Report - yjrjw.rigelbetelgeuse.top/?pl=evEDv2qbh0GeSir8AYVTqQ&click_id=mwwy9xuokti&sub

Report Overview

Submitted URL
yjrjw.rigelbetelgeuse.top/?pl=evEDv2qbh0GeSir8AYVTqQ&click_id=mwwy9xuokti&sub_id=push
IP
104.21.22.161
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 08:38:05
Access
public
Website Title
Loveme
Final URL
sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
od.check-tl-ver-54-3.com	unknown	unknown	No data	No data	4.5 kB	1.9 MB	104.21.58.39
sexcool-dating.life	unknown	2024-03-27	2024-04-11	2024-05-03	7.8 kB	614 kB	185.155.186.17
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	1.1 kB	66 kB	216.58.207.227
yjrjw.rigelbetelgeuse.top	unknown	unknown	No data	No data	539 B	1.1 kB	172.67.205.133
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-10	2.7 kB	64 kB	142.250.74.163
oa.check-tl-ver-54-3.com	unknown	unknown	No data	No data	5.2 kB	1.9 MB	188.114.96.1
cdnstatic.check-tl-ver-54-3.com	unknown	2024-04-06	2024-04-11	2024-04-24	1.8 kB	51 kB	188.114.96.1
yjrjw.check-tl-ver-54-3.com	unknown	unknown	No data	No data	5.8 kB	3.2 MB	104.21.58.39
ob.check-tl-ver-54-3.com	unknown	unknown	No data	No data	4.5 kB	660 kB	104.21.58.39
oc.check-tl-ver-54-3.com	unknown	unknown	No data	No data	5.1 kB	2.0 MB	104.21.58.39
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	462 B	1.9 kB	142.250.74.170

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	sexcool-dating.life	Sinkholed
2024-05-10	medium	sexcool-dating.life	Sinkholed
2024-05-10	medium	sexcool-dating.life	Sinkholed
2024-05-10	medium	sexcool-dating.life	Sinkholed
2024-05-10	medium	sexcool-dating.life	Sinkholed
2024-05-10	medium	sexcool-dating.life	Sinkholed
2024-05-10	medium	sexcool-dating.life	Sinkholed
2024-05-10	medium	sexcool-dating.life	Sinkholed
2024-05-10	medium	sexcool-dating.life	Sinkholed
2024-05-10	medium	sexcool-dating.life	Sinkholed
2024-05-10	medium	sexcool-dating.life	Sinkholed
2024-05-10	medium	sexcool-dating.life	Sinkholed
2024-05-10	medium	sexcool-dating.life	Sinkholed
2024-05-10	medium	sexcool-dating.life	Sinkholed
2024-05-10	medium	sexcool-dating.life	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	unknown	63 B	2023-04-15	2024-05-20
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-15 18:53:55 Last Seen2024-05-20 12:38:01 Times Seen583 Hash fd54c4bec1e894bb14b2a82157f62aa7 954b645371c7d7e3e19b7253806187ed1bec4a14 7fd8c489eaf6afd63b4d2344e6d4e12a97897eb5f199e0cdaa7575e60eb5d7f2 Loading...

	sexcool-dating.life/util/utils.js	7.5 kB	2023-03-07	2024-05-20
Pretty URL sexcool-dating.life/util/utils.js IP 185.155.186.17 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-20 16:19:15 Times Seen21467 Hash 01816d15ca03032751161a746e2fb7c3 dcc72ea5fa1356490ba473288159df9786b4a3c3 8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea Loading...

	sexcool-dating.life/media/exit-new/exit1.js	3.5 kB	2023-03-07	2024-05-20
Pretty URL sexcool-dating.life/media/exit-new/exit1.js IP 185.155.186.17 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-20 16:19:15 Times Seen13972 Hash 625e5e2950612f771e246beb33c9ea61 e4fc251c6c000496c285f8dc3fa097040b031681 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46 Loading...

	sexcool-dating.life/media/dating/dirtysinder/js/jquery-2.2.4.min.js	86 kB	2023-03-07	2024-05-20
Pretty URL sexcool-dating.life/media/dating/dirtysinder/js/jquery-2.2.4.min.js IP 185.155.186.17 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-20 22:19:18 Times Seen395263 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	sexcool-dating.life/media/dating/dirtysinder/js/trls.js	18 kB	2023-03-07	2024-05-20
Pretty URL sexcool-dating.life/media/dating/dirtysinder/js/trls.js IP 185.155.186.17 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:38 Last Seen2024-05-20 12:38:01 Times Seen1199 Hash 0d71a75c3acc2f59514014dd333c64c8 4b24c64041e32ea6853f313f7196740d6c33fabd 1a7eb7795296faf56df1f30f1c6771b7eaa9290c60127e3e9d86696668ea48c8 Loading...

	sexcool-dating.life/media/bb.js	639 B	2023-03-07	2024-05-20
Pretty URL sexcool-dating.life/media/bb.js IP 185.155.186.17 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-20 16:19:15 Times Seen14301 Hash 0d553e4bac91c74bfee2dbabba61e99e 5af71e2377c9c012a7826a695f2724901941b19b 1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68 Loading...

	sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback	667 B	2024-05-10	2024-05-10
Pretty URL sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback IP 185.155.186.17 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 10:38:13 Last Seen2024-05-10 10:38:13 Times Seen1 Hash 930fd05f136a614c951f8c825624c415 900c937cfa184eda0c0e45dea19f705673a88172 62a1f395b4d1857fa00aa9303f078ce4170a5603a9cfb9ea73c0c14144cfc72f Loading...

	sexcool-dating.life/media/dating/dirtysinder/js/main.js	3.1 kB	2023-03-07	2024-05-20
Pretty URL sexcool-dating.life/media/dating/dirtysinder/js/main.js IP 185.155.186.17 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:38 Last Seen2024-05-20 12:38:01 Times Seen1197 Hash 4ff0f5ad435331f44d0b0691647bc6f9 ab7dd8e1113df02e4783dc4a714d644fe939984d 2c03acf3d158e2105bd0881aab875eadf0cca1167beb22d930888b28f34ae5a5 Loading...

HTTP Transactions (67)

URL IP Response Size

yjrjw.rigelbetelgeuse.top/?pl=evEDv2qbh0GeSir8AYVTqQ&click_id=mwwy9xuokti&sub_id=push

172.67.205.133

0 B

URL
yjrjw.rigelbetelgeuse.top/?pl=evEDv2qbh0GeSir8AYVTqQ&click_id=mwwy9xuokti&sub_id=push
IP
172.67.205.133:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pl=evEDv2qbh0GeSir8AYVTqQ&click_id=mwwy9xuokti&sub_id=push HTTP/1.1
Host: yjrjw.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 10 May 2024 08:37:38 GMT
content-length: 0
location: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
set-cookie: evEDv2qbh0GeSir8AYVTqQ=16; max-age=345600; path=/; samesite=lax
__pl=f3d5c20f-f830-467b-86fb-89d987031f03; expires=Sun, 10 May 2026 08:37:38 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BKZoBxUPLCEX1xysEnAGuohllq7s%2B2iwx7%2BLA%2BIHXFQjoNF80z4LJNSrAPOJOeCgwiKQ7LD5daWyxu%2FkKvNmCZfoDMrtcxIyRstLxB5lIXrQYf%2BLuUcn1UHPINkZcw0puBoE2VfMTNlB5ixC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88189bc26d8bb4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

yjrjw.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg

104.21.58.39

221 kB

URL
yjrjw.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 977x370, components 3
Size
221 kB (220788 bytes)
Hash
bde3fee065c7408f2ba31b7633552644
75d8d5e0f57af3ac24337d0c496fcc549566c4fc
1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21

