2023-05-02	2023-05-04	2024-04-30	1.0 kB	15 kB	93.93.51.190
twinfill.com	unknown	2023-08-08	2023-08-09	2024-04-21	1.7 kB	26 kB	104.18.39.86
pt-static3.jsmsat.com	50153	2020-07-16	2020-07-24	2024-05-01	478 B	2.2 kB	93.93.51.201
pt-static4.jsmsat.com	49485	2020-07-16	2020-07-24	2024-04-28	4.0 kB	342 kB	93.93.51.201
edttmar.com	unknown	2023-11-14	2024-01-14	2024-05-02	1.9 kB	94 kB	93.93.51.223
pt-static1.jsmsat.com	52894	2020-07-16	2020-07-17	2024-05-02	1.4 kB	20 kB	93.93.51.201
galleryn3.vcmdiawe.com	unknown	2023-05-02	2023-05-04	2024-05-02	519 B	8.5 kB	93.93.51.190
galleryn2.vcmdiawe.com	unknown	2023-05-02	2023-05-04	2024-04-30	1.0 kB	76 kB	93.93.51.190
pt-static5.jsmsat.com	56136	2020-07-16	2020-07-24	2024-04-21	469 B	766 B	93.93.51.201
crpdt.livejasmin.com	unknown	2001-11-12	2023-12-04	2024-05-02	1.7 kB	44 kB	93.93.51.191
ccs.livejasmin.com	84146	2001-11-12	2019-09-26	2024-04-19	491 B	915 B	93.93.51.225
compositeclauseviscount.com	unknown	unknown	No data	No data	5.2 kB	6.1 kB	172.240.127.234
pt-static2.jsmsat.com	60021	2020-07-16	2020-07-17	2024-03-30	440 B	237 kB	93.93.51.201
galleryn1.vcmdiawe.com	unknown	2023-05-02	2023-05-04	2024-05-02	521 B	7.0 kB	93.93.51.190

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-03	medium	compositeclauseviscount.com	Sinkholed
2024-05-03	medium	compositeclauseviscount.com	Sinkholed
2024-05-03	medium	compositeclauseviscount.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	38 B	2023-03-07	2024-05-17
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:21 Last Seen2024-05-17 23:49:19 Times Seen1252 Hash 9a68d1de621cc55ec20c5baf4c3067ec 47c0540512403f26b3ead431eb04f651b33e0f2f ef3cf320924ae152bb5c997bd2e694ae638c18ca6b07f3461e1e4edfdc89640d Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	253 B	2023-03-07	2024-05-17
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:24 Last Seen2024-05-17 23:49:19 Times Seen1242 Hash 72ab34dd8b5a983259e40247f9090692 f6f5d277c22bcfa75537f12f11c74c930dcc88b8 9f4feff2d925ea3f1defa607391b4a3cd992820fd8c04d8874588f2779246155 Loading...

	pt-static2.jsmsat.com/npe/pu/play/script/pu.play-v764270.js	237 kB	2024-04-28	2024-05-05
Pretty URL pt-static2.jsmsat.com/npe/pu/play/script/pu.play-v764270.js IP 93.93.51.201 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-28 04:11:38 Last Seen2024-05-05 15:02:13 Times Seen18 Hash 370b3b3a937dcb49cd5a3127339a93f1 9afd3a07a4297227cd1ba2def55ee76328106488 65fcb140fc58dc5f13889f2f50318f1821e361c980dfab11e96dc07000277618 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	6.0 kB	2024-04-28	2024-05-17
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 04:11:37 Last Seen2024-05-17 23:49:19 Times Seen37 Hash cd04a5238b7d5efb645071906bcecef6 f1615b0e26219b6f49467e4aca31bc0ba71986af 95762d9f80dd183598b0d077ef3ed0948d04cc88e1fa8b3872ad49b98c400930 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	218 B	2024-04-18	2024-05-17
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 10:15:34 Last Seen2024-05-17 23:49:19 Times Seen37 Hash 602508a4e476f049380fe6c191a1eac3 5105d7e6964f50b0ed4be7adfee58f4fc83efa84 9a2000a63f94ceb1c6e1637396b6cf43fbd811ab3408b14e50dfa5afee72e3de Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	109 B	2023-03-07	2024-05-17
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:22 Last Seen2024-05-17 23:49:19 Times Seen1191 Hash 6c9b74157e4685c28af76039da9d83a3 0dce6b9242a8b9a51f0dc61e9a5fa3a3a763185a 41c4ce87e0d4fb5838464ed399c37c9f7b4b8747fa486949b83e52fe69d6c423 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	1.1 kB	2024-05-04	2024-05-04
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 01:41:49 Last Seen2024-05-04 01:41:49 Times Seen1 Hash 8e75872e2d31a742a00f90181c750032 393df38b4f6085c958fdf596cf35adf682167982 b3870eee2114860b4d655faeb15e1076075022462e7bbb34fff77782970c8c21 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	9.5 kB	2024-05-04	2024-05-04
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 01:41:49 Last Seen2024-05-04 01:41:49 Times Seen1 Hash b2133326045ca96a4db298f883a0d69c 58d8e24cebfcefddca9837f3c873d4e136b87729 c8758ed2a6a8d2438c88f0da88ef9f0677954c811f6e28d8597d959d5dff4003 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	422 B	2024-05-04	2024-05-04
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 01:41:49 Last Seen2024-05-04 02:32:49 Times Seen2 Hash d249de3483d401c001a4289954cb11f6 d84888fcaa9f70bf51e295848fc4992cb2708b2a 5db47c735540639fc380c9f7f05bc40b288cb7544297783bc7d0a17f0e7f8f01 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	708 B	2024-05-04	2024-05-04
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 01:41:49 Last Seen2024-05-04 01:41:49 Times Seen1 Hash 47dc2d720d603cbc09edead1d62d2dd4 9b6efe1fa59de2e0a458703ed8c3d3ac6a7669d1 2309ebda3e84c7eed322d14b99d753d451bde1041f60f58c865adc56681b7df5 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	4.1 kB	2024-05-04	2024-05-04
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 01:41:49 Last Seen2024-05-04 01:41:49 Times Seen1 Hash 2e5827c45dc1dd989f3780432f3dba0f d36f3551d29cbcffed4d15132625ebc55da52596 8d83b4a77667007baad88882ca24d73555b13864794977597c02de8ed8e6fcd6 Loading...

	pt-static1.jsmsat.com/npe/_common/script/adblock/ad_left_-v764270.js	21 B	2023-03-07	2024-05-17
Pretty URL pt-static1.jsmsat.com/npe/_common/script/adblock/ad_left_-v764270.js IP 93.93.51.201 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-05-17 23:49:20 Times Seen2788 Hash 01c6e7ecb819ef28b0c9b962513a1596 1a49f493db7b91ed34a7040d36732352b9a5dc39 e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5 Loading...

	pt-static1.jsmsat.com/npe/_common/script/incognito/di.min-v764270.js	3.4 kB	2023-03-13	2024-05-17
Pretty URL pt-static1.jsmsat.com/npe/_common/script/incognito/di.min-v764270.js IP 93.93.51.201 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:24:56 Last Seen2024-05-17 23:49:20 Times Seen1254 Hash 12cc9fb78b56fb696198830bc9055d69 fc873e0ed9543c0a9f2cb9b9446f621625a4b588 7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb Loading...

	pt-static4.jsmsat.com/npe/bonuscredit/bonuscredit-v764270.js	26 kB	2024-04-28	2024-05-05
Pretty URL pt-static4.jsmsat.com/npe/bonuscredit/bonuscredit-v764270.js IP 93.93.51.201 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-28 04:11:38 Last Seen2024-05-05 15:02:13 Times Seen17 Hash cbf93127bf90c2c944c8c37704600e75 415d61f34ae782eb5b3da3e65b5db89d1af196b9 01f0b732146cc86c05d9c3622a9f45dbbb4b9ce09fe21a620c6ca73801bf1e73 Loading...

	crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0	973 B	2023-03-07	2024-05-10
Pretty URL crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 IP 93.93.51.191 ASN #34655 JWE S.a r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:19:05 Last Seen2024-05-10 01:42:32 Times Seen15 Hash 89f683f53271d3325eb2d88fb77d5a6d 81798cd25509880ac948480671ab57eb301b383c 5caf797d0fe823d068f7cffe6b846c88902336145e45824ff9f8a1b2056a6374 Loading...

HTTP Transactions (30)

URL IP Response Size

compositeclauseviscount.com/cavtpcge95?adb=n&adb=n&dev=e&key=8eed0af3ba88434b397fe82f5912d434&kw=[%22livecamrips%22,%22com%22,%22helgahot002%22,%22live%22,%22show%22,%22recorded%22,%22on%22,%222024-02-05%22,%2223%22,%2216%22,%2213%22]&psid=livecamrips.com,livecamrips.com&refer=https://livecamrips.com/video/2372930&res=14.1055&scrHeight=864&scrWidth=1536&ship=&sjjr=56&sub3=invoke_layer&tz=2&uuid=61839d45-39a9-421a-b781-4ee805969747:2:1&v=24.5.6485

172.240.127.234

1.7 kB

URL
compositeclauseviscount.com/cavtpcge95?adb=n&adb=n&dev=e&key=8eed0af3ba88434b397fe82f5912d434&kw=[%22livecamrips%22,%22com%22,%22helgahot002%22,%22live%22,%22show%22,%22recorded%22,%22on%22,%222024-02-05%22,%2223%22,%2216%22,%2213%22]&psid=livecamrips.com,livecamrips.com&refer=https://livecamrips.com/video/2372930&res=14.1055&scrHeight=864&scrWidth=1536&ship=&sjjr=56&sub3=invoke_layer&tz=2&uuid=61839d45-39a9-421a-b781-4ee805969747:2:1&v=24.5.6485
IP
172.240.127.234:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (960)
Size
1.7 kB (1714 bytes)
Hash
203cb08421da6f1ae586de524ee870b2
e39dfa8b989ccb73e4f06b59a2716e3c31cb7b13
904aec3db04708b8092f3e9ea74de0315c9f268f4ea29ca0184e099c560c290d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cavtpcge95?adb=n&adb=n&dev=e&key=8eed0af3ba88434b397fe82f5912d434&kw=[%22livecamrips%22,%22com%22,%22helgahot002%22,%22live%22,%22show%22,%22recorded%22,%22on%22,%222024-02-05%22,%2223%22,%2216%22,%2213%22]&psid=livecamrips.com,livecamrips.com&refer=https://livecamrips.com/video/2372930&res=14.1055&scrHeight=864&scrWidth=1536&ship=&sjjr=56&sub3=invoke_layer&tz=2&uuid=61839d45-39a9-421a-b781-4ee805969747:2:1&v=24.5.6485 HTTP/1.1
Host: compositeclauseviscount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 23:41:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=22400125; expires=Sat, 04 May 2024 23:41:15 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjQwMDEyNSwiayI6IjhlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0Iiwic2lkIjoibGl2ZWNhbXJpcHMuY29tLGxpdmVjYW1yaXBzLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MjQxODc0OSwicGlkIjo4MTQ2NDAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTYsImFpZCI6MjgsInB0Ijo0LCJwayI6ImNhdnRwY2dlOTUiLCJjcGtzIjp7IjI5IjoiNWM0MTA2NzBlNjkwY2U5ZGYwZDlkYzk3NDM1MDM1ODgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbGl2ZWNhbXJpcHMuY29tL3ZpZGVvLzIzNzI5MzAiLCJhciI6W119fQ.FUmtBcb8LsZJnwqZUmGeIGpGQDzhwwVuDa3xOwaHxzg; expires=Fri, 03 May 2024 23:42:15 GMT
uid_id2=61839d45-39a9-421a-b781-4ee805969747:2:1; expires=Fri, 10 May 2024 23:41:15 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 926fac5035111c7bc1fdae366f831b0c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

compositeclauseviscount.com/api/users?token=L2NhdnRwY2dlOTU_YWRiPW4mZGV2PWUma2V5PThlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0Jmt3PSU1QiUyMmxpdmVjYW1yaXBzJTIyJTJDJTIyY29tJTIyJTJDJTIyaGVsZ2Fob3QwMDIlMjIlMkMlMjJsaXZlJTIyJTJDJTIyc2hvdyUyMiUyQyUyMnJlY29yZGVkJTIyJTJDJTIyb24lMjIlMkMlMjIyMDI0LTAyLTA1JTIyJTJDJTIyMjMlMjIlMkMlMjIxNiUyMiUyQyUyMjEzJTIyJTVEJnBzaWQ9bGl2ZWNhbXJpcHMuY29tJTJDbGl2ZWNhbXJpcHMuY29tJnBzdD0xNzE0Nzc5NzM1JnJlZmVyPWh0dHBzJTNBJTJGJTJGbGl2ZWNhbXJpcHMuY29tJTJGdmlkZW8lMkYyMzcyOTMwJnJlcz0xNC4xMDU1JnJtdGM9dCZzY3JIZWlnaHQ9ODY0JnNjcldpZHRoPTE1MzYmc2hpcD0mc2h1PTU4NmZkMzk0MzI4MmNhM2FmZGZmNmVhZjMyZjJjNTU5OGY3OTRhNmYyNzljY2YxNTc0OGJkODZhNGJkNzllMjA1ODk2NDI2NGYzZDlmNTYzYTZkMDc1YzAyMmFlY2U1MjAxMTJmZjA2ZmQ0ZGI1YzNlMGRjYzJjM2I3YTk2ZWM3OWZlNmI5MmRiNzhhMmI4MDZiMWRkMGI0Y2ZkZGMxYTMwYmExYWNiNTc4Y2NlOTcwYzBhYmEzZDI5NzE3NGEwMTQ5JnNqanI9NTYmc3ViMz1pbnZva2VfbGF5ZXImdHo9MiZ1dWlkPTYxODM5ZDQ1LTM5YTktNDIxYS1iNzgxLTRlZTgwNTk2OTc0NyUzQTIlM0ExJnY9MjQuNS42NDg1&uuid=61839d45-39a9-421a-b781-4ee805969747%3A2%3A1&pii=&in=false