HTTP Headers

GET /video-bit/assets/pc-after-video.jpg HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: image/jpeg
content-length: 220788
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-35e74"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9NHBsV7DE0%2BRdmWx7hjiBBJIjFIGfyKZneiwxGPnjyNyQG1lcNXaXMwU8v0BrfHenhY9w1Czr0YGLtOA00ZR63oAnSf%2BHwM0Rn9N3l4S7uvpHoFhBe7TMGGXNPR2x2YZK1xlSM%2Fqy9ob60rCjSU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc56e2256c5-OSL
alt-svc: h3=":443"; ma=86400

yjrjw.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg

104.21.58.39

163 kB

URL
yjrjw.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3
Size
163 kB (162651 bytes)
Hash
2f5daa5004b75049f0bec772965b7943
a1336e046340afce9445ced5e26dc006fd47f6e9
121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63

HTTP Headers

GET /video-bit/assets/pc-sidebar.jpg HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: image/jpeg
content-length: 162651
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27b5b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iI347rox%2FVbgou5yy3G4f1U1NeqIX6rPNqG1ERpzwBQp4CTTmOJbyTxpXREKrklNhhhcyTMhhG2CRWl48GnXubZpnadnKxKvAAOLMQ%2Bf6d3ysDsQ0iaFCcM4%2FX8AKuMJGRO%2B9oFKiTY%2Fz2jD%2F00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc56e2956c5-OSL
alt-svc: h3=":443"; ma=86400

yjrjw.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png

104.21.58.39

160 kB

URL
yjrjw.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced
Size
160 kB (159828 bytes)
Hash
d443d6dbbc102de6552453c20708a93b
591fa73cc4a0406124ca56dce015db983f540a12
60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93

HTTP Headers

GET /video-bit/assets/mobile-after-video.png HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: image/png
content-length: 159828
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27054"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mxVEvy5D9XUb3mOHciz4BynoWmkoKe3BGh5I5IWeNA8PRTBziwwbvP6RorgapWmizmGS1xQR5Ug3SvlKFUpm1dKEGzKdy%2BpUq40cpxotx9YNzxJ5KtnhUmXtKGZ09G6nOKmdF3ZhLbRZL03s4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc56e2756c5-OSL
alt-svc: h3=":443"; ma=86400

yjrjw.check-tl-ver-54-3.com/video-bit/assets/mobile-header.jpg

104.21.58.39

16 kB

URL
yjrjw.check-tl-ver-54-3.com/video-bit/assets/mobile-header.jpg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 623x71, components 3
Size
16 kB (15684 bytes)
Hash
cd2599ebcf088e38b0136da54be6056b
831aa894f796523bb13da5295773fad0adf08a43
bad51e23bda3b86050e80b64301111fb7dab284ef6a5d40bc042f711d6844f5a

HTTP Headers

GET /video-bit/assets/mobile-header.jpg HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: image/jpeg
content-length: 15684
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-3d44"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s56OkutkA23yHbW4LO%2FT%2F%2FMRzjjp%2B0X1ppiTB7tAX7oQZp10JbZi9GlotgFEPGTBasxUseOGv6%2BxOucC%2BuyPWb0JB0lzWKtg9IFlrmkl%2FrRve3KQYYrinpoApe8qOx2RZpthVPYSrCxrJw%2BDH2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc56e1756c5-OSL
alt-svc: h3=":443"; ma=86400

yjrjw.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg

104.21.58.39

78 kB

URL
yjrjw.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x124, components 3
Size
78 kB (78090 bytes)
Hash
7b5471d796895489e8526d789b9d40f6
0239e9afbff1cf03adb273fd5b24e68f17f52659
f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac

HTTP Headers

GET /video-bit/assets/pc-header.jpg HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: image/jpeg
content-length: 78090
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-1310a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lb9nOuSqVQigJBoxa2WNLn8mxMf4MqCx0LTPxL9MOVoh9ARYpGNVjbEWU%2FKoFCdSTtT%2BRiFGqo00AmY9rlK77I8CbvRbtf8gGbCO4OpP5Fl3n9pqF8ksTmJeR%2B03pMx0%2BzDNEr5%2FAseduUcV3jo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc56e1056c5-OSL
alt-svc: h3=":443"; ma=86400

yjrjw.check-tl-ver-54-3.com/video-bit/assets/video.gif

104.21.58.39

1.3 MB

URL
yjrjw.check-tl-ver-54-3.com/video-bit/assets/video.gif
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 300 x 225
Size
1.3 MB (1261197 bytes)
Hash
219f73ae12fc4696639ce99694cb6463
4265f8a22afe580964444a549afab5a07edde5c6
19bc7986406ae576bed6b1ce20044821d45e6377442e0756ea506e17ead6b59c

HTTP Headers

GET /video-bit/assets/video.gif HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: image/gif
content-length: 1261197
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-133e8d"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qbY68qZH%2FPXvToiSQnwR2%2F8MCBRrPIqJH1P%2BsM3dCZVoqhJ0p4m7m%2FQp8ptGBRQKTPEHHX9Q33XZHWuSYJX2JfpwnGO36hViEvLruC%2Br8NKF9zK5%2Ft6%2B6LVAAseg33J3nhQj7gkIubBKZT57lJQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc56e1b56c5-OSL
alt-svc: h3=":443"; ma=86400

yjrjw.check-tl-ver-54-3.com/video-bit/assets/style.css

104.21.58.39

1.9 kB

URL
yjrjw.check-tl-ver-54-3.com/video-bit/assets/style.css
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
1.9 kB (1851 bytes)
Hash
ed5c6f52019ab66fd7e8db93f10d08d8
421b915ae025cb3f498d3a4f45e92557e46e1864
be6d556b888684a37fa81ff2db963d729b92f01c8e04d31f0b7b47ce495fae06

HTTP Headers

GET /video-bit/assets/style.css HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1a3c"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SDXai3HCK2vh3nEOhFb1md9gi5zEW%2BBd%2FVZtCZW9bV3txSfr8f1%2FVwxhDy2etaC1OiSHfBEUY46Bq3g0l71ea7eTYf5M0EvzfJqHy0SHLkIVn%2Fyi4OzAgfEA7peHMpZeVUdgNVFLFihMsRSnOFI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc56e0756c5-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

142.250.74.163

9.3 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (28368)
Size
9.3 kB (9308 bytes)
Hash
9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

HTTP Headers

GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:57:01 GMT
expires: Fri, 09 May 2025 01:57:01 GMT
cache-control: public, max-age=31536000
age: 110438
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.163

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:03:17 GMT
expires: Sat, 10 May 2025 02:03:17 GMT
cache-control: public, max-age=31536000
age: 23662
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

oa.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png

188.114.96.1

160 kB

URL
oa.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced
Size
160 kB (159828 bytes)
Hash
d443d6dbbc102de6552453c20708a93b
591fa73cc4a0406124ca56dce015db983f540a12
60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93

HTTP Headers

GET /video-bit/assets/mobile-after-video.png HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/png
content-length: 159828
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27054"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZhvf4cPrdY6m4LWPlu8HB4%2FoVcW5hMNa%2FBKMRMxAWN5fo7JlfS0tm3FBbOj%2FK7NR%2BcGM1jEHhBQUi%2FeACiNb%2BnEZq92UmPornStHRtxYG4FPNjNOfAXZJ0iePnRUih%2FK8grEOxuzIq%2FIvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc99f480b55-OSL
alt-svc: h3=":443"; ma=86400

oa.check-tl-ver-54-3.com/video-bit/assets/mobile-header.jpg

188.114.96.1

16 kB

URL
oa.check-tl-ver-54-3.com/video-bit/assets/mobile-header.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 623x71, components 3
Size
16 kB (15684 bytes)
Hash
cd2599ebcf088e38b0136da54be6056b
831aa894f796523bb13da5295773fad0adf08a43
bad51e23bda3b86050e80b64301111fb7dab284ef6a5d40bc042f711d6844f5a