172.240.127.234

0 B

URL
compositeclauseviscount.com/api/users?token=L2NhdnRwY2dlOTU_YWRiPW4mZGV2PWUma2V5PThlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0Jmt3PSU1QiUyMmxpdmVjYW1yaXBzJTIyJTJDJTIyY29tJTIyJTJDJTIyaGVsZ2Fob3QwMDIlMjIlMkMlMjJsaXZlJTIyJTJDJTIyc2hvdyUyMiUyQyUyMnJlY29yZGVkJTIyJTJDJTIyb24lMjIlMkMlMjIyMDI0LTAyLTA1JTIyJTJDJTIyMjMlMjIlMkMlMjIxNiUyMiUyQyUyMjEzJTIyJTVEJnBzaWQ9bGl2ZWNhbXJpcHMuY29tJTJDbGl2ZWNhbXJpcHMuY29tJnBzdD0xNzE0Nzc5NzM1JnJlZmVyPWh0dHBzJTNBJTJGJTJGbGl2ZWNhbXJpcHMuY29tJTJGdmlkZW8lMkYyMzcyOTMwJnJlcz0xNC4xMDU1JnJtdGM9dCZzY3JIZWlnaHQ9ODY0JnNjcldpZHRoPTE1MzYmc2hpcD0mc2h1PTU4NmZkMzk0MzI4MmNhM2FmZGZmNmVhZjMyZjJjNTU5OGY3OTRhNmYyNzljY2YxNTc0OGJkODZhNGJkNzllMjA1ODk2NDI2NGYzZDlmNTYzYTZkMDc1YzAyMmFlY2U1MjAxMTJmZjA2ZmQ0ZGI1YzNlMGRjYzJjM2I3YTk2ZWM3OWZlNmI5MmRiNzhhMmI4MDZiMWRkMGI0Y2ZkZGMxYTMwYmExYWNiNTc4Y2NlOTcwYzBhYmEzZDI5NzE3NGEwMTQ5JnNqanI9NTYmc3ViMz1pbnZva2VfbGF5ZXImdHo9MiZ1dWlkPTYxODM5ZDQ1LTM5YTktNDIxYS1iNzgxLTRlZTgwNTk2OTc0NyUzQTIlM0ExJnY9MjQuNS42NDg1&uuid=61839d45-39a9-421a-b781-4ee805969747%3A2%3A1&pii=&in=false
IP
172.240.127.234:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L2NhdnRwY2dlOTU_YWRiPW4mZGV2PWUma2V5PThlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0Jmt3PSU1QiUyMmxpdmVjYW1yaXBzJTIyJTJDJTIyY29tJTIyJTJDJTIyaGVsZ2Fob3QwMDIlMjIlMkMlMjJsaXZlJTIyJTJDJTIyc2hvdyUyMiUyQyUyMnJlY29yZGVkJTIyJTJDJTIyb24lMjIlMkMlMjIyMDI0LTAyLTA1JTIyJTJDJTIyMjMlMjIlMkMlMjIxNiUyMiUyQyUyMjEzJTIyJTVEJnBzaWQ9bGl2ZWNhbXJpcHMuY29tJTJDbGl2ZWNhbXJpcHMuY29tJnBzdD0xNzE0Nzc5NzM1JnJlZmVyPWh0dHBzJTNBJTJGJTJGbGl2ZWNhbXJpcHMuY29tJTJGdmlkZW8lMkYyMzcyOTMwJnJlcz0xNC4xMDU1JnJtdGM9dCZzY3JIZWlnaHQ9ODY0JnNjcldpZHRoPTE1MzYmc2hpcD0mc2h1PTU4NmZkMzk0MzI4MmNhM2FmZGZmNmVhZjMyZjJjNTU5OGY3OTRhNmYyNzljY2YxNTc0OGJkODZhNGJkNzllMjA1ODk2NDI2NGYzZDlmNTYzYTZkMDc1YzAyMmFlY2U1MjAxMTJmZjA2ZmQ0ZGI1YzNlMGRjYzJjM2I3YTk2ZWM3OWZlNmI5MmRiNzhhMmI4MDZiMWRkMGI0Y2ZkZGMxYTMwYmExYWNiNTc4Y2NlOTcwYzBhYmEzZDI5NzE3NGEwMTQ5JnNqanI9NTYmc3ViMz1pbnZva2VfbGF5ZXImdHo9MiZ1dWlkPTYxODM5ZDQ1LTM5YTktNDIxYS1iNzgxLTRlZTgwNTk2OTc0NyUzQTIlM0ExJnY9MjQuNS42NDg1&uuid=61839d45-39a9-421a-b781-4ee805969747%3A2%3A1&pii=&in=false HTTP/1.1
Host: compositeclauseviscount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://compositeclauseviscount.com/api/users?token=L2NhdnRwY2dlOTU_a2V5PTljYTYwMWE5ZjQ3YzczNWRmNzZkNWNhNDZmYTI2YTY2JnN1Ym1ldHJpYz0yMjQwMDEyNQ
Cookie: u_pl=22400125; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjQwMDEyNSwiayI6IjhlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0Iiwic2lkIjoibGl2ZWNhbXJpcHMuY29tLGxpdmVjYW1yaXBzLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MjQxODc0OSwicGlkIjo4MTQ2NDAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTYsImFpZCI6MjgsInB0Ijo0LCJwayI6ImNhdnRwY2dlOTUiLCJjcGtzIjp7IjI5IjoiNWM0MTA2NzBlNjkwY2U5ZGYwZDlkYzk3NDM1MDM1ODgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbGl2ZWNhbXJpcHMuY29tL3ZpZGVvLzIzNzI5MzAiLCJhciI6W119fQ.FUmtBcb8LsZJnwqZUmGeIGpGQDzhwwVuDa3xOwaHxzg; uid_id2=61839d45-39a9-421a-b781-4ee805969747:2:1; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Fri, 03 May 2024 23:41:16 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://twinfill.com/Redirect.eng?MediaSegmentId=23107&dcid=3_ctx_7ebe43d8-87fd-4960-9c82-6451c809f544&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=180&dst=False&v=pPgfHNGoGgkfACYWuK2TGK8lhf1TzrhgcChtV69mVpL2J-7EfWn8bwuJ3m4RUU3w2wFysKbnllXqzcdtKRO6iABzxKNLW4gyQs7PYJPeFyKdTdra64ehWOIWIbPVUCfyUtMgu8ogIrEwHuXdm5UVtl6ylemVo9LHOelVsP3dImxTJek7FnPFtU6FbKPO_XaN2kfEJMFnAwgQHpqSKXHT9zZZ4XQj8_KN5t_IT69HkvOaJJZQ2y1tjhvtoCt0juxBZSB9G50rBaDXfQ0N2aZEauJyZuW0sTOm3ZAOr-Ps7d6G-CkeLRXNOv1o3_dPc42PuDkAoIp3Vpy9LBf-yO8kQnXmRSMF3CYVZyQLLjbUNSm5Gsg-wFouTyqclqsO8ZstzRRI_ms87yereG42YRigNnx2XsbaE48d63QjHmCLfz_QVvpas4rXn4HWIPzRF_x238zwDzbEsRFsMUN3qEaq9FxaQEQMgLobEOEER12nPfDtfzYu5NW3QoHqyBO95Gf8jETdiB4je1l5ObRF8ah3TUWCqfii8UNooYkeR5SOa4xfX06e9Ll4C7jT9B8i0pfiSR9HeY_7uhs6-utl2xtQ00d3ffYVa-RAHAb3smfgZ75CP6c_v07u21fBvy9KnPjz9U79-mB-CJS3Qt73UsU40TSX5eGqtCcgQZ5vOjSrUuNQr2w3uXsA-XgtVVpuAo_5GzKIlz21JHefqN_Z9bH06n9gD3vy0fZFPO82Z5lV2zX8WvYHF2SKr4AHzdw2ukY063HkkrypaWG-YmfadheB12mX8A3WG_iwFUpFFIrrG_xMxx40CDZZTh8zZrIgoIPYk5eWOfeIbwM1ZIFnFQGcDHmc1esvNuwjpDf9fzH4-O1e7cTQ5murzTU50hzepU_kLdA_UdUzTWQD1dz1QU8X6_OiHEDsINOcYGZzrQ8VijOsJ1qNuvK8CX-laufl_az7RXekumXQyvOu3UrMaM5l2A2&kw=&mw=1024&mh=768&ortb=1&at=
Set-Cookie: uid_id2=61839d45-39a9-421a-b781-4ee805969747:2:1; expires=Fri, 10 May 2024 23:41:15 GMT
pdhtkv=true; expires=Sat, 04 May 2024 23:41:16 GMT
uncs=1; expires=Sat, 04 May 2024 23:41:16 GMT
pdhtkv28=true; expires=Sat, 04 May 2024 23:41:16 GMT
uncs28=1; expires=Sat, 04 May 2024 23:41:16 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 601ee0f7a9127a3e3f2e4e212ad19553
Strict-Transport-Security: max-age=0; includeSubdomains

compositeclauseviscount.com/favicon.ico

192.243.61.225

0 B

URL
compositeclauseviscount.com/favicon.ico
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: compositeclauseviscount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://compositeclauseviscount.com/api/users?token=L2NhdnRwY2dlOTU_a2V5PTljYTYwMWE5ZjQ3YzczNWRmNzZkNWNhNDZmYTI2YTY2JnN1Ym1ldHJpYz0yMjQwMDEyNQ
Cookie: u_pl=22400125; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjQwMDEyNSwiayI6IjhlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0Iiwic2lkIjoibGl2ZWNhbXJpcHMuY29tLGxpdmVjYW1yaXBzLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MjQxODc0OSwicGlkIjo4MTQ2NDAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTYsImFpZCI6MjgsInB0Ijo0LCJwayI6ImNhdnRwY2dlOTUiLCJjcGtzIjp7IjI5IjoiNWM0MTA2NzBlNjkwY2U5ZGYwZDlkYzk3NDM1MDM1ODgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbGl2ZWNhbXJpcHMuY29tL3ZpZGVvLzIzNzI5MzAiLCJhciI6W119fQ.FUmtBcb8LsZJnwqZUmGeIGpGQDzhwwVuDa3xOwaHxzg; uid_id2=61839d45-39a9-421a-b781-4ee805969747:2:1; cjs=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 23:41:16 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c6b14bcf67aa4f65160d3a3294f363e3
Strict-Transport-Security: max-age=0; includeSubdomains

edttmar.com/apple-touch-icon-180x180.png?v=1

93.93.51.223

2.2 kB

URL
edttmar.com/apple-touch-icon-180x180.png?v=1
IP
93.93.51.223:0
ASN
#34655 JWE S.a r.l.

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2174 bytes)
Hash
1d005c971e4708075244620366756c6f
5fc0f0b59a47a9656bc5011e0f17fb4eb8090936
3f560e1ccedb12654b628e0b3138c7e8ee8fb2437e76670b1fc68947095533d2

HTTP Headers

GET /apple-touch-icon-180x180.png?v=1 HTTP/1.1
Host: edttmar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://edttmar.com/pu/?psid=ed_dbpmp0ww&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=5580&sub_source=TwinRed%20Exchange%20Partner_ID%205580
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:16 GMT
content-type: image/png
content-length: 2174
last-modified: Fri, 03 May 2024 09:50:44 GMT
etag: "6634b374-87e"
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Sun, 02-Jun-24 23:41:16 GMT; SameSite=None
accept-ranges: bytes
X-Firefox-Spdy: h2

edttmar.com/favicon.ico?v=1

93.93.51.223

1.2 kB

URL
edttmar.com/favicon.ico?v=1
IP
93.93.51.223:0
ASN
#34655 JWE S.a r.l.

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
e16d749198f73da1e36b32d943c04011
070c9027c47ae4215eac3d7e4e47c8d73e2d6221
a38d9ef5e246bb21840e9aade1ad857ab5c0f28e196c2d4cbf9f6a8806d2155e

HTTP Headers

GET /favicon.ico?v=1 HTTP/1.1
Host: edttmar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://edttmar.com/pu/?psid=ed_dbpmp0ww&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=5580&sub_source=TwinRed%20Exchange%20Partner_ID%205580
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:16 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Fri, 03 May 2024 09:50:44 GMT
etag: "6634b374-47e"
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Sun, 02-Jun-24 23:41:16 GMT; SameSite=None
accept-ranges: bytes
X-Firefox-Spdy: h2

twinfill.com/Redirect.eng?MediaSegmentId=23107&dcid=3_ctx_7ebe43d8-87fd-4960-9c82-6451c809f544&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=180&dst=False&v=pPgfHNGoGgkfACYWuK2TGK8lhf1TzrhgcChtV69mVpL2J-7EfWn8bwuJ3m4RUU3w2wFysKbnllXqzcdtKRO6iABzxKNLW4gyQs7PYJPeFyKdTdra64ehWOIWIbPVUCfyUtMgu8ogIrEwHuXdm5UVtl6ylemVo9LHOelVsP3dImxTJek7FnPFtU6FbKPO_XaN2kfEJMFnAwgQHpqSKXHT9zZZ4XQj8_KN5t_IT69HkvOaJJZQ2y1tjhvtoCt0juxBZSB9G50rBaDXfQ0N2aZEauJyZuW0sTOm3ZAOr-Ps7d6G-CkeLRXNOv1o3_dPc42PuDkAoIp3Vpy9LBf-yO8kQnXmRSMF3CYVZyQLLjbUNSm5Gsg-wFouTyqclqsO8ZstzRRI_ms87yereG42YRigNnx2XsbaE48d63QjHmCLfz_QVvpas4rXn4HWIPzRF_x238zwDzbEsRFsMUN3qEaq9FxaQEQMgLobEOEER12nPfDtfzYu5NW3QoHqyBO95Gf8jETdiB4je1l5ObRF8ah3TUWCqfii8UNooYkeR5SOa4xfX06e9Ll4C7jT9B8i0pfiSR9HeY_7uhs6-utl2xtQ00d3ffYVa-RAHAb3smfgZ75CP6c_v07u21fBvy9KnPjz9U79-mB-CJS3Qt73UsU40TSX5eGqtCcgQZ5vOjSrUuNQr2w3uXsA-XgtVVpuAo_5GzKIlz21JHefqN_Z9bH06n9gD3vy0fZFPO82Z5lV2zX8WvYHF2SKr4AHzdw2ukY063HkkrypaWG-YmfadheB12mX8A3WG_iwFUpFFIrrG_xMxx40CDZZTh8zZrIgoIPYk5eWOfeIbwM1ZIFnFQGcDHmc1esvNuwjpDf9fzH4-O1e7cTQ5murzTU50hzepU_kLdA_UdUzTWQD1dz1QU8X6_OiHEDsINOcYGZzrQ8VijOsJ1qNuvK8CX-laufl_az7RXekumXQyvOu3UrMaM5l2A2&kw=&mw=1024&mh=768&ortb=1&at=

104.18.39.86

22 kB

URL
twinfill.com/Redirect.eng?MediaSegmentId=23107&dcid=3_ctx_7ebe43d8-87fd-4960-9c82-6451c809f544&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=180&dst=False&v=pPgfHNGoGgkfACYWuK2TGK8lhf1TzrhgcChtV69mVpL2J-7EfWn8bwuJ3m4RUU3w2wFysKbnllXqzcdtKRO6iABzxKNLW4gyQs7PYJPeFyKdTdra64ehWOIWIbPVUCfyUtMgu8ogIrEwHuXdm5UVtl6ylemVo9LHOelVsP3dImxTJek7FnPFtU6FbKPO_XaN2kfEJMFnAwgQHpqSKXHT9zZZ4XQj8_KN5t_IT69HkvOaJJZQ2y1tjhvtoCt0juxBZSB9G50rBaDXfQ0N2aZEauJyZuW0sTOm3ZAOr-Ps7d6G-CkeLRXNOv1o3_dPc42PuDkAoIp3Vpy9LBf-yO8kQnXmRSMF3CYVZyQLLjbUNSm5Gsg-wFouTyqclqsO8ZstzRRI_ms87yereG42YRigNnx2XsbaE48d63QjHmCLfz_QVvpas4rXn4HWIPzRF_x238zwDzbEsRFsMUN3qEaq9FxaQEQMgLobEOEER12nPfDtfzYu5NW3QoHqyBO95Gf8jETdiB4je1l5ObRF8ah3TUWCqfii8UNooYkeR5SOa4xfX06e9Ll4C7jT9B8i0pfiSR9HeY_7uhs6-utl2xtQ00d3ffYVa-RAHAb3smfgZ75CP6c_v07u21fBvy9KnPjz9U79-mB-CJS3Qt73UsU40TSX5eGqtCcgQZ5vOjSrUuNQr2w3uXsA-XgtVVpuAo_5GzKIlz21JHefqN_Z9bH06n9gD3vy0fZFPO82Z5lV2zX8WvYHF2SKr4AHzdw2ukY063HkkrypaWG-YmfadheB12mX8A3WG_iwFUpFFIrrG_xMxx40CDZZTh8zZrIgoIPYk5eWOfeIbwM1ZIFnFQGcDHmc1esvNuwjpDf9fzH4-O1e7cTQ5murzTU50hzepU_kLdA_UdUzTWQD1dz1QU8X6_OiHEDsINOcYGZzrQ8VijOsJ1qNuvK8CX-laufl_az7RXekumXQyvOu3UrMaM5l2A2&kw=&mw=1024&mh=768&ortb=1&at=
IP
104.18.39.86:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
22 kB (21899 bytes)
Hash
7012cd7f016c08a8d640bb9a92aa675b
34c96980154a10816c0f38cce640d87e98c395b9
88249749984d3ad10000382961ae40c094e873fe3ec918618d99463b16fb1fb9