HTTP Headers

GET /video-bit/assets/mobile-header.jpg HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/jpeg
content-length: 15684
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-3d44"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fauTxwqsx6YvUqO5lA7kWOdkvo4QaBkon%2BtcCuh9Y%2BfUjX7APhgeN6W5PUnkHF%2FbjvbjG8zyAzTDRk9E6d9CFWUKRvxrsa90Xu7kjrheC0mDoX7eMdo60bWloKdu4AtvBlOHzmxPuFH50ac%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc98f390b55-OSL
alt-svc: h3=":443"; ma=86400

oa.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg

188.114.96.1

78 kB

URL
oa.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x124, components 3
Size
78 kB (78090 bytes)
Hash
7b5471d796895489e8526d789b9d40f6
0239e9afbff1cf03adb273fd5b24e68f17f52659
f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac

HTTP Headers

GET /video-bit/assets/pc-header.jpg HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/jpeg
content-length: 78090
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-1310a"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hB1jd3HooVTqi5AQb1oCh%2FikQ%2FWSRWFNgpbhRUPzz1RHFydeXx7n7l32OpnjswAPdUFazsYH1tIcHbFwEfFDuE8X2gV9FOFWKEmgpHYhlniz6jv6bVWKR0Wt4DyM0eEaOR%2F4Od1WKiN07CI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc98f2e0b55-OSL
alt-svc: h3=":443"; ma=86400

oa.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg

188.114.96.1

163 kB

URL
oa.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3
Size
163 kB (162651 bytes)
Hash
2f5daa5004b75049f0bec772965b7943
a1336e046340afce9445ced5e26dc006fd47f6e9
121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63

HTTP Headers

GET /video-bit/assets/pc-sidebar.jpg HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/jpeg
content-length: 162651
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27b5b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZcEIbCj0Dd5MrBzrosRLXqgOX8OcMJ1SGyrmfzaBQrp9%2F7kgaY0L9UHtsUG1zOUhngdcpHWL4ak%2BMsT5upeQloD5ICm3rC4DGgeSl8dG9q4SL9fmm%2BjS5ZuMujV1O94h3xXL9XciWiDVhsw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc99f500b55-OSL
alt-svc: h3=":443"; ma=86400

oa.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg

188.114.96.1

221 kB

URL
oa.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 977x370, components 3
Size
221 kB (220788 bytes)
Hash
bde3fee065c7408f2ba31b7633552644
75d8d5e0f57af3ac24337d0c496fcc549566c4fc
1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21

HTTP Headers

GET /video-bit/assets/pc-after-video.jpg HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/jpeg
content-length: 220788
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-35e74"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mDOx4ZesvpVECS45tdbN9ahe%2BDfzi%2BszHXplw%2F%2FJnOR%2FDtplxcyXaqXGzDfC0YsEIkL11lXJYgVGWoV%2FChFkvfICfzwEMVvASmgambrbctJ5PJYuBTN4o044kzYAYkOrjrSCan7ou2dokMc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc99f450b55-OSL
alt-svc: h3=":443"; ma=86400

yjrjw.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2

104.21.58.39

1.3 MB

URL
yjrjw.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.3 MB (1262410 bytes)
Hash
7224243dd0b18bb2508a1d77d4b2a0b2
bd833c24aa241861316053fd8bd46a1bef3d343f
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

HTTP Headers

GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:38 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-dee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4009
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EXIpaDxg5x1jw7M3I54%2BcyQINUpED%2Bkgv68QY62kp4bI24kahBk6C%2B0t5GeJz9b5lBvtgxNfnuQQyY6JBEEKUzRfoPLixlsYBJLkWYokFhxUGruDdmCTyTjvSTXUvalxhn8aqd%2Bi0z5QtjoPnGM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc57e2c56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdnstatic.check-tl-ver-54-3.com/ps/config.js?id=evEDv2qbh0GeSir8AYVTqQ

188.114.96.1

9.6 kB

URL
cdnstatic.check-tl-ver-54-3.com/ps/config.js?id=evEDv2qbh0GeSir8AYVTqQ
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (28370), with CRLF, LF line terminators
Size
9.6 kB (9560 bytes)
Hash
dd2ee4bb74245ebe50e3c8c00f257fe4
1d21907a65f443cd44ec09da7924488ba491c8df
b45a2bdd8dc35968239a48b988dd676ff64550c5c060b40af7bcaa1024492b4e

HTTP Headers

GET /ps/config.js?id=evEDv2qbh0GeSir8AYVTqQ HTTP/1.1
Host: cdnstatic.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/
Cookie: __psu=99c0ae9f-0e69-487f-90fd-5dad81997078
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPGgoJabjJYmciRY0sVuLtrL16kJ3astcTrEw9wWfCTXuvEIDhIcKw2zMcclbqDGBoqXL8KhKXUFyOoMcbpJ1AGEj7aStiB%2F%2BwzyGqf79e7jqq48Ain0K4503RFU5F8uxWLcPT7h3H3J24QtqHAH2fRA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bca98ee0b55-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.163

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:03:17 GMT
expires: Sat, 10 May 2025 02:03:17 GMT
cache-control: public, max-age=31536000
age: 23662
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ob.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg

104.21.58.39

78 kB

URL
ob.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x124, components 3
Size
78 kB (78090 bytes)
Hash
7b5471d796895489e8526d789b9d40f6
0239e9afbff1cf03adb273fd5b24e68f17f52659
f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac

HTTP Headers

GET /video-bit/assets/pc-header.jpg HTTP/1.1
Host: ob.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/jpeg
content-length: 78090
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-1310a"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vrANrg4CPXBgG%2BgNTJDfoYAi81AL44zmfaG%2BcH8VKSM%2B1h0zJPF%2BBDKcko5D6gW0QtvAlG5Sq%2FLKDPsjyVHbhtb9fcGOS5y%2FGUW7evo2nQIPH8Ay4z%2Fur5InDCE2bRDNlZTTKKdgLfiOJjc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcc38e156c5-OSL
alt-svc: h3=":443"; ma=86400

oa.check-tl-ver-54-3.com/video-bit/assets/v_F.ico

188.114.96.1

17 kB

URL
oa.check-tl-ver-54-3.com/video-bit/assets/v_F.ico
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
17 kB (16572 bytes)
Hash
183cab2f5d4582ef71ae37efc8d458dd
7c230eba9c1ce7900ea9bbf53dde00ea068dc995
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e

HTTP Headers

GET /video-bit/assets/v_F.ico HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/x-icon
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-47e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IBJZ1TAJPx17TGfYCj6IjqMqiflSuOjnrjGDBzppUdJLrzEVzvhXjql00b5606jpzd8YXal8CK9JUXDpzcmf0CdeRBu0Co2kaqLWiTQ4qVCGixoeR5LXIWDadXMfxl4jcPbqG0enKnF%2BX8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcb39b00b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ob.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg

104.21.58.39

163 kB

URL
ob.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3
Size
163 kB (162651 bytes)
Hash
2f5daa5004b75049f0bec772965b7943
a1336e046340afce9445ced5e26dc006fd47f6e9
121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63