HTTP Headers

GET /Redirect.eng?MediaSegmentId=23107&dcid=3_ctx_7ebe43d8-87fd-4960-9c82-6451c809f544&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=180&dst=False&v=pPgfHNGoGgkfACYWuK2TGK8lhf1TzrhgcChtV69mVpL2J-7EfWn8bwuJ3m4RUU3w2wFysKbnllXqzcdtKRO6iABzxKNLW4gyQs7PYJPeFyKdTdra64ehWOIWIbPVUCfyUtMgu8ogIrEwHuXdm5UVtl6ylemVo9LHOelVsP3dImxTJek7FnPFtU6FbKPO_XaN2kfEJMFnAwgQHpqSKXHT9zZZ4XQj8_KN5t_IT69HkvOaJJZQ2y1tjhvtoCt0juxBZSB9G50rBaDXfQ0N2aZEauJyZuW0sTOm3ZAOr-Ps7d6G-CkeLRXNOv1o3_dPc42PuDkAoIp3Vpy9LBf-yO8kQnXmRSMF3CYVZyQLLjbUNSm5Gsg-wFouTyqclqsO8ZstzRRI_ms87yereG42YRigNnx2XsbaE48d63QjHmCLfz_QVvpas4rXn4HWIPzRF_x238zwDzbEsRFsMUN3qEaq9FxaQEQMgLobEOEER12nPfDtfzYu5NW3QoHqyBO95Gf8jETdiB4je1l5ObRF8ah3TUWCqfii8UNooYkeR5SOa4xfX06e9Ll4C7jT9B8i0pfiSR9HeY_7uhs6-utl2xtQ00d3ffYVa-RAHAb3smfgZ75CP6c_v07u21fBvy9KnPjz9U79-mB-CJS3Qt73UsU40TSX5eGqtCcgQZ5vOjSrUuNQr2w3uXsA-XgtVVpuAo_5GzKIlz21JHefqN_Z9bH06n9gD3vy0fZFPO82Z5lV2zX8WvYHF2SKr4AHzdw2ukY063HkkrypaWG-YmfadheB12mX8A3WG_iwFUpFFIrrG_xMxx40CDZZTh8zZrIgoIPYk5eWOfeIbwM1ZIFnFQGcDHmc1esvNuwjpDf9fzH4-O1e7cTQ5murzTU50hzepU_kLdA_UdUzTWQD1dz1QU8X6_OiHEDsINOcYGZzrQ8VijOsJ1qNuvK8CX-laufl_az7RXekumXQyvOu3UrMaM5l2A2&kw=&mw=1024&mh=768&ortb=1&at= HTTP/1.1
Host: twinfill.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://compositeclauseviscount.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:16 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=9b227aca-9357-43d1-84b6-d9c44b1beb68; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure
ISSH=731069; path=/; SameSite=None; secure
VMI=3b7099e4-8a57-4962-9efe-a79cc9414b77; path=/; SameSite=None; secure
IPLH=#{"28253":[{"SId":"731069","D":"24/5/3T16:41:16"}]}; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[28253]; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#~1~F~6~71714777200000)%5c%2f%22~911185~c5580~a%22Norway%22~b0~d0~e0~f14588~g80~h6~i16108~j19996~k23982~l28253~m38646~n1~q~r~u~v~x~z~C~P~L~N_DT-1_OS-100_Br-2_PlM-0_OSV-100_ABR-false~R~T_isPr-false_IA-false_N-2~U0_POR-false_DD-%22a649de6d-2b93-4301-9b82-e05c3227a163%22_Tz-180_TzD-false_BrV-96_F-0_A2-9902_Ca2-36016_Pl2-64257_Do-196706_UPCO-false_Wi-1024_He-768~G0~H"2024-06-02T16:41:16.2302729-07:00~2; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Sat, 04-May-2024 03:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#1/1/0001 12:00:00 AM; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure
IOPT=#[]; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{"14588":[{"SId":"731069","D":"24/5/3T16:41:16"}]}; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[14588]; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{"38646":[{"SId":"731069","D":"24/5/3T16:41:16"}]}; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[38646]; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{"5580":[{"SId":"731069","D":"24/5/3T16:41:16"}]}; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[5580]; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{"16108":[{"SId":"731069","D":"24/5/3T16:41:16"}]}; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[16108]; expires=Wed, 03-May-2034 23:41:16 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87e419cfaf7356be-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/bonuscredit/css/bonuscredit-v764270.css

93.93.51.201

200 OK

31 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/bonuscredit/css/bonuscredit-v764270.css
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
gzip compressed data, max speed, from Unix
Size
31 kB (31298 bytes)
Hash
a82ad7f548ee40f5a2fba2ef2759385e
b99ebcd0ff0ceb40b2b2b7cedd1b18cfa8af1998
09377056cdc2f52151d4df49e18da5d2940df1b507bd3fc1f943ee24195c06d6

HTTP Headers

GET /npe/bonuscredit/css/bonuscredit-v764270.css HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 14:10:42 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66339ee2-8dc"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/_common/fonts/roboto_regular-webfont-v764270.woff

93.93.51.201

200 OK

89 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/_common/fonts/roboto_regular-webfont-v764270.woff
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
Web Open Font Format, TrueType, length 89436, version 2.1101
Size
89 kB (89436 bytes)
Hash
27ebb57ca80d9efd1d7b2bb174af090f
527a35fa8eb34124d8bdc9bee973de676977637d
866c21d6cada368ff5a8049cb94a899b547fc763068036aacf94be7b24a2a40e

HTTP Headers

GET /npe/_common/fonts/roboto_regular-webfont-v764270.woff HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crpdt.livejasmin.com
DNT: 1
Connection: keep-alive
Referer: https://pt-static4.jsmsat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: application/font-woff
content-length: 89436
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-15d5c"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/_common/fonts/awepromotools-v764270.woff

93.93.51.201

200 OK

2.0 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/_common/fonts/awepromotools-v764270.woff
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
Web Open Font Format, TrueType, length 2012, version 0.0
Size
2.0 kB (2012 bytes)
Hash
fa3ce3d548dc5dee1dc96d2fc739f879
6a05a3a6c264d90e9780d20e0ee104401b21b35a
faf04186101fc9c07cae4daafc4fc83d2a0a0298634106b9d4482f81df4632e3

HTTP Headers

GET /npe/_common/fonts/awepromotools-v764270.woff HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crpdt.livejasmin.com
DNT: 1
Connection: keep-alive
Referer: https://pt-static4.jsmsat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: application/font-woff
content-length: 2012
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-7dc"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static1.jsmsat.com/npe/image/smilies_ex.png

93.93.51.201

200 OK

8.5 kB

URL GET HTTP/2
pt-static1.jsmsat.com/npe/image/smilies_ex.png
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt.awempt.com
Fingerprint34:65:41:37:F8:CE:82:DC:CE:22:50:59:B8:3B:36:5E:E4:7A:A4:C6
ValidityMon, 29 Apr 2024 11:01:04 GMT - Sun, 28 Jul 2024 11:01:03 GMT

File type
PNG image data, 536 x 138, 8-bit colormap, non-interlaced
Size
8.5 kB (8533 bytes)
Hash
53fc00ebf44066190d5faea2a7931e7c
21178ac1ffb10f958d26d17a0fe49d5d31a00720
63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c

HTTP Headers

GET /npe/image/smilies_ex.png HTTP/1.1
Host: pt-static1.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: image/png
content-length: 8533
last-modified: Wed, 10 Apr 2024 06:53:03 GMT
etag: "6616374f-2155"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/pu/play/css/play-v764270.css

93.93.51.201

200 OK

21 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/pu/play/css/play-v764270.css
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
gzip compressed data, max speed, from Unix
Size
21 kB (21373 bytes)
Hash
84c6c10d332b758898e3dbf4387194b1
1c757cb11c7506ca92e511e0916f66a6cad96f8f
87141ffc27bcc44b2b7923d33de5d555c2859665dbd1d3718b1373341993eb2f

HTTP Headers

GET /npe/pu/play/css/play-v764270.css HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 14:10:42 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66339ee2-17156"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2

galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f18/8df100d1c11adfd3c71995f09165aa85_glamour_215x121.jpg?cno=4926

93.93.51.190

200 OK

8.0 kB

URL GET HTTP/2
galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f18/8df100d1c11adfd3c71995f09165aa85_glamour_215x121.jpg?cno=4926
IP
93.93.51.190:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerSectigo Limited
Subject*.vcmdiawe.com
FingerprintCE:0E:FE:7C:F9:7E:6E:39:18:50:38:A4:A1:30:34:CA:86:47:16:2C
ValidityMon, 08 Apr 2024 00:00:00 GMT - Fri, 02 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 215x121, components 3
Size
8.0 kB (8032 bytes)
Hash
2b4a87bf755efe189ee1d8437604e894
9951fb398ecd6900059eb3b0d8712883dec72ff5
1e3ae474625efd488b5c7668a6afe237f6c9665f8d6c5b2c5ce090ab974704cb

HTTP Headers

GET /ff268cab8d9fbae1ed7506f97496274f18/8df100d1c11adfd3c71995f09165aa85_glamour_215x121.jpg?cno=4926 HTTP/1.1
Host: galleryn3.vcmdiawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: image/jpeg
content-length: 8032
last-modified: Thu, 11 Apr 2024 02:15:41 GMT
x-rgw-object-type: Normal
etag: "2b4a87bf755efe189ee1d8437604e894"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/_common/fonts/oswald-bold-webfont-v764270.woff

93.93.51.201

200 OK

60 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/_common/fonts/oswald-bold-webfont-v764270.woff
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
Web Open Font Format, TrueType, length 60252, version 1.0
Size
60 kB (60252 bytes)
Hash
32e83b35ba2644f4307eff171d132a59
33c926293da5233bf23b983adddee7c60d123029
47f5891f562e379f8824e0dfabfb3502336ae3d158e29268725c9d04ac1bfa5f

HTTP Headers

GET /npe/_common/fonts/oswald-bold-webfont-v764270.woff HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crpdt.livejasmin.com
DNT: 1
Connection: keep-alive
Referer: https://pt-static4.jsmsat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: application/font-woff
content-length: 60252
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-eb5c"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/_common/fonts/roboto_bold-webfont-v764270.woff

93.93.51.201

200 OK

90 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/_common/fonts/roboto_bold-webfont-v764270.woff
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
Web Open Font Format, TrueType, length 89584, version 2.1150
Size
90 kB (89584 bytes)
Hash
5da9ea748f871afd777b452f15c71f2f
65603d39f5473276cbff6bf6f23e984240ec4f68
e485cf8605b5490285c439b818a7123f5855c6a3e831b01046c6dc62718bac88

HTTP Headers

GET /npe/_common/fonts/roboto_bold-webfont-v764270.woff HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crpdt.livejasmin.com
DNT: 1
Connection: keep-alive
Referer: https://pt-static4.jsmsat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: application/font-woff
content-length: 89584
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-15df0"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/bonuscredit/bonuscredit-v764270.js

93.93.51.201

200 OK

14 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/bonuscredit/bonuscredit-v764270.js
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
gzip compressed data, max speed, from Unix
Size
14 kB (14444 bytes)
Hash
f1e97f0448edeb4cb25c1d6b215a0d0a
a7cb4fa11f66690a5cc3a219259c958f57cbfd38
d42ce1a2d72ba2ebc2a8718495924faf4b70c7470cf6f2a2761561fff4f22a7f

HTTP Headers

GET /npe/bonuscredit/bonuscredit-v764270.js HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 14:10:42 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66339ee2-6379"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2

edttmar.com/pu/?psid=ed_dbpmp0ww&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=5580&sub_source=TwinRed%20Exchange%20Partner_ID%205580

93.93.51.223

200 OK

90 kB

URL User Request GET HTTP/2
edttmar.com/pu/?psid=ed_dbpmp0ww&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=5580&sub_source=TwinRed%20Exchange%20Partner_ID%205580
IP
93.93.51.223:443
ASN
#34655 JWE S.a r.l.

Certificate
IssuerLet's Encrypt
Subjectctjdmar.com
Fingerprint98:31:BD:CD:1F:97:85:B5:BF:0F:A6:DB:82:95:33:1D:A7:B5:8F:13
ValidityThu, 14 Mar 2024 14:01:05 GMT - Wed, 12 Jun 2024 14:01:04 GMT

File type
gzip compressed data, max speed, from Unix
Size
90 kB (90040 bytes)
Hash
0e15c41977bdcc205a8b5e1b5cf80204
2a1f955ad01dd57fdc90df49524aa7718cc17561
e64653d3fa55fe349eb090bf69970f0d38126e9267bff9448e924bcfadc908bf

HTTP Headers

GET /pu/?psid=ed_dbpmp0ww&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=5580&sub_source=TwinRed%20Exchange%20Partner_ID%205580 HTTP/1.1
Host: edttmar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://twinfill.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-target-pstool: 300_310
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Sun, 02-Jun-24 23:41:16 GMT; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

pt-static1.jsmsat.com/npe/_common/script/incognito/di.min-v764270.js

93.93.51.201

200 OK

10 kB

URL GET HTTP/2
pt-static1.jsmsat.com/npe/_common/script/incognito/di.min-v764270.js
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt.awempt.com
Fingerprint34:65:41:37:F8:CE:82:DC:CE:22:50:59:B8:3B:36:5E:E4:7A:A4:C6
ValidityMon, 29 Apr 2024 11:01:04 GMT - Sun, 28 Jul 2024 11:01:03 GMT

File type
gzip compressed data, max speed, from Unix
Size
10 kB (10327 bytes)
Hash
1342ada05e879cd24f52cc85dc61fee5
c85ff1d9f601d263380e198b94c2d900fce392e1
70e2d820fe64c41dcb1884ca08118fef0a451fd392d0987e7b891430645179ac

HTTP Headers

GET /npe/_common/script/incognito/di.min-v764270.js HTTP/1.1
Host: pt-static1.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 14:10:42 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66339ee2-d47"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2

galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f12/26278e460b8c3fcf6a986cc577f4812e_glamour_896x504.jpg

93.93.51.190

200 OK

70 kB

URL GET HTTP/2
galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f12/26278e460b8c3fcf6a986cc577f4812e_glamour_896x504.jpg
IP
93.93.51.190:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerSectigo Limited
Subject*.vcmdiawe.com
FingerprintCE:0E:FE:7C:F9:7E:6E:39:18:50:38:A4:A1:30:34:CA:86:47:16:2C
ValidityMon, 08 Apr 2024 00:00:00 GMT - Fri, 02 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 896x504, components 3
Size
70 kB (69532 bytes)
Hash
7a1601a9e0d4036acb6e263dcd9024e4
5c5acd03c9236c37b8c0a3bc2b4c3384fc243597
c3c95866c6e50f8cd6f87b215eb1937ef879bdd79ceca39eacdf76169fa5a5ae