HTTP Headers

GET /video-bit/assets/pc-sidebar.jpg HTTP/1.1
Host: ob.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/jpeg
content-length: 162651
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27b5b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pKX86CVo3t49QyG8vWWTI6DA7qzgYjSRU7VU5j4ITjwNrxPlZKt%2FI1OFLX%2BKyNuV1wyLTTrvMtSmx7e4BIZSEE%2BplPpijPQdBu5QJDFhld7YJYeN01ItAkxNf6IQ2bfnS3q2hP0nWCagXRY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcc490556c5-OSL
alt-svc: h3=":443"; ma=86400

ob.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png

104.21.58.39

160 kB

URL
ob.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced
Size
160 kB (159828 bytes)
Hash
d443d6dbbc102de6552453c20708a93b
591fa73cc4a0406124ca56dce015db983f540a12
60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93

HTTP Headers

GET /video-bit/assets/mobile-after-video.png HTTP/1.1
Host: ob.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/png
content-length: 159828
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27054"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aR1kQDeIdrxM3yFUIYAbTWLGXS3fgXColG2Ede%2BtuCo8Pb0ECoBAqBxEbsvhY6QENwaf%2B9ryTPWC0QGcmlpoCtGTsZKy0QPPZfb2gzJwFnR%2Bco3tVZfQzXRZhVwD6J0DhUXi1eykJwFnvGw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcc48ff56c5-OSL
alt-svc: h3=":443"; ma=86400

ob.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg

104.21.58.39

221 kB

URL
ob.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 977x370, components 3
Size
221 kB (220788 bytes)
Hash
bde3fee065c7408f2ba31b7633552644
75d8d5e0f57af3ac24337d0c496fcc549566c4fc
1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21

HTTP Headers

GET /video-bit/assets/pc-after-video.jpg HTTP/1.1
Host: ob.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/jpeg
content-length: 220788
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-35e74"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TagnVuCaIZRaMTHy9KUpWA%2Bs4kN%2BYxK9uQtCH68zKsm8OK7PRKjHhLwmJJG9q%2FgdakUYKj0KIVyYQ3CxJFD%2BGGNpyM8npB9%2FSCo2NHi2AdflR1%2FqDl56n0zRwUdBbc0T51vdPjKyQ%2FE%2FtAU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcc48f356c5-OSL
alt-svc: h3=":443"; ma=86400

oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558

188.114.96.1

1.3 MB

URL
oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (445), with CRLF line terminators
Size
1.3 MB (1262123 bytes)
Hash
ed5b4a74eaf9de7de46d51d21953a87b
31907e53e698aaf1305093e593af4dad86ae1fdf
5e72c0f8a8788d43991964250a03ffb7864eb2e2e5b24e779c43012741b2519a

HTTP Headers

GET /video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558 HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3A3UN65egknIVgE3y0dv17yioXhxLvRAQ%2FYsAwRscjUwdtFJiFse8x6UOG%2BLxVidjwFB4RZ08llJ%2FSpSTGfL3mq3ccsILlNK4x5CAZcOpKqpSkpKgLFk%2B5PIFwd64I2rrIFBifv9upFW7iA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88189bc8fe6a0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

yjrjw.check-tl-ver-54-3.com/video-bit/assets/v_F.ico

104.21.58.39

10 kB

URL
yjrjw.check-tl-ver-54-3.com/video-bit/assets/v_F.ico
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
10 kB (10196 bytes)
Hash
183cab2f5d4582ef71ae37efc8d458dd
7c230eba9c1ce7900ea9bbf53dde00ea068dc995
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e

HTTP Headers

GET /video-bit/assets/v_F.ico HTTP/1.1
Host: yjrjw.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yjrjw.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/x-icon
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-47e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7G5tZSmKgV0SqbPy%2Fz9suY4Uvy88%2BQBkhAG0gowljR2eSfkasuzQFQ77QRkgZ23bO7s8faq0m30iDJ63b2JQBMbmvHCfP3UaRoZ52%2B2Q5Y4yB%2F4ims2aTlVLpn9l9XQIm1r3FUszOs1He64nZo0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc7391456c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ob.check-tl-ver-54-3.com/video-bit/assets/style.css

104.21.58.39

25 kB

URL
ob.check-tl-ver-54-3.com/video-bit/assets/style.css
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
25 kB (24599 bytes)
Hash
f5947c06d589fcfde0b3a26a281f0b4b
6fbb7c94b82a4d822689a92a8f0318c75a730777
525172b61da53ff8f2e5e7c6d5d6ee75f0281607d4d114c12ae607866d45135a

HTTP Headers

GET /video-bit/assets/style.css HTTP/1.1
Host: ob.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1a3c"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cA1sDrOwCta19t1qhHT%2FGFoj1AjNlszvaAx9HRn8Tygg54izHl960wPbct6sBzl0%2BVgZcF4NY1oaphmKyPgtM1AKNf4Pu0xyQNisR%2FKus0POST3vsWupMSBia2yEPQJwxbgEVai3H%2FOargU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcc38df56c5-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.163

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:03:17 GMT
expires: Sat, 10 May 2025 02:03:17 GMT
cache-control: public, max-age=31536000
age: 23663
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ob.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2

104.21.58.39

7.6 kB

URL
ob.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
7.6 kB (7606 bytes)
Hash
7224243dd0b18bb2508a1d77d4b2a0b2
bd833c24aa241861316053fd8bd46a1bef3d343f
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

HTTP Headers

GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: ob.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-dee"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qFgr4yq8zfKgXW%2BqYgLvp6onN05OKkmz3GnyWJGia2e9ulEdqr2M%2BjpiPxVdjXTfGmr%2BhOkEwk7wRpo5yFyU7divHgAy%2Fx8Cvx9u3%2FK8p8P%2BdqAsvyFNg9kQnvcuMtnLUhGwQIO%2FQ5qLmmw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcc590c56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

oc.check-tl-ver-54-3.com/video-bit/assets/mobile-header.jpg

104.21.58.39

16 kB

URL
oc.check-tl-ver-54-3.com/video-bit/assets/mobile-header.jpg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 623x71, components 3
Size
16 kB (15684 bytes)
Hash
cd2599ebcf088e38b0136da54be6056b
831aa894f796523bb13da5295773fad0adf08a43
bad51e23bda3b86050e80b64301111fb7dab284ef6a5d40bc042f711d6844f5a

HTTP Headers

GET /video-bit/assets/mobile-header.jpg HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/jpeg
content-length: 15684
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-3d44"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0tRf0vtwMWPqV%2BBrA0ec4E%2FToppCbhEvrEW92vphE7MnV1Dk9y7PNPR%2FKlKALANfIvAOukbjoY5sk0IJ3kA8bAWw0X2kfkPbsmp7A4QOfpyc9%2FjmBwUcgJNMehMaEeU8DUuOCXS9wzEZzEk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0dfac56c5-OSL
alt-svc: h3=":443"; ma=86400

oc.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg

104.21.58.39

78 kB

URL
oc.check-tl-ver-54-3.com/video-bit/assets/pc-header.jpg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x124, components 3
Size
78 kB (78090 bytes)
Hash
7b5471d796895489e8526d789b9d40f6
0239e9afbff1cf03adb273fd5b24e68f17f52659
f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac

HTTP Headers

GET /video-bit/assets/pc-header.jpg HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/jpeg
content-length: 78090
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-1310a"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LxlwX7ZhBtGtjS0tD4aBlCtq3h3bHsbEF1SCSeYmu4t6PCcYybSrqQ7S2DbMbv33%2BhVt38%2BwpnucBbuCJpBwFvi18bjpqub4n3uyxniong7hK7oVT%2FHnASQfKcdpzvXONysxgUbCinfKF6Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0dfaa56c5-OSL
alt-svc: h3=":443"; ma=86400

oc.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png

104.21.58.39

160 kB

URL
oc.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced
Size
160 kB (159828 bytes)
Hash
d443d6dbbc102de6552453c20708a93b
591fa73cc4a0406124ca56dce015db983f540a12
60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93