HTTP Headers

GET /ff268cab8d9fbae1ed7506f97496274f12/26278e460b8c3fcf6a986cc577f4812e_glamour_896x504.jpg HTTP/1.1
Host: galleryn2.vcmdiawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: image/jpeg
content-length: 69532
last-modified: Tue, 23 Apr 2024 00:29:44 GMT
x-rgw-object-type: Normal
etag: "7a1601a9e0d4036acb6e263dcd9024e4"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static3.jsmsat.com/npe/image/jsm/apple-touch-icon-v764270.png

93.93.51.201

200 OK

1.8 kB

URL GET HTTP/2
pt-static3.jsmsat.com/npe/image/jsm/apple-touch-icon-v764270.png
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1816 bytes)
Hash
a027cfe96f15d9209260f3db74b8d89f
1468c1ff6998f83e5b4cbd3f6cea2a93ee8910fa
ac1f03bb6732b2b6252172c350ca2e2b666f5752c2acda4200cd4a464401869b

HTTP Headers

GET /npe/image/jsm/apple-touch-icon-v764270.png HTTP/1.1
Host: pt-static3.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: image/png
content-length: 1816
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-718"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static5.jsmsat.com/npe/image/jsm/favicon-v764270.ico

93.93.51.201

200 OK

392 B

URL GET HTTP/2
pt-static5.jsmsat.com/npe/image/jsm/favicon-v764270.ico
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
392 B (392 bytes)
Hash
f56e924ea4f68fe44ee8838ac0b8e7c3
d7468113aa5fb5ba21e3aa3def804444f8a56e0e
7a50956463e19c120d3dc96067e46425223fee02d230233b14ed5dda3685f9ae

HTTP Headers

GET /npe/image/jsm/favicon-v764270.ico HTTP/1.1
Host: pt-static5.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: image/x-icon
content-length: 392
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-188"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

crpdt.livejasmin.com/z28y3/86k.gif?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed&mr=0&categoryName=girl&im=1

93.93.51.191

200 OK

43 B

URL GET HTTP/2
crpdt.livejasmin.com/z28y3/86k.gif?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed&mr=0&categoryName=girl&im=1
IP
93.93.51.191:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectcrpdt.livejasmin.com
FingerprintF3:55:B1:0F:67:DF:42:0D:1D:84:56:74:CE:4A:5C:7B:A6:6D:BF:D4
ValidityTue, 02 Apr 2024 15:01:06 GMT - Mon, 01 Jul 2024 15:01:05 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /z28y3/86k.gif?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed&mr=0&categoryName=girl&im=1 HTTP/1.1
Host: crpdt.livejasmin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Sun, 02-Jun-24 23:41:17 GMT; SameSite=None; Secure
expires: Fri, 03 May 2024 23:41:16 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

ccs.livejasmin.com/ccs.php?ccs=1&psid=ed_dbpmp0ww&subAffId=5580&psref=TwinRed&pstool=300_310

93.93.51.225

200 OK

69 B

URL GET HTTP/2
ccs.livejasmin.com/ccs.php?ccs=1&psid=ed_dbpmp0ww&subAffId=5580&psref=TwinRed&pstool=300_310
IP
93.93.51.225:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectccs.livejasmin.com
FingerprintA3:1A:F0:92:C1:0E:A2:D7:8F:57:87:9D:7F:33:77:E5:AA:B6:B0:CB
ValidityThu, 02 May 2024 13:01:05 GMT - Wed, 31 Jul 2024 13:01:04 GMT

File type
PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced
Size
69 B (69 bytes)
Hash
df15c61986fc44f0000081374bdcd6fb
da69991e3d456f15f1b9ac2f11d6c79a5240541d
126a629b1a5b11de957e290957f73e9bf7abf7cf63eb0ddb7eb5db95edfdff2a

HTTP Headers

GET /ccs.php?ccs=1&psid=ed_dbpmp0ww&subAffId=5580&psref=TwinRed&pstool=300_310 HTTP/1.1
Host: ccs.livejasmin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:22 GMT
content-type: image/png
content-length: 69
set-cookie: macctid=ed_dbpmp0ww; expires=Fri, 17-May-2024 23:41:22 GMT; Max-Age=1209600; path=/; domain=.livejasmin.com; secure; SameSite=None
ccs=YToxMDp7czo0OiJwc2lkIjtzOjExOiJlZF9kYnBtcDB3dyI7czo1OiJwc3JlZiI7czo3OiJUd2luUmVkIjtzOjY6InBzdG91ciI7czoyOiJ0MSI7czo5OiJwc3Byb2dyYW0iO3M6NDoiUkVWUyI7czo2OiJwc3Rvb2wiO3M6NzoiMzAwXzMxMCI7czoxMToiY2FtcGFpZ25faWQiO2k6MDtzOjEzOiJwc3BlcmZvcm1lcmlkIjtzOjA6IiI7czo5OiJwc2h0dHByZWYiO3M6Mzc6Imh0dHBzJTNBJTJGJTJGY3JwZHQubGl2ZWphc21pbi5jb20lMkYiO3M6MTA6ImNyZWF0ZWRfYXQiO2k6MTcxNDc3OTY4MjtzOjk6ImFmZnBhcmFtcyI7czoyODoiZXlKemRXSkJabVpKWkNJNklqVTFPREFpZlE9PSI7fQ%3D%3D; expires=Fri, 17-May-2024 23:41:22 GMT; Max-Age=1209600; path=/; domain=.livejasmin.com; secure; SameSite=None
server: unknown
X-Firefox-Spdy: h2

galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f12/26278e460b8c3fcf6a986cc577f4812e_glamour_215x121.jpg?cno=ce44

93.93.51.190

200 OK

9.0 kB

URL GET HTTP/2
galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f12/26278e460b8c3fcf6a986cc577f4812e_glamour_215x121.jpg?cno=ce44
IP
93.93.51.190:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerSectigo Limited
Subject*.vcmdiawe.com
FingerprintCE:0E:FE:7C:F9:7E:6E:39:18:50:38:A4:A1:30:34:CA:86:47:16:2C
ValidityMon, 08 Apr 2024 00:00:00 GMT - Fri, 02 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 215x121, components 3
Size
9.0 kB (8969 bytes)
Hash
e09e548bf4e76037d4cb98af3d72997c
5f58ecb0cb950fbf57532df1f23caf1f57621e8d
ee10ff958adc1981da753031b29e265eef443d6687279c6e5a139ac8c837467b

HTTP Headers

GET /ff268cab8d9fbae1ed7506f97496274f12/26278e460b8c3fcf6a986cc577f4812e_glamour_215x121.jpg?cno=ce44 HTTP/1.1
Host: galleryn0.vcmdiawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: image/jpeg
content-length: 8969
last-modified: Thu, 02 May 2024 23:38:02 GMT
x-rgw-object-type: Normal
etag: "e09e548bf4e76037d4cb98af3d72997c"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2

galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1f/f4f8755735afb72ada965a44faeb9e3f_glamour_215x121.jpg?cno=f8ae

93.93.51.190

200 OK

5.0 kB

URL GET HTTP/2
galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1f/f4f8755735afb72ada965a44faeb9e3f_glamour_215x121.jpg?cno=f8ae
IP
93.93.51.190:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerSectigo Limited
Subject*.vcmdiawe.com
FingerprintCE:0E:FE:7C:F9:7E:6E:39:18:50:38:A4:A1:30:34:CA:86:47:16:2C
ValidityMon, 08 Apr 2024 00:00:00 GMT - Fri, 02 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 215x121, components 3
Size
5.0 kB (5021 bytes)
Hash
9dc95ee2a5aef97334691b1476afc316
4f76db5219c201463c7130abc2ae29fc611453c6
eb19bb1c4f6baf29c974eea22af8455bf8a7debf5dbc649c7482a2cb33ace998