HTTP Headers

GET /video-bit/assets/mobile-after-video.png HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/png
content-length: 159828
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27054"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAxasYiH3S73PYepBYsrgSZauyoju0OvUTBfa8lj0APOhC%2F%2FXXOaCKZLjeFhQQvCFTh2qqwITOoaPyWL%2BLMNtY8HkdIahbQsQOwT5ZpDcqS%2FOZZLnVil6q020dwoGqXRiea3knpBX9B5qIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0dfb756c5-OSL
alt-svc: h3=":443"; ma=86400

oc.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg

104.21.58.39

163 kB

URL
oc.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3
Size
163 kB (162651 bytes)
Hash
2f5daa5004b75049f0bec772965b7943
a1336e046340afce9445ced5e26dc006fd47f6e9
121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63

HTTP Headers

GET /video-bit/assets/pc-sidebar.jpg HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/jpeg
content-length: 162651
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27b5b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TpYJlknKuv37z4PJgN5Xy8JTbUljTZngL4RA2iP%2BTrGr0iLpx8VUxo96T86u%2F0rIdI5aTIgB0nu2nBG3%2Bl8DEZXpylRlT7XxtLSRhqTcBECm3i1ULTYjrbR%2FuprTmbxOh6aZMRWIpG3czNk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0efbb56c5-OSL
alt-svc: h3=":443"; ma=86400

oc.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg

104.21.58.39

221 kB

URL
oc.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 977x370, components 3
Size
221 kB (220788 bytes)
Hash
bde3fee065c7408f2ba31b7633552644
75d8d5e0f57af3ac24337d0c496fcc549566c4fc
1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21

HTTP Headers

GET /video-bit/assets/pc-after-video.jpg HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/jpeg
content-length: 220788
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-35e74"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=niQv2jQpmtTiGGKJQ0CkiRu2%2FNjU%2BU26XRtiOmvF%2Fiv042Lt9ZUuuHzfEgT%2BhEw5euuT06kso%2BvkITlnJ5r8G849WLrKxaD9Q5PhYy9aSCv8sKyAvHD6CGEnZYFHTBz1JPaiNbACuZShrbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0dfb456c5-OSL
alt-svc: h3=":443"; ma=86400

oc.check-tl-ver-54-3.com/video-bit/assets/video.gif

104.21.58.39

1.3 MB

URL
oc.check-tl-ver-54-3.com/video-bit/assets/video.gif
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 300 x 225
Size
1.3 MB (1261197 bytes)
Hash
219f73ae12fc4696639ce99694cb6463
4265f8a22afe580964444a549afab5a07edde5c6
19bc7986406ae576bed6b1ce20044821d45e6377442e0756ea506e17ead6b59c

HTTP Headers

GET /video-bit/assets/video.gif HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: image/gif
content-length: 1261197
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-133e8d"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tuH%2BWQQUr5Yz0OIyHFlFdw4d7imCekkHXEMvTGuGeQP4zEjDvxYrw3lC%2BFRJca1%2BPzVRYfV3z46tBakLJJju1dpgMfRLa2BjM1PI2tztTY2BefABl%2BMx6MX8F%2BdPThfcu9Ugv4CgBCLiPmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0dfaf56c5-OSL
alt-svc: h3=":443"; ma=86400

cdnstatic.check-tl-ver-54-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-54-3.com&timeout=30&tb=true&nrid=6395e15d871a4f89a03b59e6a642a4ee

188.114.96.1

23 kB

URL
cdnstatic.check-tl-ver-54-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-54-3.com&timeout=30&tb=true&nrid=6395e15d871a4f89a03b59e6a642a4ee
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (61629)
Size
23 kB (23091 bytes)
Hash
4889e533d2f884a733b09219feff7536
566afdc9e9437acf41dde9d84e7efb866a2b1392
99cf258c21c6850b6e2f0e3e5283d11ebe5da0eebcb48d14db12ef3c4d2dbed3

HTTP Headers

GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-54-3.com&timeout=30&tb=true&nrid=6395e15d871a4f89a03b59e6a642a4ee HTTP/1.1
Host: cdnstatic.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/
Cookie: __psu=99c0ae9f-0e69-487f-90fd-5dad81997078
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UWfvH2CPtYGlVZTgIRvKmfQ7JmKzmVo%2BoTDCUT%2BO6n%2B1VTcHsl%2FbR2k9qnh4vekB4Jc5iZ9S3%2FPvj7dHeAPTyvIYq%2ByJPaQC%2BWJPsrS%2Bv%2BeiGYcdAJuvL0MyxmkoWyY8Sia8QIGli43xG2e3V04oC7ru"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd17b0b0b55-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.163

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:03:17 GMT
expires: Sat, 10 May 2025 02:03:17 GMT
cache-control: public, max-age=31536000
age: 23663
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdnstatic.check-tl-ver-54-3.com/ps/config.js?id=evEDv2qbh0GeSir8AYVTqQ

188.114.96.1

16 kB

URL
cdnstatic.check-tl-ver-54-3.com/ps/config.js?id=evEDv2qbh0GeSir8AYVTqQ
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
16 kB (15936 bytes)
Hash
deee9dd13fdba173b412203922cc8e0c
d32854390e63837becbf9af9013beac04abd4b63
740ebbc952e2b0ee1f1cbba22ab7279da6a0c8713df6266848a2a499b5984f68

HTTP Headers

GET /ps/config.js?id=evEDv2qbh0GeSir8AYVTqQ HTTP/1.1
Host: cdnstatic.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/
Cookie: __psu=99c0ae9f-0e69-487f-90fd-5dad81997078
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BMORwm6O9m5je7iNGFkQ02fM7aVqX98GZ5Uq6ithLotrsxNDjzkxXmNLEnnLPUd4U1t28RugJGiZOfPdowTk2v%2Br8nlQ6pr9HMNPUgkLbpB3ZR%2F7E32HAZeMQf6MCb2%2FvxNpHXzlaPgEVfNpc3U18M6h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd22bd90b55-OSL
alt-svc: h3=":443"; ma=86400

od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558

104.21.58.39

79 kB

URL
od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (445), with CRLF line terminators
Size
79 kB (79016 bytes)
Hash
ed5b4a74eaf9de7de46d51d21953a87b
31907e53e698aaf1305093e593af4dad86ae1fdf
5e72c0f8a8788d43991964250a03ffb7864eb2e2e5b24e779c43012741b2519a

HTTP Headers

GET /video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558 HTTP/1.1
Host: od.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:41 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PDHY7zfFp58xNudyx5r1FrG%2BGUwuiamnix%2FLdpX%2BkloP%2FytysqI1gyabEXCP6qCT8U2HWO0R4ZoQLPDP%2B2V%2FNcAJogemIdldhja7AVBkgoFmH1%2BO4UIgj9lXjBrkACUq3Nwi2wshrHy%2Bh7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88189bd35be256c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

od.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png

104.21.58.39

160 kB

URL
od.check-tl-ver-54-3.com/video-bit/assets/mobile-after-video.png
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced
Size
160 kB (159828 bytes)
Hash
d443d6dbbc102de6552453c20708a93b
591fa73cc4a0406124ca56dce015db983f540a12
60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93

HTTP Headers

GET /video-bit/assets/mobile-after-video.png HTTP/1.1
Host: od.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:41 GMT
content-type: image/png
content-length: 159828
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27054"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=INqQ9boiXZjeA7pZjDVKokHxugbAAS80JZbirlGJoLrQY82Lx1MlgUkixnDGUNWM81KEAUMzY9x2GwBK1b7FG1mCblYRFYMKtRiA%2F6s48QpRTw0m31RUrG03uucDUpytdwGG9ty1nLLv3oU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd41d5156c5-OSL
alt-svc: h3=":443"; ma=86400

od.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg

104.21.58.39

163 kB

URL
od.check-tl-ver-54-3.com/video-bit/assets/pc-sidebar.jpg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3
Size
163 kB (162651 bytes)
Hash
2f5daa5004b75049f0bec772965b7943
a1336e046340afce9445ced5e26dc006fd47f6e9
121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63

HTTP Headers

GET /video-bit/assets/pc-sidebar.jpg HTTP/1.1
Host: od.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:41 GMT
content-type: image/jpeg
content-length: 162651
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-27b5b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7CQD40wQzQbafUw%2F5MFL8kaXgJhesvw7s2jxUlbRcZ25Nd6X1p0vUi%2BR%2FHj1XSXWnTgfnWIvzHC5EEHsdUC7iU1vxW%2FC9bO2%2F3gBKGPiEkJ4tVtSHSEcjhfYkexiXlOkXd8JlqonTZByP1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd41d5656c5-OSL
alt-svc: h3=":443"; ma=86400

od.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg

104.21.58.39

221 kB

URL
od.check-tl-ver-54-3.com/video-bit/assets/pc-after-video.jpg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 977x370, components 3
Size
221 kB (220788 bytes)
Hash
bde3fee065c7408f2ba31b7633552644
75d8d5e0f57af3ac24337d0c496fcc549566c4fc
1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21

HTTP Headers

GET /video-bit/assets/pc-after-video.jpg HTTP/1.1
Host: od.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:41 GMT
content-type: image/jpeg
content-length: 220788
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-35e74"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wHDa7WSerAt%2BVTfqG6qdumkzK1MN03HQ2XR7AtiB2Eg4Lem4grErFqUqbsKwotNIBJmIMVugx4kddKesQBBaeOaIPzwC3DNQxOzHV4zkqYvtqayxX%2FuuKbZjZXlKvC4%2B%2BD%2Bbw9gTAuZTRJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd41d4c56c5-OSL
alt-svc: h3=":443"; ma=86400

od.check-tl-ver-54-3.com/video-bit/assets/video.gif

104.21.58.39

1.3 MB

URL
od.check-tl-ver-54-3.com/video-bit/assets/video.gif
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 300 x 225
Size
1.3 MB (1261197 bytes)
Hash
219f73ae12fc4696639ce99694cb6463
4265f8a22afe580964444a549afab5a07edde5c6
19bc7986406ae576bed6b1ce20044821d45e6377442e0756ea506e17ead6b59c

HTTP Headers

GET /video-bit/assets/video.gif HTTP/1.1
Host: od.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:41 GMT
content-type: image/gif
content-length: 1261197
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-133e8d"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zx0dNqNda2ULN6P9D7t1mxc2k%2BhzDVKwANwHM9Nn82wkPyMUqidnt8BRbqQHOf6XSF26jxIreL2EdzI8ncVHTKTkbu9Ec9GsiukQeJz81pBBv1QuGcoaMIhY72Nse0QIHQE%2Bdi4DVP3Gjl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd41d4856c5-OSL
alt-svc: h3=":443"; ma=86400

od.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2

104.21.58.39

10 kB

URL
od.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
10 kB (10521 bytes)
Hash
7224243dd0b18bb2508a1d77d4b2a0b2
bd833c24aa241861316053fd8bd46a1bef3d343f
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

HTTP Headers

GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: od.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:41 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-dee"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3fZpePW4kyjtHkxVaczOg5hCZgkC2bvZpSHNlKWlVFufN7OXJnTlgisjS03fK9siqwhInEvGLDK%2Bq9FnTzkvHY7KPQv5GUgltt%2FY1LDhWvicSa4uKel96SoMCO1nxFXX%2BcAiPuDXdGAW1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd42d6356c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.163

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://od.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:03:17 GMT
expires: Sat, 10 May 2025 02:03:17 GMT
cache-control: public, max-age=31536000
age: 23664
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback

185.155.186.17

200 OK

4.8 kB

URL User Request GET HTTP/1.1
sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (533), with CRLF line terminators
Size
4.8 kB (4755 bytes)
Hash
e9fbc45f4200f05f6509dc3cc2383d2d
4135d4ec1239dd296a0f28c43bd234699053e9ed
11ffe79b165b16b983f28ee1c57f7ccdfa6fd66c4a0827e73fedf704f166a058

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:41 GMT
Content-Type: text/html
Content-Length: 4755
Connection: keep-alive
set-cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v; path=/
cache-control: private, no-transform

sexcool-dating.life/media/dating/dirtysinder/css/style.css

185.155.186.17

200 OK

16 kB

URL GET HTTP/1.1
sexcool-dating.life/media/dating/dirtysinder/css/style.css
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type
ASCII text, with CRLF line terminators
Size
16 kB (15885 bytes)
Hash
fdf9ef7b632886c1ab15b32f6196cc81
4026acd6911dd4c6c3557cc5eea0a019a22ecb5a
9c0fba4352f346a81523df1f943addecb49b9f082cd6fee3962b1681a7fbd5f5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/dirtysinder/css/style.css HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:41 GMT
Content-Type: text/css
Content-Length: 15885
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "fdf9ef7b632886c1ab15b32f6196cc81"
Last-Modified: Mon, 20 Feb 2023 09:31:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17CE136FB73F3D2F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843512#999936088/gid:0/gname:root/mode:33188/mtime:1655386830#645185000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:30.645185Z
Expires: Sat, 10 May 2025 08:37:41 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

ob.check-tl-ver-54-3.com/video-bit/assets/spinning-circles2.svg

104.21.58.39

1.2 kB

URL
ob.check-tl-ver-54-3.com/video-bit/assets/spinning-circles2.svg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image
Size
1.2 kB (1215 bytes)
Hash
14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

HTTP Headers

GET /video-bit/assets/spinning-circles2.svg HTTP/1.1
Host: ob.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ob.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: image/svg+xml
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1f7"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Z8JgPD2yjiZOB%2BN0z5jubuIJLL6%2Bt%2BdXIjZerKb61XDfO8q3Q%2F5UCkxVuG3VbvRq5E2fZY2LUtGMT%2BASA7g78VCkbsKqp3vrY2%2BaQ5%2B5dF9XHD%2BgbLbfsPJEpH%2BlRU9Ahhu4zFU0VTAqG8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bcc48ec56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

sexcool-dating.life/media/exit-new/exit1.js

185.155.186.17

200 OK

3.5 kB

URL GET HTTP/1.1
sexcool-dating.life/media/exit-new/exit1.js
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type
JavaScript source, ASCII text, with very long lines (641), with CRLF line terminators
Size
3.5 kB (3473 bytes)
Hash
625e5e2950612f771e246beb33c9ea61
e4fc251c6c000496c285f8dc3fa097040b031681
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/exit-new/exit1.js HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: text/javascript
Content-Length: 3473
Connection: keep-alive
ETag: "625e5e2950612f771e246beb33c9ea61"
Last-Modified: Tue, 21 Nov 2023 12:30:04 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CE12F08105EEC9
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223389#507714946/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

sexcool-dating.life/util/utils.js

185.155.186.17

200 OK

7.5 kB

URL GET HTTP/1.1
sexcool-dating.life/util/utils.js
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type
JavaScript source, ASCII text, with very long lines (641), with CRLF line terminators
Size
7.5 kB (7512 bytes)
Hash
01816d15ca03032751161a746e2fb7c3
dcc72ea5fa1356490ba473288159df9786b4a3c3
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /util/utils.js HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: application/javascript
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Mon, 20 Feb 2023 09:36:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17CE12E09E78D129
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676885559#334512232/gid:0/gname:root/mode:33188/mtime:1659085489#684136000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:04:49.684136Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700

142.250.74.170

200 OK

1.3 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
1.3 kB (1251 bytes)
Hash
f9c11e2690d9b940a3cedc2171125a68
127ee283462829eeb8e74f83e634dbc3387b201d
f378201c6b6844df8a8fe7f0d698d64948940b232b14cfd7e7e783454158bfe6

HTTP Headers

GET /css?family=Monoton|Raleway:400,700|Roboto:300,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 08:37:42 GMT
date: Fri, 10 May 2024 08:37:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sexcool-dating.life/media/dating/dirtysinder/js/main.js

185.155.186.17

200 OK

3.1 kB

URL GET HTTP/1.1
sexcool-dating.life/media/dating/dirtysinder/js/main.js
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type
JavaScript source, ASCII text
Size
3.1 kB (3141 bytes)
Hash
4ff0f5ad435331f44d0b0691647bc6f9
ab7dd8e1113df02e4783dc4a714d644fe939984d
2c03acf3d158e2105bd0881aab875eadf0cca1167beb22d930888b28f34ae5a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/dirtysinder/js/main.js HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: application/javascript
Content-Length: 3141
Connection: keep-alive
ETag: "4ff0f5ad435331f44d0b0691647bc6f9"
Last-Modified: Wed, 20 Sep 2023 15:22:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CE136FE3FD1F48
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134505#148011626/gid:0/gname:root/mode:33188/mtime:1659086093#41156000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:14:53.041156Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

sexcool-dating.life/media/dating/dirtysinder/js/trls.js

185.155.186.17

200 OK

18 kB

URL GET HTTP/1.1
sexcool-dating.life/media/dating/dirtysinder/js/trls.js
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type
Unicode text, UTF-8 text
Size
18 kB (17753 bytes)
Hash
0d71a75c3acc2f59514014dd333c64c8
4b24c64041e32ea6853f313f7196740d6c33fabd
1a7eb7795296faf56df1f30f1c6771b7eaa9290c60127e3e9d86696668ea48c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/dirtysinder/js/trls.js HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: application/javascript
Content-Length: 17753
Connection: keep-alive
ETag: "0d71a75c3acc2f59514014dd333c64c8"
Last-Modified: Wed, 20 Sep 2023 15:22:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CE13C90052B9BB
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134505#148011626/gid:0/gname:root/mode:33188/mtime:1659086093#225156000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:14:53.225156Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

oc.check-tl-ver-54-3.com/video-bit/assets/style.css

104.21.58.39

42 kB

URL
oc.check-tl-ver-54-3.com/video-bit/assets/style.css
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
42 kB (42258 bytes)
Hash
0c508c2c2b28bc8a667a9adff0c07ea2
dfe0812898bc6294d8309254382c468d91218ae3
e7d1b6766481e1c1cb75e8888cfaf43413adba5b54d41fd84ac1494195c563ac

HTTP Headers

GET /video-bit/assets/style.css HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1a3c"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQJq%2Fdq1%2BPRTv2bPKOp1ZLwi508Yb9sJz73e4%2FLgTullLCSDkb4EARTm4dd8JUwjOozYpgCctLrPVAWtir6%2Fxp96MqAvoz1%2BOAh5XGZwNBVGFleEnNA4bfDFXPb0tmeO9CFCtCrPHrkh3Ck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0dfa556c5-OSL
alt-svc: h3=":443"; ma=86400

sexcool-dating.life/media/dating/dirtysinder/js/jquery-2.2.4.min.js

185.155.186.17

200 OK

86 kB

URL GET HTTP/1.1
sexcool-dating.life/media/dating/dirtysinder/js/jquery-2.2.4.min.js
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
86 kB (85578 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/dirtysinder/js/jquery-2.2.4.min.js HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: application/javascript
Content-Length: 85578
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "2f6b11a7e914718e0290410e85366fe9"
Last-Modified: Mon, 20 Feb 2023 09:31:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17CE136FE4506C57
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676801238#996470130/gid:0/gname:root/mode:33188/mtime:1659086092#969156000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:14:52.969156Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

oc.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2

104.21.58.39

5.7 kB

URL
oc.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
5.7 kB (5662 bytes)
Hash
7224243dd0b18bb2508a1d77d4b2a0b2
bd833c24aa241861316053fd8bd46a1bef3d343f
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

HTTP Headers

GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: oc.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oc.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:40 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-dee"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lMheA49YdW5RLmpRV8GsSTCh2qsByFw8j5Aj6Komx4EKBPgb1QR%2FBl%2BPpJ6tKymliRTkroC2BTnldAiRCK%2FRIBxXKNSW9psRbjVetm8RBUu7cHHqhnl%2FhnbmeQLdY3NMeQb6rGJ9GQMioSM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd0efbe56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

sexcool-dating.life/media/dating/dirtysinder/images/2.jpg

185.155.186.17

200 OK

124 kB

URL GET HTTP/1.1
sexcool-dating.life/media/dating/dirtysinder/images/2.jpg
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1928x988, components 3
Size
124 kB (124409 bytes)
Hash
5dbe2191356b93f88f1d7bf68e119848
5f2c28df3272384c709af2752dc74d266adf9543
2949d919c1cbfea9a960e5a7a9fe4fe5086c1f9073c278d7e653980917a5a740

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/dirtysinder/images/2.jpg HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: image/jpeg
Content-Length: 124409
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5dbe2191356b93f88f1d7bf68e119848"
Last-Modified: Mon, 20 Feb 2023 09:31:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17CE13701C8F648E
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843512#999936088/gid:0/gname:root/mode:33188/mtime:1655386828#689181000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:28.689181Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

sexcool-dating.life/media/dating/dirtysinder/images/3.jpg

185.155.186.17

200 OK

149 kB

URL GET HTTP/1.1
sexcool-dating.life/media/dating/dirtysinder/images/3.jpg
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1928x988, components 3
Size
149 kB (149377 bytes)
Hash
1d9b9c419c00167969ce9b891aeb923b
f28345bb8b79013536cc78f84b32147ae0f214d2
8f31c428593d808f5dd1697233414338d03fdc0f7f88334ef3be339efc2ebda2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/dirtysinder/images/3.jpg HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: image/jpeg
Content-Length: 149377
Connection: keep-alive
ETag: "1d9b9c419c00167969ce9b891aeb923b"
Last-Modified: Wed, 20 Sep 2023 15:22:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CE13701A3C2554
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134505#144011613/gid:0/gname:root/mode:33188/mtime:1655386828#841181000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:28.841181Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sexcool-dating.life
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:32:46 GMT
expires: Fri, 09 May 2025 02:32:46 GMT
cache-control: public, max-age=31536000
age: 108296
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sexcool-dating.life/util/flag-icon/flags/4x3/no.svg

185.155.186.17

200 OK

331 B

URL GET HTTP/1.1
sexcool-dating.life/util/flag-icon/flags/4x3/no.svg
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type
SVG Scalable Vector Graphics image
Size
331 B (331 bytes)
Hash
c7ecfe59439b5fd23924fd206cf2fded
056fbd2b17c7f08bfb480d21973a96bf86fbd72a
4027f3320608508754640a6de4cb1cdabdef4654b5a214e875c134802345683f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /util/flag-icon/flags/4x3/no.svg HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/util/flag-icon/css/flag-icon.css
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: image/svg+xml
Content-Length: 331
Connection: keep-alive
ETag: "c7ecfe59439b5fd23924fd206cf2fded"
Last-Modified: Tue, 21 Nov 2023 12:30:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CE13C90CB22F4A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223577#340125150/gid:0/gname:root/mode:33188/mtime:1655386305#848080000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:45.84808Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

sexcool-dating.life/media/dating/dirtysinder/images/1.jpg

185.155.186.17

200 OK

145 kB

URL GET HTTP/1.1
sexcool-dating.life/media/dating/dirtysinder/images/1.jpg
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1928x988, components 3
Size
145 kB (144999 bytes)
Hash
d7c3dbb1072324f863945d8511916660
ca9bb3432a9e5ac9faabe45c62c4405bf76cc7c1
37a751df9353725b7e06bec81bc5c9f42c77c21701e4717465a13f4df5c0540d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/dirtysinder/images/1.jpg HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: image/jpeg
Content-Length: 144999
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "d7c3dbb1072324f863945d8511916660"
Last-Modified: Mon, 20 Feb 2023 09:31:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17CE13C909904360
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843512#995936083/gid:0/gname:root/mode:33188/mtime:1655386827#657179000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:27.657179Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48336, version 1.0
Size
48 kB (48336 bytes)
Hash
bfe7ad4aa54cff8909b2d7632073cc30
7c2e625bea4d449ca78cde09ab59dc6c9cb4726f
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

HTTP Headers

GET /s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sexcool-dating.life
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 16:38:17 GMT
expires: Fri, 09 May 2025 16:38:17 GMT
cache-control: public, max-age=31536000
age: 57565
last-modified: Wed, 01 May 2024 20:31:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sexcool-dating.life/favicon.ico

185.155.186.17

204 No Content

0 B

URL GET HTTP/1.1
sexcool-dating.life/favicon.ico
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Connection: keep-alive
Cache-Control: no-transform

od.check-tl-ver-54-3.com/video-bit/assets/spinning-circles2.svg

104.21.58.39

12 kB

URL
od.check-tl-ver-54-3.com/video-bit/assets/spinning-circles2.svg
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image
Size
12 kB (11566 bytes)
Hash
14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

HTTP Headers

GET /video-bit/assets/spinning-circles2.svg HTTP/1.1
Host: od.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://od.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:41 GMT
content-type: image/svg+xml
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1f7"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mxp7y%2FSEby%2Bo3nIbJ85vFVfxwJn%2B%2BX6P1ECK3ToUOTmjsH1U1DAFcSp6Y%2Fu9C0oOAuEeR0v8Qx0f4hKRHHCmG2%2BWdB36OSamFLbn2JticQ0Td9tFTV1pJ8SnIZbUsLTEUG%2Bl0a0Q2pshLww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bd41d4a56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

oa.check-tl-ver-54-3.com/video-bit/assets/style.css

188.114.96.1

10 kB

URL
oa.check-tl-ver-54-3.com/video-bit/assets/style.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
10 kB (10484 bytes)
Hash
95b0195aa5e091746b0fe0750094344b
d723203c88e2507a1a93341aca1682b71870f839
d489d8c757cd917acd06a4de3711b6ea2fdc51885186023e48a6a7be321415dd

HTTP Headers

GET /video-bit/assets/style.css HTTP/1.1
Host: oa.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oa.check-tl-ver-54-3.com/video-bit/?pl=evEDv2qbh0GeSir8AYVTqQ&sm=video-bit&click_id=mwwy9xuokti&sub_id=push&nrid=6395e15d871a4f89a03b59e6a642a4ee&hash=c4qOR7S7J7WnkHwleVab-w&exp=1715330558
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:39 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1a3c"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2BiGWlWJGW9JzfMKs5M5RvvjNSUhsoIXl76Q3ZWMzfu4JB%2F5nbWHmM4OamvDq2Xqragnq%2F07bHdAI2RH4XNeTKHpKjSOqpLBOXC11uXKZHaUJ8sPj%2Fl%2Fr5bNSWupS%2B58a8boKTo%2BFFxkRk4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189bc98f2a0b55-OSL
alt-svc: h3=":443"; ma=86400

sexcool-dating.life/media/dating/dirtysinder/images/logo-loveme_black1.svg

185.155.186.17

200 OK

4.4 kB

URL GET HTTP/1.1
sexcool-dating.life/media/dating/dirtysinder/images/logo-loveme_black1.svg
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type
SVG Scalable Vector Graphics image
Size
4.4 kB (4449 bytes)
Hash
dd7c878edba4cdb49d5f62fa54c32c1f
809cf681db218d93e82a9cd129b84e51b4849f62
7e8874640758a3442b5ebc4cd548fc41c6e10a39212ba0b25592d8c80dd5cc5e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/dirtysinder/images/logo-loveme_black1.svg HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: image/svg+xml
Content-Length: 4449
Connection: keep-alive
ETag: "586f137204e47e4f50e5492ae49dd67c"
Last-Modified: Tue, 21 Nov 2023 12:29:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CE136FE2DE1541
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223323#383566011/gid:0/gname:root/mode:33188/mtime:1655386830#429185000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:30.429185Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

sexcool-dating.life/media/bb.js

185.155.186.17

200 OK

639 B

URL GET HTTP/1.1
sexcool-dating.life/media/bb.js
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type
ASCII text, with very long lines (646), with no line terminators
Size
639 B (639 bytes)
Hash
3c6fc6bd71ed6acb63511a3ac2482c21
f13c5518659a2eef705ab5f01d1527d5dbc9af7b
7594d10aa0d238eae772197c8c676c270c551ba780cea720c52435af146c28e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/bb.js HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: application/javascript
Content-Length: 639
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0d553e4bac91c74bfee2dbabba61e99e"
Last-Modified: Mon, 20 Feb 2023 09:29:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17CE139B28E259F6
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676832256#258761277/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.852764Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

sexcool-dating.life/util/flag-icon/css/flag-icon.css

185.155.186.17

200 OK

41 kB

URL GET HTTP/1.1
sexcool-dating.life/util/flag-icon/css/flag-icon.css
IP
185.155.186.17:443
ASN
#203639 Teknology SA

Requested by
https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Certificate
IssuerLet's Encrypt
Subjectsexcool-dating.life
Fingerprint22:B5:35:92:14:38:B9:4F:CA:0B:4A:4F:BE:C5:A5:27:D1:93:3D:50
ValidityFri, 29 Mar 2024 15:34:29 GMT - Thu, 27 Jun 2024 15:34:28 GMT

File type
ASCII text, with CRLF line terminators
Size
41 kB (40627 bytes)
Hash
0a47b937981e7389e3ebe63e4a503066
01b395ad016a1d9d15016d765f7d2c51a6e2809b
d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /util/flag-icon/css/flag-icon.css HTTP/1.1
Host: sexcool-dating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sexcool-dating.life/?u=6rmk607&o=u55txe1&t=ezmob-teaser-tback
Cookie: sid=t3~m0av2uwuckjwwgquqb0jhd5v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:37:42 GMT
Content-Type: text/css
Content-Length: 40627
Connection: keep-alive
ETag: "0a47b937981e7389e3ebe63e4a503066"
Last-Modified: Wed, 20 Sep 2023 15:26:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CE13B44D499496
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134513#296037122/gid:0/gname:root/mode:33188/mtime:1655386274#684017000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:14.684017Z
Expires: Sat, 10 May 2025 08:37:42 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (67)