HTTP Headers

GET /ff268cab8d9fbae1ed7506f97496274f1f/f4f8755735afb72ada965a44faeb9e3f_glamour_215x121.jpg?cno=f8ae HTTP/1.1
Host: galleryn0.vcmdiawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: image/jpeg
content-length: 5021
last-modified: Wed, 23 Aug 2023 10:17:03 GMT
x-rgw-object-type: Normal
etag: "9dc95ee2a5aef97334691b1476afc316"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static1.jsmsat.com/npe/_common/script/adblock/ad_left_-v764270.js

93.93.51.201

200 OK

21 B

URL GET HTTP/2
pt-static1.jsmsat.com/npe/_common/script/adblock/ad_left_-v764270.js
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt.awempt.com
Fingerprint34:65:41:37:F8:CE:82:DC:CE:22:50:59:B8:3B:36:5E:E4:7A:A4:C6
ValidityMon, 29 Apr 2024 11:01:04 GMT - Sun, 28 Jul 2024 11:01:03 GMT

File type
ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
01c6e7ecb819ef28b0c9b962513a1596
1a49f493db7b91ed34a7040d36732352b9a5dc39
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

HTTP Headers

GET /npe/_common/script/adblock/ad_left_-v764270.js HTTP/1.1
Host: pt-static1.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: application/javascript
content-length: 21
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-15"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f18/8684b4cf605b0fe12632a5042e6a6d2d_glamour_215x121.jpg?cno=72d9

93.93.51.190

200 OK

5.8 kB

URL GET HTTP/2
galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f18/8684b4cf605b0fe12632a5042e6a6d2d_glamour_215x121.jpg?cno=72d9
IP
93.93.51.190:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerSectigo Limited
Subject*.vcmdiawe.com
FingerprintCE:0E:FE:7C:F9:7E:6E:39:18:50:38:A4:A1:30:34:CA:86:47:16:2C
ValidityMon, 08 Apr 2024 00:00:00 GMT - Fri, 02 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 215x121, components 3
Size
5.8 kB (5839 bytes)
Hash
f955b0769144b2941616154cea107042
312177c0da5f58b4e1359c49795b7e677c310147
dd4ab8a7dcdf1008b43e4013021fa62f7171d9b1281256314ccd02d1d6aacc8a

HTTP Headers

GET /ff268cab8d9fbae1ed7506f97496274f18/8684b4cf605b0fe12632a5042e6a6d2d_glamour_215x121.jpg?cno=72d9 HTTP/1.1
Host: galleryn2.vcmdiawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: image/jpeg
content-length: 5839
last-modified: Sat, 27 Apr 2024 00:59:22 GMT
x-rgw-object-type: Normal
etag: "f955b0769144b2941616154cea107042"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static4.jsmsat.com/npe/image/more_models_jsm-v764270.png

93.93.51.201

200 OK

31 kB

URL GET HTTP/2
pt-static4.jsmsat.com/npe/image/more_models_jsm-v764270.png
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt-static3.jsmsat.com
Fingerprint93:63:D3:C8:05:AC:68:91:2E:74:E1:22:13:A2:D1:73:58:C7:01:03
ValiditySun, 28 Apr 2024 23:01:07 GMT - Sat, 27 Jul 2024 23:01:06 GMT

File type
PNG image data, 180 x 101, 8-bit/color RGBA, non-interlaced
Size
31 kB (30562 bytes)
Hash
4eaea38e52a7403de85f0b183fb2b972
712a0f0d0009ab7bbe36110c15ec30a7f2df1711
551007f217235bc96a341ca01ce1eecb98dc509ae5fbc47e5013c7ac6ac8a9d2

HTTP Headers

GET /npe/image/more_models_jsm-v764270.png HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pt-static4.jsmsat.com/npe/pu/play/css/play-v764270.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: image/png
content-length: 30562
last-modified: Thu, 02 May 2024 14:10:42 GMT
etag: "66339ee2-7762"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1a/a4231ac3bfe8f7cb7f33c96a7abe4da9_glamour_215x121.jpg?cno=8bb0

93.93.51.190

200 OK

6.5 kB

URL GET HTTP/2
galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1a/a4231ac3bfe8f7cb7f33c96a7abe4da9_glamour_215x121.jpg?cno=8bb0
IP
93.93.51.190:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerSectigo Limited
Subject*.vcmdiawe.com
FingerprintCE:0E:FE:7C:F9:7E:6E:39:18:50:38:A4:A1:30:34:CA:86:47:16:2C
ValidityMon, 08 Apr 2024 00:00:00 GMT - Fri, 02 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 215x121, components 3
Size
6.5 kB (6527 bytes)
Hash
86731aa6e7ebdf6929bcda2b9b9cc7f8
165d3f67c2b89639e1be7be22bfe85f87de5fd2f
7a00f3bed2b0da5a96c39a9bcc8e299e1fffb8fce975b15e8a1da7caf3519372

HTTP Headers

GET /ff268cab8d9fbae1ed7506f97496274f1a/a4231ac3bfe8f7cb7f33c96a7abe4da9_glamour_215x121.jpg?cno=8bb0 HTTP/1.1
Host: galleryn1.vcmdiawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: image/jpeg
content-length: 6527
last-modified: Fri, 15 Mar 2024 23:31:31 GMT
x-rgw-object-type: Normal
etag: "86731aa6e7ebdf6929bcda2b9b9cc7f8"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2

pt-static2.jsmsat.com/npe/pu/play/script/pu.play-v764270.js

93.93.51.201

200 OK

237 kB

URL GET HTTP/2
pt-static2.jsmsat.com/npe/pu/play/script/pu.play-v764270.js
IP
93.93.51.201:443
ASN
#34655 JWE S.a r.l.

Requested by
https://crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
Certificate
IssuerLet's Encrypt
Subjectpt.awempt.com
Fingerprint34:65:41:37:F8:CE:82:DC:CE:22:50:59:B8:3B:36:5E:E4:7A:A4:C6
ValidityMon, 29 Apr 2024 11:01:04 GMT - Sun, 28 Jul 2024 11:01:03 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
237 kB (236582 bytes)
Hash
370b3b3a937dcb49cd5a3127339a93f1
9afd3a07a4297227cd1ba2def55ee76328106488
65fcb140fc58dc5f13889f2f50318f1821e361c980dfab11e96dc07000277618

HTTP Headers

GET /npe/pu/play/script/pu.play-v764270.js HTTP/1.1
Host: pt-static2.jsmsat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crpdt.livejasmin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 23:41:17 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 14:10:42 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66339ee2-39c26"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Fri, 17 May 2024 23:41:17 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2

crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0

93.93.51.191

200 OK

43 kB

URL User Request GET HTTP/2
crpdt.livejasmin.com/pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0
IP
93.93.51.191:443
ASN
#34655 JWE S.a r.l.

Certificate
IssuerLet's Encrypt
Subjectcrpdt.livejasmin.com
FingerprintF3:55:B1:0F:67:DF:42:0D:1D:84:56:74:CE:4A:5C:7B:A6:6D:BF:D4
ValidityTue, 02 Apr 2024 15:01:06 GMT - Mon, 01 Jul 2024 15:01:05 GMT

File type
JavaScript source, ASCII text, with very long lines (2543)
Size
43 kB (42645 bytes)
Hash
1fb5c1cc79d1863061d764b2facc710e
1b5b53f0016435091403d3bff7eaa1307abcc6cb
f016cf85a190ba6e13f547da1a2d25d2a7baf56286bb48c4d0c950872bf2f0af

HTTP Headers

GET /pu/play/st?ms_rnd=1714779676.76579&pstool=300_310&psid=ed_dbpmp0ww&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=5580&sub_source=TwinRed+Exchange+Partner_ID+5580&origin=TwinRed+Exchange+Partner_ID+5580&mr=0 HTTP/1.1
Host: crpdt.livejasmin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://edttmar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-ud-id: z28y3/86k
cache-control: no-cache
date: Fri, 03 May 2024 23:41:17 GMT
server: unknown
x-cache-status: R-MISS
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Sun, 02-Jun-24 23:41:17 GMT; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML