Report - 9tsu.cc/sekaju240106

Report Overview

Visited public
2024-01-06 13:30:56
Tags
URL
9tsu.cc/sekaju240106
Finishing URL
9tsu.cc/sekaju240106
IP / ASN
172.67.141.28
#13335 CLOUDFLARENET
Title
世界一受けたい授業動画　1月6日 - 動画 9tsu - 9tsu.cc

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
apis.google.com	105	1997-09-15	2013-05-06 22:20:21	2024-01-06 00:16:13	3.3 kB	214 kB	216.58.207.206
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2024-01-05 18:40:23	708 B	1.3 kB	173.194.222.84
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-01-06 09:15:23	2.7 kB	518 kB	142.250.74.168
unkinpigsty.com	unknown	2023-06-12	2023-06-12 14:05:55	2023-10-30 05:41:16	411 B	1.4 kB	23.109.248.166
tealsgenevan.com	unknown	2023-09-20	2023-09-20 14:53:37	2023-10-13 00:20:16	2.3 kB	2.9 kB	23.109.82.24
kingdomfreemarathon123.best	unknown	unknown	No data	No data	527 B	1.4 MB	104.21.48.153
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2024-01-06 12:43:20	895 B	63 kB	142.250.74.170
mammocksambos.com	unknown	2022-12-02	2022-12-02 11:24:08	2023-11-05 19:18:04	407 B	1.1 kB	23.109.248.5
wordplaynevadax.shop	unknown	unknown	No data	No data	2.0 kB	110 kB	188.114.96.1
9tsu.cc	unknown	unknown	No data	No data	17 kB	1.2 MB	104.21.54.188
kingdomfreerun23.best	unknown	2023-12-11	2023-12-12 13:17:06	2023-12-30 08:16:35	521 B	894 kB	104.21.56.6
ssl.p.jwpcdn.com	2512	2012-08-07	2017-01-30 06:00:14	2024-01-06 07:49:42	1.4 kB	311 kB	151.101.66.114
ssl.gstatic.com	unknown	2008-02-11	2012-05-23 08:57:57	2024-01-05 12:36:58	446 B	13 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-01-06 13:30:25	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2024-01-06 13:30:25	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-01-06	medium	kingdomfreemarathon123.best	Sinkholed

ThreatFox

No alerts detected

JavaScript (53)

	URL	From	Size	First Seen	Last Seen
	9tsu.cc/sekaju240106	ScriptElement	145 B	2024-08-20	2025-02-20
Pretty URL 9tsu.cc/sekaju240106 IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 13:47 Last Seen2025-02-20 06:40 Times Seen2 Hash e14fac66073bf1d545890337e71dac3c 6e38b66fff610f768cafde8fac65c5ca749d032d b62be1d3cae6b125abd8ecfcbd60d7e8d00d8a5484ea6e9fda2297548acab5f1 Loading...

	unkinpigsty.com/rt8R8Py6Txt/69610	ScriptElement	0 B	0001-01-01	2025-06-05
Pretty URL unkinpigsty.com/rt8R8Py6Txt/69610 IP 23.109.248.166 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-06-05 18:23 Times Seen4855697 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js	ScriptElement	12 kB	2023-09-06	2024-08-21
Pretty URL ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-06 15:46 Last Seen2024-08-21 07:24 Times Seen1994 Hash 92169c8a0fbf6e404267d0705cdbdf42 a5cd88b74ca5ced239cdbfb458fe25540d671f46 dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384 Loading...

	tealsgenevan.com/tY2UNcHJHrr46DKxZ/70329	ScriptElement	5 B	2023-03-07	2025-06-05
Pretty URL tealsgenevan.com/tY2UNcHJHrr46DKxZ/70329 IP 23.109.82.24 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-06-05 14:21 Times Seen6205 Hash f7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Loading...

	9tsu.cc/sekaju240106	ScriptElement	119 B	2024-01-06	2025-06-02
Pretty URL 9tsu.cc/sekaju240106 IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-06 14:31 Last Seen2025-06-02 14:20 Times Seen3 Hash 6c8a925bbb497171a50a662e8ab3a581 aaf9184762968ea8b633e6dbd5c998925e17271a b7285a396fc21b2a5289f965c8e156732e4bd36fd23cbc9ac98cd1e5edbe42e8 Loading...

	9tsu.cc/wp-content/plugins/cactus-video/js/lazysizes.min.js	ScriptElement	6.4 kB	2023-03-08	2025-06-02
Pretty URL 9tsu.cc/wp-content/plugins/cactus-video/js/lazysizes.min.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:44 Last Seen2025-06-02 14:20 Times Seen15 Hash f0c46c11739b06e1b00ecc19ba2d5784 75660be8a04d78603781953ba465575446515583 ef69f96ed87e0602ffe70207416db3807956b628f46866f2cdd92263fd64ba88 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-06-05
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-05 18:21 Times Seen349548 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	9tsu.cc/wp-content/plugins/cactus-video/js/lightbox/lightbox.js	ScriptElement	6.6 kB	2023-10-30	2025-06-02
Pretty URL 9tsu.cc/wp-content/plugins/cactus-video/js/lightbox/lightbox.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-30 05:41 Last Seen2025-06-02 14:20 Times Seen5 Hash 21eb98243fb82c1e1d7532a893333bdd aee612a9ed633723e94d875bc7b5c5d7eed04caa c32439ec30b3477ba0dc59dde5d67f17e2d756676726cbc1cc47c6d7bdd03622 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-06-05
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-05 18:04 Times Seen112059 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	www.googletagmanager.com/gtag/js?id=UA-210615202-2	ScriptElement	193 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=UA-210615202-2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 13:47 Last Seen2024-08-20 13:47 Times Seen1 Hash 49b7a15aed9f01a49880a3772353f9ed 21e5100d75f73a0829f3b44587d69425d079f8f0 b4773dbdd9af44c05d30fb1224a95cb324f2abc989f7fdc83babf4c69d91a8a0 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js	ScriptElement	88 kB	2023-08-31	2025-06-05
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03 Last Seen2025-06-05 18:23 Times Seen38040 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

	9tsu.cc/wp-content/themes/9tsu/js/bootstrap-lib.js	ScriptElement	18 kB	2024-01-06	2025-02-20
Pretty URL 9tsu.cc/wp-content/themes/9tsu/js/bootstrap-lib.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-06 14:31 Last Seen2025-02-20 06:40 Times Seen3 Hash 56cb110e4544d9a91ded126098f2598b 240276b09f4b5e7bb7d5ec01f3ac319e6e5a7be2 96fa4669e2c2be3d615a18f48335f579a36aae2cd9ec74376d25819031e0e70e Loading...

	9tsu.cc/sekaju240106	ScriptElement	2.2 kB	2024-08-20	2025-02-20
Pretty URL 9tsu.cc/sekaju240106 IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 13:47 Last Seen2025-02-20 06:40 Times Seen2 Hash 5ec84454560df8fd10f6d468552b8043 4787e8777d9caf42e251fcbca1e9ce21dc067f63 4b9399f11b74a159ed3f14ad8990732f5d2d493d028bcb6adc66286d1eebc8c4 Loading...

	9tsu.cc/wp-content/plugins/cactus-video/js/custom.js	ScriptElement	43 kB	2024-01-06	2025-02-20
Pretty URL 9tsu.cc/wp-content/plugins/cactus-video/js/custom.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-06 14:31 Last Seen2025-02-20 06:40 Times Seen3 Hash 4518925e2de2c2d71ab1dbbb0c436d22 73468ddc4c5fc6d9d72f7113054733a7636a9e09 d973ae2fe868573d80f4313f3debb575c80885ed6e969be974fe85606b9c8809 Loading...

	mammocksambos.com/1clkn/36427	ScriptElement	6 B	2023-03-07	2025-06-05
Pretty URL mammocksambos.com/1clkn/36427 IP 23.109.248.5 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-05 14:31 Times Seen13133 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	9tsu.cc/sandbox%20eval%20code		147 B	2023-04-11	2025-06-05
Pretty URL 9tsu.cc/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-05 18:21 Times Seen350314 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	ssl.p.jwpcdn.com/player/v/8.21.1/provider.hlsjs.js	ScriptElement	419 kB	2023-03-13	2025-04-17
Pretty URL ssl.p.jwpcdn.com/player/v/8.21.1/provider.hlsjs.js IP 151.101.66.114 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:35 Last Seen2025-04-17 20:05 Times Seen141 Hash cca80809ef0cbbcc4f041e58f4247d4f f750242c34bbc18b03599dbef139a7786bc55f0f 65cec34b3d60fdcb098eae1a552d3f4a7568f22ae8bd989aa45b264ab8bab154 Loading...

	9tsu.cc/sekaju240106	ScriptElement	108 B	2023-03-07	2025-06-04
Pretty URL 9tsu.cc/sekaju240106 IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-04 22:59 Times Seen933 Hash 2231d6e8d067a5cd22231e45e01e55de c9853ded0a5ac22d145c255b7e82f4c68e551a88 a96d6ca55569b0fb36fb7b9bfc2378f8c0cb651f41ea58af668175d44756fc50 Loading...

	9tsu.cc/wp-content/plugins/cactus-rating/js/jquery.raty-fa.js	ScriptElement	14 kB	2023-10-30	2025-06-02
Pretty URL 9tsu.cc/wp-content/plugins/cactus-rating/js/jquery.raty-fa.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-30 05:41 Last Seen2025-06-02 14:20 Times Seen5 Hash 4e6580deb08076ae1749af1f31b64c6c 80d23c5979eb629ae5f24a5def9633af8c7fd7d1 90a3a1938a084374d21e8567ca7ecf28ccf08a384fbbda10f8c3bb7f06067803 Loading...

	9tsu.cc/wp-content/themes/9tsu/inc/megamenu/js/mashmenu.js	ScriptElement	1.5 kB	2023-10-30	2025-06-02
Pretty URL 9tsu.cc/wp-content/themes/9tsu/inc/megamenu/js/mashmenu.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-30 05:41 Last Seen2025-06-02 14:20 Times Seen5 Hash 3b16bca881384295a08020dc5f5348f6 1f8de02f2b142d7ae350f06d0368f81ee252412c 2915bf4a20e1c32b63bf83ab70c513552446af6fab1053e5e641d1ff6b95e87e Loading...

	9tsu.cc/wp-content/themes/9tsu/js/js.cookie.js	ScriptElement	3.7 kB	2023-03-14	2025-06-02
Pretty URL 9tsu.cc/wp-content/themes/9tsu/js/js.cookie.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 12:12 Last Seen2025-06-02 14:20 Times Seen7 Hash 0aa51ded44095b20673dfb77671108cc 3da16bc4f3c577d1b2dcc319b8beb87d9c313210 c63696f3bc2b460934430082f2202704971372abf34f85c77467e63a5b5a3423 Loading...

	apis.google.com/js/plusone.js	ScriptElement	58 kB	2023-12-15	2024-08-20
Pretty URL apis.google.com/js/plusone.js IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-15 13:51 Last Seen2024-08-20 15:48 Times Seen540 Hash 1944af3661da46249991197817b6cd8b f952df40ec79fafc7c798f37aff92878977376ed 63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5 Loading...

	9tsu.cc/sekaju240106	ScriptElement	1.2 kB	2024-08-20	2024-08-20
Pretty URL 9tsu.cc/sekaju240106 IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 13:47 Last Seen2024-08-20 13:47 Times Seen1 Hash 6137c8240b4ef35b4638baeab705bbe4 24c9fa1adfd392e0f5b5ab739fd32ac758770bde abccf38c150b19db7e831535c8424c471056c9ed096d3cbc06266c3a2d8e9cc4 Loading...

	9tsu.cc/sekaju240106	ScriptElement	246 B	2023-03-08	2024-08-20
Pretty URL 9tsu.cc/sekaju240106 IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 07:48 Last Seen2024-08-20 21:50 Times Seen4 Hash 3c233a5f26c729c04276c1a30ae1f2b7 2ea3991b9a87aa050923b810cf128d17d7892725 1e3fce64e936e552dde8415ac3ccea6719d39b2a61e3630e4021ac6b5412c706 Loading...

	www.googletagmanager.com/gtag/js?id=G-W0CS4Q2EGJ	ScriptElement	260 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-W0CS4Q2EGJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 13:47 Last Seen2024-08-20 13:47 Times Seen1 Hash 0addb35bfb51062c590ffdd562e31f4c 5cfae5af49fa6cdf5bf50456ef103bc640fa6a13 1bd761e64993db0ebf4cadd77b53f9c31db00ac51bda9e989815f39ffa394a41 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_1?le=scs	ScriptElement	100 kB	2023-12-15	2024-08-20
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_1?le=scs IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-15 13:51 Last Seen2024-08-20 15:48 Times Seen323 Hash eb090adba99a3ef5ddd7391d67e0a0e7 659239fc3af1f2e79c809bca0959fb894ebd8341 30f3855dafef7d28d65e1969f2d8c7c651b92f590fb2946f80c818064742745b Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs	ScriptElement	162 kB	2023-12-15	2024-08-20
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-15 13:51 Last Seen2024-08-20 15:48 Times Seen532 Hash 44f13a9e716a7cd8476f96d806115f6c 7969878970f46d6ae4be4202284e8107edbb7065 bb1609e85d8370b7259775c76a2ba7456ee2ed72cb45cb68e59f14d3a6b0a0a5 Loading...

	apis.google.com/js/rpc:shindig_random.js?onload=init	ScriptElement	18 kB	2023-12-15	2024-08-20
Pretty URL apis.google.com/js/rpc:shindig_random.js?onload=init IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-15 16:42 Last Seen2024-08-20 15:47 Times Seen438 Hash f019fdda31635d2a31b151ad8ad56c7a 6adcbec55f66ffaef83d9a134423aa98eb2a2189 c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831 Loading...

	9tsu.cc/wp-content/themes/9tsu/js/isotope.js	ScriptElement	35 kB	2023-03-07	2025-06-02
Pretty URL 9tsu.cc/wp-content/themes/9tsu/js/isotope.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10 Last Seen2025-06-02 14:20 Times Seen124 Hash ebe60fb208a70d4c8f51a714cae30042 25488862a292c5270b585be2c6477682758ce3a6 f1a854a222373f7e3caafa9b35e578c8a93d0e9deaacde15a46b683cb96e6de4 Loading...

	9tsu.cc/wp-content/themes/9tsu/js/template.js	ScriptElement	49 kB	2023-10-30	2025-06-02
Pretty URL 9tsu.cc/wp-content/themes/9tsu/js/template.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-30 05:41 Last Seen2025-06-02 14:20 Times Seen5 Hash e86862f0808fff7ef9ce3c48a9c4f2b9 7cfec6597af0c7f23cb94cd4728810bd8556781f 452d8922531abb750ef30391594b38f7135c93a6fe1329cebfea1cc15a187198 Loading...

	www.googletagmanager.com/gtag/js?id=UA-185957318-1	ScriptElement	138 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=UA-185957318-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 13:47 Last Seen2024-08-20 13:47 Times Seen1 Hash fb22815853d3919689767f67762f895e 2d26c351fa44005d270dd37c8103712750faa72f b0392d75d9027517764792edc2682dc7caa426e209c144b8f0f9abf3ce286a0e Loading...

	9tsu.cc/wp-content/themes/9tsu/js/ajax.js	ScriptElement	3.3 kB	2023-10-30	2025-06-02
Pretty URL 9tsu.cc/wp-content/themes/9tsu/js/ajax.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-30 05:41 Last Seen2025-06-02 14:20 Times Seen5 Hash b1a6d6019bd7b9077450becdd8aa2bb0 5ceb84b8a0481b4d3cfaa517452ff0c47247e1f1 ef79be3401639df162fc5c3d3f90f54e582695fd32c534d74f76d95e1de03bc4 Loading...

	9tsu.cc/wp-content/themes/9tsu/js/jquery.mCustomScrollbar.concat.min.js	ScriptElement	45 kB	2023-03-08	2025-06-05
Pretty URL 9tsu.cc/wp-content/themes/9tsu/js/jquery.mCustomScrollbar.concat.min.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:42 Last Seen2025-06-05 09:20 Times Seen24 Hash 292d365b4d1986f13db0dcf4f3bc0abc 5d71de096cc6e7b506d1949d70bbb6326651c0a4 eaf05c399108292bb58323c028c9984817a6bdede60d5fe4b4e9067e41dff139 Loading...

	9tsu.cc/sekaju240106	ScriptElement	25 B	2024-08-20	2025-02-20
Pretty URL 9tsu.cc/sekaju240106 IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 13:47 Last Seen2025-02-20 06:40 Times Seen2 Hash 07139a80ca9270ea5c5457ca72f141a6 e1f3f33be1eaae2d3f239a443df4f20190b4607a 3edf9ab93440c5dbd5cecd025844a0dcbed03e672c26d41e9b8bb4f741046761 Loading...

	9tsu.cc/wp-content/themes/9tsu/js/slick.min.js	ScriptElement	42 kB	2023-10-30	2025-06-02
Pretty URL 9tsu.cc/wp-content/themes/9tsu/js/slick.min.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-30 05:41 Last Seen2025-06-02 14:20 Times Seen5 Hash b876684aae948feb61d2d98d16ebf572 19307499d3506bba43def189c44a469990cb9945 91f8f119b1fae505cda049543b9aa0f4e492cf4e11127c66d489ddd7040f28bc Loading...

	ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.js	ScriptElement	114 kB	2023-03-08	2025-01-04
Pretty URL ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.js IP 151.101.66.114 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:29 Last Seen2025-01-04 07:50 Times Seen18 Hash b646381f2f5695e6ccc9d7aea7dc2998 25756dce3abe3e1aa332505ec31f068d1034b82b 4a71c89abb6cb257fba4d55180180940b9c7108cb630c054a17e45667b8678e4 Loading...

	9tsu.cc/sekaju240106	ScriptElement	145 B	2024-08-20	2025-02-20
Pretty URL 9tsu.cc/sekaju240106 IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 13:47 Last Seen2025-02-20 06:40 Times Seen2 Hash 41fde4a0c48b7effacb471c1e9326401 e97fd58840cb1430e7cf5170ad1320face566c3f 794d179f07f32794d0e0f39b8fe4e321de61be29c7458b3bd72d0976f9661b2a Loading...

	wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6	ScriptElement	0 B	0001-01-01	2025-06-05
Pretty URL wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-05 18:23 Times Seen4855697 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.core.controls.js	ScriptElement	313 kB	2023-03-10	2025-04-17
Pretty URL ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.core.controls.js IP 151.101.66.114 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:18 Last Seen2025-04-17 20:05 Times Seen143 Hash 010e17bd5ebef3ac5d51bed68080215f 56cede0f150470839ee8b9bd3a43b730f3606f3d 8a3ff7771f08235593585de5c567352c79ccf4da67dde2cfc9b37013faed93e9 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs	ScriptElement	66 kB	2023-12-15	2024-08-20
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-15 13:51 Last Seen2024-08-20 15:48 Times Seen439 Hash ee01651d160cfc55249d6011a3c45916 79d6121df6575974ad21dafce33ec98e3f2f0a7f 639d75299973c7d3794eb7eb129e3b5a6139f9f521e1f14383abd0fd501219c9 Loading...

	9tsu.cc/sekaju240106	ScriptElement	136 B	2024-08-20	2025-02-20
Pretty URL 9tsu.cc/sekaju240106 IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 13:47 Last Seen2025-02-20 06:40 Times Seen2 Hash c31a3eb244deaf076d0569351fc9870f dea20e2f67e5db576c53736b47f037aaed9e61fb 7ba4a649454bdb958ffaa77c19253e0e52328976cbead94f8af4cc5cdb7dc75f Loading...

	9tsu.cc/wp-includes/js/jquery/jquery.js	ScriptElement	97 kB	2023-03-07	2025-06-05
Pretty URL 9tsu.cc/wp-includes/js/jquery/jquery.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-05 18:21 Times Seen6605 Hash 49edccea2e7ba985cadc9ba0531cbed1 f8747f8ee704d9af31d0950015e01d3f9635b070 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Loading...

	9tsu.cc/wp-includes/js/wp-embed.min.js	ScriptElement	1.4 kB	2023-03-07	2025-06-04
Pretty URL 9tsu.cc/wp-includes/js/wp-embed.min.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-04 15:33 Times Seen1117 Hash 2dce40d16f9ff6332d3cbb7ae488a2b9 0a8eca5975f21a9f1bc079d111ca1657009dbe8f 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7 Loading...

	www.googletagmanager.com/gtag/js?id=G-04RLS9TJ34&l=dataLayer&cx=c	ScriptElement	232 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-04RLS9TJ34&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 13:47 Last Seen2024-08-20 13:47 Times Seen1 Hash 6981339a3faedb873c14da76a35c00f4 b4091e27625543a780a4dd7e10e36b54a84d0850 55491157c42fb4967e4e47a83361fc9488f71fe05c57f78ae615b8f5eba63b10 Loading...

	www.googletagmanager.com/gtag/js?id=UA-185957318-1&l=dataLayer&cx=c	ScriptElement	134 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=UA-185957318-1&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 13:47 Last Seen2024-08-20 13:47 Times Seen1 Hash 6237314854f80f78ff999a7aacdddc46 3159e5b16e08cc419c71c536be05980fdb60067f abe4b50a9bb2baed46933d7c75e13590f3b7a29a5244c2ae4c48056c168e8e82 Loading...

	wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6	ScriptElement	0 B	0001-01-01	2025-06-05
Pretty URL wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-05 18:23 Times Seen4855697 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	wordplaynevadax.shop/public/js/player.js?v=1009	ScriptElement	2.9 kB	2024-08-20	2024-08-20
Pretty URL wordplaynevadax.shop/public/js/player.js?v=1009 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 13:47 Last Seen2024-08-20 13:47 Times Seen1 Hash 2406a383fda8e44b5a65e82e6615e27a d725499955f5c5558ee1e830fa5464680f224a1a 9f1483b53ae1f2b3fe10f33dc1290ff73ba5113cf8e4aed4062b74538693d182 Loading...

	www.googletagmanager.com/gtag/js?id=G-737K8TVENW&l=dataLayer&cx=c	ScriptElement	253 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-737K8TVENW&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 13:47 Last Seen2024-08-20 13:47 Times Seen1 Hash 3d643ec8e993acc602442fd9fdf749d5 6d64ebc3781d92b01075608656e9043a955fb466 e2c3967e1f566fdbc0b24f59f568c88a7f304c28015bd0053c472ef2cd2bf4b1 Loading...

	9tsu.cc/sekaju240106	ScriptElement	489 B	2024-08-20	2025-02-20
Pretty URL 9tsu.cc/sekaju240106 IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 13:47 Last Seen2025-02-20 06:40 Times Seen2 Hash 1e3d418fe675bae135df55088a516413 23b1651a76b4c2f064376d884f6d93a87b96ee9c 97e5c4cbec396af15df269baccbc9cee6f7c8d5473f5a17caa2265af053acd6d Loading...

	9tsu.cc/wp-content/plugins/cactus-rating/js/main.js	ScriptElement	9.3 kB	2023-10-30	2025-06-02
Pretty URL 9tsu.cc/wp-content/plugins/cactus-rating/js/main.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-30 05:41 Last Seen2025-06-02 14:20 Times Seen5 Hash 117042b02fd9d6c9ef5ca94279b21f88 e4e7137961b564546c7ec8264d94c94b7239d216 eb6231c7d054be7080baf11809a12a5d34e171940c1ab2cdd162eb19aad8e2c6 Loading...

	9tsu.cc/wp-includes/js/jquery/jquery-migrate.min.js	ScriptElement	10 kB	2023-03-07	2025-06-05
Pretty URL 9tsu.cc/wp-includes/js/jquery/jquery-migrate.min.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-05 18:21 Times Seen15470 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	9tsu.cc/wp-content/plugins/cactus-rating/js/wow.min.js	ScriptElement	3.4 kB	2023-03-08	2025-06-02
Pretty URL 9tsu.cc/wp-content/plugins/cactus-rating/js/wow.min.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:19 Last Seen2025-06-02 14:20 Times Seen17 Hash 08e00577c856d48d4bf4ed6d9d483925 0d50a3747a3efcae6be2a219562919bce157f151 68e8f71fd1e5d8b30ddc2cf14583f9f9781997de8950e9f5a326d849322a4350 Loading...

	9tsu.cc/wp-includes/js/comment-reply.min.js	ScriptElement	2.2 kB	2023-03-07	2025-06-03
Pretty URL 9tsu.cc/wp-includes/js/comment-reply.min.js IP 104.21.54.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07 Last Seen2025-06-03 16:08 Times Seen81 Hash 1d476ef0a02dea95add5d5e192d6c89a 36a8496ef04c234eb2b48123ee3853f7264b3a05 31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695 Loading...

HTTP Transactions (67)

URL IP Response Size

9tsu.cc/wp-content/themes/9tsu/images/dflazy.jpg

104.21.54.188

200 OK

340 B

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/images/dflazy.jpg
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 16x9, components 3
Size
340 B (340 bytes)
Hash
09dd497941ada9362fdfedfe4efae9f4
af2516d7df527fe0f2fc2dd96cc65f3d4720ce16
4121d082cbcd78343411a9dd97684d5adccfe9b89ad8938a5838043feb70e6c5

HTTP Headers

GET /wp-content/themes/9tsu/images/dflazy.jpg HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: image/jpeg
content-length: 340
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
etag: "6108c5ec-154"
expires: Mon, 05 Feb 2024 13:10:13 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1212
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKRW%2BJQmwZ40C9jlv4dB2Hkw1hQztQkmx%2BjNJE3BQTNyOyODcFIIvvEADmT9Ct5JnE9aq8DetKFZ51%2BnNab9w%2B1X%2FKl%2F%2B99HCSYntHudk80pGf%2B9VQ9DkNme"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 841450c6cfc91c02-OSL
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/uploads/2020/12/9tsu-cc.png

104.21.54.188

200 OK

6.7 kB

URL GET HTTP/3
9tsu.cc/wp-content/uploads/2020/12/9tsu-cc.png
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
PNG image data, 488 x 120, 8-bit/color RGBA, non-interlaced
Size
6.7 kB (6716 bytes)
Hash
716fdceead6b74a30062622735d2f9c7
e351a275b36b1e035e1610ab6a781a0ccc695352
5f42c33d1e6e8644681c48160809ea53ad8d41dbad83cf2e19157e84fed20cef

HTTP Headers

GET /wp-content/uploads/2020/12/9tsu-cc.png HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: image/png
content-length: 6716
last-modified: Thu, 02 Feb 2023 16:23:37 GMT
etag: "63dbe389-1a3c"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yy9tOeao5rNaQTDTb1grK3BmMJ528xMCAYzHpQUo9jSsjmBNYLUE%2BV7nOwQltQltnUoPf%2F0P%2FzdQ%2BTlhL7bQn24QPf%2BNAknTkYZRHrQECQmgUWIP6OgSgawW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 841450c6bfc71c02-OSL
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/uploads/2021/06/hot2.gif

104.21.54.188

200 OK

181 B

URL GET HTTP/3
9tsu.cc/wp-content/uploads/2021/06/hot2.gif
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
GIF image data, version 89a, 22 x 11
Size
181 B (181 bytes)
Hash
606b55605a128c9be79874e01bfdc7f7
a69c89dc06be896d280962591a924e2754d3eff7
ede1a14f2800eeb40e5370aef684dce98eff7eee4e6c75fb9b3c4c773351a8b2

HTTP Headers

GET /wp-content/uploads/2021/06/hot2.gif HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: image/gif
content-length: 181
last-modified: Tue, 22 Jun 2021 08:30:41 GMT
etag: "60d19fb1-b5"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BIeJU7%2Fdm3endd2u1vO4nEQnP6JzJUtcG5G4u3BgPjR9IhUiQkhvRrmkBmJ3QxPz2rbBD7D0j2Saz2CQg4dcve7K%2FxJ5mMPhksX%2Br%2Bm0wpci8BJsXzq0LwN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 841450c6bfc81c02-OSL
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/uploads/2021/01/sekaju21.jpg

104.21.54.188

200 OK

50 kB

URL GET HTTP/3
9tsu.cc/wp-content/uploads/2021/01/sekaju21.jpg
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3
Size
50 kB (50225 bytes)
Hash
7c241f33b3b60443aefdb10a214dfa2e
0eacb54340f8c33ff252d37a22165a7ad88cbf1e
acb64ca10c93b4d8315f40e621302d1f8df795a028622dbdfe3594868b9d0a89

HTTP Headers

GET /wp-content/uploads/2021/01/sekaju21.jpg HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: image/jpeg
content-length: 50225
last-modified: Sat, 23 Jan 2021 02:43:22 GMT
etag: "600b8d4a-c431"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFKoIHYKFzeMIaRD1iRkl2m%2FIO1TQpcX2J6TvO5mGhIXRxQVdedxx3BlIMD7V%2Fj6GHdQQyK8nHP0UFG7ekdG6XbhHww43cFKGnQ75eg9Ek7IQwbbgz5ac93e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 841450c6dfd11c02-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-210615202-2

142.250.74.168

200 OK

70 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-210615202-2
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (4179)
Size
70 kB (69747 bytes)
Hash
49b7a15aed9f01a49880a3772353f9ed
21e5100d75f73a0829f3b44587d69425d079f8f0
b4773dbdd9af44c05d30fb1224a95cb324f2abc989f7fdc83babf4c69d91a8a0

HTTP Headers

GET /gtag/js?id=UA-210615202-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 06 Jan 2024 13:30:25 GMT
expires: Sat, 06 Jan 2024 13:30:25 GMT
cache-control: private, max-age=900
last-modified: Sat, 06 Jan 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69747
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

142.250.74.170

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
ASCII text, with very long lines (65447)
Size
30 kB (30462 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

HTTP Headers

GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 05 Jan 2024 21:09:13 GMT
expires: Sat, 04 Jan 2025 21:09:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 58872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-185957318-1

142.250.74.168

200 OK

52 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-185957318-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (2213)
Size
52 kB (52283 bytes)
Hash
fb22815853d3919689767f67762f895e
2d26c351fa44005d270dd37c8103712750faa72f
b0392d75d9027517764792edc2682dc7caa426e209c144b8f0f9abf3ce286a0e

HTTP Headers

GET /gtag/js?id=UA-185957318-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 06 Jan 2024 13:30:26 GMT
expires: Sat, 06 Jan 2024 13:30:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52283
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

9tsu.cc/wp-content/plugins/cactus-rating//css/style.css

104.21.54.188

200 OK

2.8 kB

URL GET HTTP/3
9tsu.cc/wp-content/plugins/cactus-rating//css/style.css
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
Unicode text, UTF-8 text, with very long lines (329), with CRLF line terminators
Size
2.8 kB (2756 bytes)
Hash
54d6f3d133a6350294e7192050c67898
c334fb90c04fbc7903e673c95915b825a0df7588
ee7c8232d11ad2cbb6d6824b6b5070d76a72909486701ac406b674077c3228e7

HTTP Headers

GET /wp-content/plugins/cactus-rating//css/style.css HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-2689"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KUamzZv6M1rMoAxrSjcZ%2B6%2F6MTSD8IHRYz2ddyltSNGPYuAllK7HNMlCPyCiJhQb2YIFYwKjk3bXh4gPOATz5YlvBpyWUN22%2BqDE8BD0shsJoEMa6iiq1ev"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6afaf1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mammocksambos.com/1clkn/36427

23.109.248.5

200 OK

26 B

URL GET HTTP/1.1
mammocksambos.com/1clkn/36427
IP
23.109.248.5:443
ASN
#7979 SERVERS-COM

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerLet's Encrypt
Subjectmammocksambos.com
Fingerprint6A:59:53:42:8E:F4:76:1A:64:1A:B2:8C:4D:B3:1B:F2:EB:88:75:AA
ValidityTue, 14 Nov 2023 23:23:08 GMT - Mon, 12 Feb 2024 23:23:07 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

HTTP Headers

GET /1clkn/36427 HTTP/1.1
Host: mammocksambos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jan 2024 13:30:26 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYZ4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNCm05t; expires=Sun, 07-Jan-2024 13:30:26 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Sun, 07-Jan-2024 13:30:26 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

unkinpigsty.com/rt8R8Py6Txt/69610

23.109.248.166

200 OK

20 B

URL GET HTTP/1.1
unkinpigsty.com/rt8R8Py6Txt/69610
IP
23.109.248.166:443
ASN
#7979 SERVERS-COM

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerLet's Encrypt
Subjectunkinpigsty.com
Fingerprint6F:C8:EF:C2:55:56:FA:0E:9A:47:E9:2A:8B:E6:DE:4C:1D:0E:E9:F4
ValiditySun, 29 Oct 2023 23:26:56 GMT - Sat, 27 Jan 2024 23:26:55 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /rt8R8Py6Txt/69610 HTTP/1.1
Host: unkinpigsty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jan 2024 13:30:26 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://9tsu.cc
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYZ4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNCm05t; expires=Sun, 07-Jan-2024 13:30:26 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Sun, 07-Jan-2024 13:30:26 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

www.googletagmanager.com/gtag/js?id=G-04RLS9TJ34&l=dataLayer&cx=c

142.250.74.168

200 OK

82 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-04RLS9TJ34&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (5955)
Size
82 kB (81998 bytes)
Hash
6981339a3faedb873c14da76a35c00f4
b4091e27625543a780a4dd7e10e36b54a84d0850
55491157c42fb4967e4e47a83361fc9488f71fe05c57f78ae615b8f5eba63b10

HTTP Headers

GET /gtag/js?id=G-04RLS9TJ34&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 06 Jan 2024 13:30:26 GMT
expires: Sat, 06 Jan 2024 13:30:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

9tsu.cc/wp-includes/js/wp-embed.min.js

104.21.54.188

200 OK

1.2 kB

URL GET HTTP/3
9tsu.cc/wp-includes/js/wp-embed.min.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (1403), with no line terminators
Size
1.2 kB (1191 bytes)
Hash
2dce40d16f9ff6332d3cbb7ae488a2b9
0a8eca5975f21a9f1bc079d111ca1657009dbe8f
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

HTTP Headers

GET /wp-includes/js/wp-embed.min.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-57b"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irl%2BzM9C704lyMzvDuOoS%2F7z45OQpxYhQ4i4yhttugnoD04CPlEc3WDSYKFUYx6WbndHimkbsaKkDReA9HWvLytVaBBzpxgwm1DC4dvsqjFGDfub3le0HspL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6eff51c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tealsgenevan.com/tY2UNcHJHrr46DKxZ/70329

23.109.82.24

200 OK

25 B

URL GET HTTP/1.1
tealsgenevan.com/tY2UNcHJHrr46DKxZ/70329
IP
23.109.82.24:443
ASN
#7979 SERVERS-COM

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerLet's Encrypt
Subjecttealsgenevan.com
Fingerprint49:57:12:CB:EE:DE:7F:3C:31:56:47:FB:31:AB:2A:A7:A9:AC:E5:6C
ValidityTue, 28 Nov 2023 23:36:15 GMT - Mon, 26 Feb 2024 23:36:14 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

HTTP Headers

GET /tY2UNcHJHrr46DKxZ/70329 HTTP/1.1
Host: tealsgenevan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jan 2024 13:30:26 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://9tsu.cc
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYZ4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNCm05t; expires=Sun, 07-Jan-2024 13:30:26 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Sun, 07-Jan-2024 13:30:26 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

tealsgenevan.com/tY2UNcHJHrr46DKxZ/70329

23.109.82.24

200 OK

25 B

URL GET HTTP/1.1
tealsgenevan.com/tY2UNcHJHrr46DKxZ/70329
IP
23.109.82.24:443
ASN
#7979 SERVERS-COM

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerLet's Encrypt
Subjecttealsgenevan.com
Fingerprint49:57:12:CB:EE:DE:7F:3C:31:56:47:FB:31:AB:2A:A7:A9:AC:E5:6C
ValidityTue, 28 Nov 2023 23:36:15 GMT - Mon, 26 Feb 2024 23:36:14 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

HTTP Headers

GET /tY2UNcHJHrr46DKxZ/70329 HTTP/1.1
Host: tealsgenevan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYZ4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNCm05t; GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jan 2024 13:30:26 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://9tsu.cc
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

9tsu.cc/wp-content/themes/9tsu/js/jquery.mCustomScrollbar.concat.min.js

104.21.54.188

200 OK

64 kB

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/js/jquery.mCustomScrollbar.concat.min.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (32011), with CRLF line terminators
Size
64 kB (64127 bytes)
Hash
292d365b4d1986f13db0dcf4f3bc0abc
5d71de096cc6e7b506d1949d70bbb6326651c0a4
eaf05c399108292bb58323c028c9984817a6bdede60d5fe4b4e9067e41dff139

HTTP Headers

GET /wp-content/themes/9tsu/js/jquery.mCustomScrollbar.concat.min.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-aeb0"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0G%2FiDCxprCiZzpm2k0%2FsRfy67brIW94r9Yg2VCnRBUWagJR2jH0FCgH%2BtjWrGhDgve9hC8%2BlPhb47EcP%2FYIrR%2BFb8yxYIps7s52ukB6c%2BFJhb36WAMHb1afc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6efeb1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tealsgenevan.com/tY2UNcHJHrr46DKxZ/70329

23.109.82.24

200 OK

25 B

URL GET HTTP/1.1
tealsgenevan.com/tY2UNcHJHrr46DKxZ/70329
IP
23.109.82.24:443
ASN
#7979 SERVERS-COM

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerLet's Encrypt
Subjecttealsgenevan.com
Fingerprint49:57:12:CB:EE:DE:7F:3C:31:56:47:FB:31:AB:2A:A7:A9:AC:E5:6C
ValidityTue, 28 Nov 2023 23:36:15 GMT - Mon, 26 Feb 2024 23:36:14 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

HTTP Headers

GET /tY2UNcHJHrr46DKxZ/70329 HTTP/1.1
Host: tealsgenevan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYZ4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNCm05t; GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jan 2024 13:30:26 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://9tsu.cc
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

9tsu.cc/wp-content/themes/9tsu/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

104.21.54.188

200 OK

77 kB

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/themes/9tsu/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/wp-content/themes/9tsu/css/font-awesome/css/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:26 GMT
content-type: font/woff2
content-length: 77160
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
etag: "6108c5ec-12d68"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYRaaX3ZGsmegz86aTLagXWzmbBPq5lQO5pyZkKtJh9Mi6ZYPEZwO%2BZqC0GX0ekiyVHE0LOZRrI4ANDz5UbZSOZjxgpuuNcCkb9OOe7dWH6iuuKzW0zh%2FUHy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 841450caaafa1c02-OSL
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/uploads/2020/12/9tsu-logo.png

104.21.54.188

200 OK

7.2 kB

URL GET HTTP/3
9tsu.cc/wp-content/uploads/2020/12/9tsu-logo.png
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
PNG image data, 310 x 163, 8-bit/color RGB, non-interlaced
Size
7.2 kB (7198 bytes)
Hash
778fc6df2d366e1c3f52a715689a2ad1
23161b5a45900b514191029064803d8822640de4
59029d52645fa83d8b9a75b55e7503c6ba78ccf17e2fea078609753e57f10278

HTTP Headers

GET /wp-content/uploads/2020/12/9tsu-logo.png HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:26 GMT
content-type: image/png
content-length: 7198
last-modified: Tue, 12 Sep 2023 14:20:58 GMT
etag: "650073ca-1c1e"
expires: Mon, 05 Feb 2024 13:10:18 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1208
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCejaAdzKI066peCV9R8csnAO2k%2BBK8Rcp0m0HUFAAUMYEvx7iCBMJZqifpNH9Javw%2FWKXf%2Fp0dp9mBdITt9qyv3J2WRICMs20dDUoBU%2B0eOZcd3%2B%2FyBbKCM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 841450cc8c671c02-OSL
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/uploads/2020/12/9tsu-logo.png

104.21.54.188

200 OK

7.2 kB

URL GET HTTP/3
9tsu.cc/wp-content/uploads/2020/12/9tsu-logo.png
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
PNG image data, 310 x 163, 8-bit/color RGB, non-interlaced
Size
7.2 kB (7198 bytes)
Hash
778fc6df2d366e1c3f52a715689a2ad1
23161b5a45900b514191029064803d8822640de4
59029d52645fa83d8b9a75b55e7503c6ba78ccf17e2fea078609753e57f10278

HTTP Headers

GET /wp-content/uploads/2020/12/9tsu-logo.png HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:26 GMT
content-type: image/png
content-length: 7198
last-modified: Tue, 12 Sep 2023 14:20:58 GMT
etag: "650073ca-1c1e"
expires: Mon, 05 Feb 2024 13:10:18 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1208
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOCx53CpBW9O%2FNzKUk64bx0CtgeQLRpw%2FVNk0WJWdHC8yzvt8%2B%2BYtfsMlZl5U72h84Fdr6o0ftzdAZmC5G3Yy7NEhJMi%2FsqdqjrHBwWtmNux9X1sWAvswveB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 841450cc8c651c02-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.170

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wordplaynevadax.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 Jan 2024 09:15:54 GMT
expires: Fri, 03 Jan 2025 09:15:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 188072
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/js/plusone.js

216.58.207.206

200 OK

22 kB

URL GET HTTP/2
apis.google.com/js/plusone.js
IP
216.58.207.206:443
ASN
#15169 GOOGLE

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
FingerprintBF:09:8A:B9:E4:51:77:53:17:7A:E6:3F:41:6D:27:35:7B:DD:F5:3D
ValidityMon, 20 Nov 2023 08:09:55 GMT - Mon, 12 Feb 2024 08:09:54 GMT

File type
ASCII text, with very long lines (2664)
Size
22 kB (21930 bytes)
Hash
1944af3661da46249991197817b6cd8b
f952df40ec79fafc7c798f37aff92878977376ed
63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5

HTTP Headers

GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 21930
date: Sat, 06 Jan 2024 13:30:26 GMT
expires: Sat, 06 Jan 2024 13:30:26 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "198f19c141a8a438"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=mlUBht9n3H7lu_4SwHndjNrzlyMHo_hzyR8d946Yko4oXk3F3NbRHg22xp8vgeaK8mdthKJBA7q2gpkE_Iz77_vkRqkDqF5z2CZaXFTQqoGEmcEtE3H2osNUHRP8gwg4Cagr2eTj4oaoQypstl5B7N5ZgGyvQ5GgYo0iX2IlB64; expires=Sun, 07-Jul-2024 13:30:26 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-W0CS4Q2EGJ

142.250.74.168

200 OK

89 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-W0CS4Q2EGJ
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (7711)
Size
89 kB (88674 bytes)
Hash
0addb35bfb51062c590ffdd562e31f4c
5cfae5af49fa6cdf5bf50456ef103bc640fa6a13
1bd761e64993db0ebf4cadd77b53f9c31db00ac51bda9e989815f39ffa394a41

HTTP Headers

GET /gtag/js?id=G-W0CS4Q2EGJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wordplaynevadax.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 06 Jan 2024 13:30:26 GMT
expires: Sat, 06 Jan 2024 13:30:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88674
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

9tsu.cc/wp-content/themes/9tsu/js/isotope.js

104.21.54.188

200 OK

47 kB

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/js/isotope.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (32010), with CRLF line terminators
Size
47 kB (47401 bytes)
Hash
ebe60fb208a70d4c8f51a714cae30042
25488862a292c5270b585be2c6477682758ce3a6
f1a854a222373f7e3caafa9b35e578c8a93d0e9deaacde15a46b683cb96e6de4

HTTP Headers

GET /wp-content/themes/9tsu/js/isotope.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-8792"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5GUvKQWezavGm6fFaM834c76ECIIPeYp7%2FXAsEI5Dnsv7cLhbS76Sb1ANcw4inKp5yNCqZygDquH0XI%2BoFj%2BZn0uC2NrVIzHwnp8svUPpwmXKq0E41T8zc0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6efed1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/themes/9tsu/js/template.js

104.21.54.188

200 OK

12 kB

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/js/template.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
12 kB (12272 bytes)
Hash
e86862f0808fff7ef9ce3c48a9c4f2b9
7cfec6597af0c7f23cb94cd4728810bd8556781f
452d8922531abb750ef30391594b38f7135c93a6fe1329cebfea1cc15a187198

HTTP Headers

GET /wp-content/themes/9tsu/js/template.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-c0aa"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9P0Vbpk0RzuZB6hxI8A84TORr6uNFVcD0ZGIGq%2BOIC6ic4B58sFH9pt7GDj1n%2B%2Bfz4oxqaGsQePYsdXxrIvZPPnMlh09anNhXYlhZDBVPmI9U8bUANvWJaoO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6efef1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-737K8TVENW&l=dataLayer&cx=c

142.250.74.168

200 OK

87 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-737K8TVENW&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (3035)
Size
87 kB (86984 bytes)
Hash
3d643ec8e993acc602442fd9fdf749d5
6d64ebc3781d92b01075608656e9043a955fb466
e2c3967e1f566fdbc0b24f59f568c88a7f304c28015bd0053c472ef2cd2bf4b1

HTTP Headers

GET /gtag/js?id=G-737K8TVENW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 06 Jan 2024 13:30:26 GMT
expires: Sat, 06 Jan 2024 13:30:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86984
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.core.controls.js

151.101.66.114

200 OK

80 kB

URL GET HTTP/2
ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.core.controls.js
IP
151.101.66.114:443
ASN
#54113 FASTLY

Requested by
https://wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6
Certificate
IssuerGlobalSign nv-sa
Subject*.jwplayer.com
FingerprintAB:15:C6:40:38:53:10:D6:CD:12:E9:B3:27:A9:9A:A9:79:8D:B2:9A
ValidityWed, 30 Aug 2023 18:09:48 GMT - Mon, 30 Sep 2024 18:09:47 GMT

File type
Unicode text, UTF-8 text, with very long lines (65135)
Size
80 kB (79944 bytes)
Hash
010e17bd5ebef3ac5d51bed68080215f
56cede0f150470839ee8b9bd3a43b730f3606f3d
8a3ff7771f08235593585de5c567352c79ccf4da67dde2cfc9b37013faed93e9

HTTP Headers

GET /player/v/8.21.1/jwplayer.core.controls.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wordplaynevadax.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Fri, 16 Jul 2021 21:39:21 GMT
etag: "010e17bd5ebef3ac5d51bed68080215f"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 06 Jan 2024 13:30:27 GMT
via: 1.1 varnish
age: 302219
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1704547827.019577,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 79944
X-Firefox-Spdy: h2

ssl.p.jwpcdn.com/player/v/8.21.1/provider.hlsjs.js

151.101.66.114

200 OK

116 kB

URL GET HTTP/2
ssl.p.jwpcdn.com/player/v/8.21.1/provider.hlsjs.js
IP
151.101.66.114:443
ASN
#54113 FASTLY

Requested by
https://wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6
Certificate
IssuerGlobalSign nv-sa
Subject*.jwplayer.com
FingerprintAB:15:C6:40:38:53:10:D6:CD:12:E9:B3:27:A9:9A:A9:79:8D:B2:9A
ValidityWed, 30 Aug 2023 18:09:48 GMT - Mon, 30 Sep 2024 18:09:47 GMT

File type
ASCII text, with very long lines (44093)
Size
116 kB (115620 bytes)
Hash
cca80809ef0cbbcc4f041e58f4247d4f
f750242c34bbc18b03599dbef139a7786bc55f0f
65cec34b3d60fdcb098eae1a552d3f4a7568f22ae8bd989aa45b264ab8bab154

HTTP Headers

GET /player/v/8.21.1/provider.hlsjs.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wordplaynevadax.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Fri, 16 Jul 2021 21:39:24 GMT
etag: "cca80809ef0cbbcc4f041e58f4247d4f"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 06 Jan 2024 13:30:27 GMT
via: 1.1 varnish
age: 205380
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1704547827.025643,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 115620
X-Firefox-Spdy: h2

9tsu.cc/wp-content/plugins/cactus-video/js/lightbox/lightbox.js

104.21.54.188

200 OK

36 kB

URL GET HTTP/3
9tsu.cc/wp-content/plugins/cactus-video/js/lightbox/lightbox.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
HTML document, ASCII text, with very long lines (771), with CRLF line terminators
Size
36 kB (36290 bytes)
Hash
21eb98243fb82c1e1d7532a893333bdd
aee612a9ed633723e94d875bc7b5c5d7eed04caa
c32439ec30b3477ba0dc59dde5d67f17e2d756676726cbc1cc47c6d7bdd03622

HTTP Headers

GET /wp-content/plugins/cactus-video/js/lightbox/lightbox.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-19ca"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7d2v7vXygSpNEaFfFJfDnqwH6W1CxeHX%2Bo3Ti4U8rPXGQwydYauLyVNJPjJ8%2Br7yc0i1GNLNBfQB5pR4y3Hk6y2FPLk5zid%2BrIEnxgT5%2FnkMf2ufZO7vaFj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6eff11c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs

216.58.207.206

200 OK

56 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs
IP
216.58.207.206:443
ASN
#15169 GOOGLE

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT

File type
ASCII text, with very long lines (1505)
Size
56 kB (55872 bytes)
Hash
44f13a9e716a7cd8476f96d806115f6c
7969878970f46d6ae4be4202284e8107edbb7065
bb1609e85d8370b7259775c76a2ba7456ee2ed72cb45cb68e59f14d3a6b0a0a5

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 55872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 01 Jan 2024 13:08:32 GMT
expires: Tue, 31 Dec 2024 13:08:32 GMT
cache-control: public, max-age=31536000
age: 433315
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/js/rpc:shindig_random.js?onload=init

216.58.207.206

200 OK

7.1 kB

URL GET HTTP/3
apis.google.com/js/rpc:shindig_random.js?onload=init
IP
216.58.207.206:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F9tsu.cc&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__#rpctoken=871466894&forcesecure=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT

File type
ASCII text, with very long lines (2056)
Size
7.1 kB (7122 bytes)
Hash
f019fdda31635d2a31b151ad8ad56c7a
6adcbec55f66ffaef83d9a134423aa98eb2a2189
c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831

HTTP Headers

GET /js/rpc:shindig_random.js?onload=init HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 7122
date: Sat, 06 Jan 2024 13:30:27 GMT
expires: Sat, 06 Jan 2024 13:30:27 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "82744994a59c0fbb"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=pBnR8hWRm6QRhbBYw-VQtI3lmjKbajFfVFeeLh0CWMLm7Kp9wzFyQgc6oj58Cobjk0GCRIYJlfqc6nNQCYb2MikZTW-0-Fo-ZOWaZhX-HC14ywb7--zT5WBw6ldWCITtg8S_7aSKiq5gQ7CU1TjHcpmW4wDq-CPNaBGogItFN3I; expires=Sun, 07-Jul-2024 13:30:27 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js

142.250.74.163

200 OK

12 kB

URL GET HTTP/2
ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F9tsu.cc&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__#rpctoken=871466894&forcesecure=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
ASCII text, with very long lines (3496)
Size
12 kB (12426 bytes)
Hash
92169c8a0fbf6e404267d0705cdbdf42
a5cd88b74ca5ced239cdbfb458fe25540d671f46
dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

HTTP Headers

GET /accounts/o/478691279-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 12426
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 01 Jan 2024 13:08:32 GMT
expires: Tue, 31 Dec 2024 13:08:32 GMT
cache-control: public, max-age=31536000
age: 433315
last-modified: Mon, 18 Dec 2023 21:07:08 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs

216.58.207.206

200 OK

24 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs
IP
216.58.207.206:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F9tsu.cc&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__#rpctoken=871466894&forcesecure=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT

File type
ASCII text, with very long lines (1505)
Size
24 kB (23557 bytes)
Hash
ee01651d160cfc55249d6011a3c45916
79d6121df6575974ad21dafce33ec98e3f2f0a7f
639d75299973c7d3794eb7eb129e3b5a6139f9f521e1f14383abd0fd501219c9

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 23557
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 01 Jan 2024 13:08:32 GMT
expires: Tue, 31 Dec 2024 13:08:32 GMT
cache-control: public, max-age=31536000
age: 433315
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.js

151.101.66.114

200 OK

114 kB

URL GET HTTP/2
ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.js
IP
151.101.66.114:443
ASN
#54113 FASTLY

Requested by
https://wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6
Certificate
IssuerGlobalSign nv-sa
Subject*.jwplayer.com
FingerprintAB:15:C6:40:38:53:10:D6:CD:12:E9:B3:27:A9:9A:A9:79:8D:B2:9A
ValidityWed, 30 Aug 2023 18:09:48 GMT - Mon, 30 Sep 2024 18:09:47 GMT

File type
ASCII text, with very long lines (65143)
Size
114 kB (113972 bytes)
Hash
b646381f2f5695e6ccc9d7aea7dc2998
25756dce3abe3e1aa332505ec31f068d1034b82b
4a71c89abb6cb257fba4d55180180940b9c7108cb630c054a17e45667b8678e4

HTTP Headers

GET /player/v/8.21.1/jwplayer.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wordplaynevadax.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Fri, 16 Jul 2021 21:39:22 GMT
etag: "b646381f2f5695e6ccc9d7aea7dc2998"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 06 Jan 2024 13:30:26 GMT
via: 1.1 varnish
age: 5222436
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1704547827.789234,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 37317
X-Firefox-Spdy: h2

accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F9tsu.cc&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__

173.194.222.84

200 OK

565 B

URL GET HTTP/2
accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F9tsu.cc&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
IP
173.194.222.84:443
ASN
#15169 GOOGLE

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintF3:FB:54:1B:21:E9:69:01:41:02:BB:D0:97:A2:BA:45:72:5A:71:D8
ValidityMon, 20 Nov 2023 08:09:49 GMT - Mon, 12 Feb 2024 08:09:48 GMT

File type
HTML document, ASCII text, with very long lines (585), with no line terminators
Size
565 B (565 bytes)
Hash
25522787dc48b78b3678863b5cd35b77
0cbf54ad07eb26bfb6ddd2a2cc7194db932ca666
1a14e25745f6ffba018ed1faed7f4cd78490e75decd10afca79dd770490dc1ad

HTTP Headers

GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2F9tsu.cc&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 06 Jan 2024 13:30:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-h3xl5avBi4gs0vVfbgkyxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

9tsu.cc/wp-content/themes/9tsu/css/jquery.mCustomScrollbar.min.css

104.21.54.188

200 OK

43 kB

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/css/jquery.mCustomScrollbar.min.css
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (42839), with no line terminators
Size
43 kB (42839 bytes)
Hash
f59e3f4c0087b4d8ddc27bdd9c9ab92b
fac9b521062feb5250c04d62128a8c3ddb312632
247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195

HTTP Headers

GET /wp-content/themes/9tsu/css/jquery.mCustomScrollbar.min.css HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-a757"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2F06e8%2BjYhfiEA0cT5BFoD9CZqKXUx4vEsClEClBw%2Fb9P%2FAuzXDhTWppbU%2BtK8SbOfn%2FIqr9dr1ztV13rXHURl1YEkQbFtfPvOZemmRO7QOTo356X9vDoo%2BA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6afb61c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/themes/9tsu/inc/megamenu/css/mashmenu.css

104.21.54.188

200 OK

124 B

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/inc/megamenu/css/mashmenu.css
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with no line terminators
Size
124 B (124 bytes)
Hash
84b7221d1416e6a53c36cf7fb3c56874
85297017da707311434feb698e97195a626f5bba
09b8c38a8b767ed1d4f8c111647bdfa163bdf4b36b287837729bc670fc9c948a

HTTP Headers

GET /wp-content/themes/9tsu/inc/megamenu/css/mashmenu.css HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-7c"
expires: Mon, 05 Feb 2024 13:10:26 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1199
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0q4WmBT4BBEdgqJkVpqZ8D6K7TogthhSQDfyHKub%2FlnoMhEuGTATYqhpVZxewvb1Ohhq%2BpwhKcOanQjJPzUI69tRKDVLKpcddGH4UjbzF8UKsmRFAP3nVHH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6afb21c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/plugins/cactus-rating/js/wow.min.js

104.21.54.188

200 OK

3.4 kB

URL GET HTTP/3
9tsu.cc/wp-content/plugins/cactus-rating/js/wow.min.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (3486), with no line terminators
Size
3.4 kB (3420 bytes)
Hash
c9267f255abb0164c73b74b78827160e
199bd502538ed7e9060b051d9df61632fc534f2b
968b800f1776b1262dcaac01bb2de9742f682bdbba05cf3380cd05ac770723bf

HTTP Headers

GET /wp-content/plugins/cactus-rating/js/wow.min.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-d5c"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQqcf%2FRcxONWQIoMz4T8xkFUEPxsLd8WnN1cLqUOVP8TvPRMDX1BM9l5jCktCapUzTv80bRCJyGHBOLCXlXfUmYusgcXGU7XaOe42Dy5Y0B5nLMksNbOXfRD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6efe51c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/themes/9tsu/css/font-awesome/css/font-awesome.min.css

104.21.54.188

200 OK

31 kB

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/css/font-awesome/css/font-awesome.min.css
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (30837), with CRLF line terminators
Size
31 kB (31004 bytes)
Hash
a0e784c4ca94c271b0338dfb02055be6
88af80502c44cd52ca81ffe7dc7276b7eccb06cf
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

HTTP Headers

GET /wp-content/themes/9tsu/css/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-791c"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0eOS9f3TqrzOSmrVavsLlP8gOOHckGZUY8VvOlziAHEmeEWNqo3z3tDtL8Vm%2BsdQknjrvbtZSGGOnd0Se0Y30GzXsepnLS9pbL7GoxJZ9xLt0lLDDMLg%2F3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6afb41c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6

188.114.96.1

200 OK

1.5 kB

URL GET HTTP/2
wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerLet's Encrypt
Subjectwordplaynevadax.shop
Fingerprint46:3D:EA:62:A2:18:D9:46:EA:7F:6C:F9:E1:0F:FD:BE:8B:0D:19:79
ValiditySun, 17 Dec 2023 14:20:22 GMT - Sat, 16 Mar 2024 14:20:21 GMT

File type
HTML document, ASCII text, with very long lines (1547), with no line terminators
Size
1.5 kB (1486 bytes)
Hash
347dd8d9cf754ea2d85cf0019997db4b
802e9a00e44a8e2d06dfccd5d7208d48901f61b3
553ae5e35520eddad50cf212235265b183cd58cb19d78f31b8d616ba423b1982

HTTP Headers

GET /public/index.html?id=65994d7132a92ec9fe4412f6 HTTP/1.1
Host: wordplaynevadax.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jan 2024 13:30:26 GMT
content-type: text/html
last-modified: Mon, 11 Dec 2023 07:35:01 GMT
expires: Sat, 06 Jan 2024 13:30:27 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91WpVCekFXdXZ4UvoGWMS1FnGNzWzX2%2F8X%2Fvvba9yTw7kSFo8QW5L9ypfEdPBTfuYEqBYAxSbD5gMrHhjCI9EXc3oo3eQainSXt7uSCxPA3L44dTZ9cewWKS4KZr0pn6vqzxZfFsFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 841450cb3ee856c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

9tsu.cc/wp-content/plugins/cactus-rating/js/jquery.raty-fa.js

104.21.54.188

200 OK

14 kB

URL GET HTTP/3
9tsu.cc/wp-content/plugins/cactus-rating/js/jquery.raty-fa.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with CRLF line terminators
Size
14 kB (14019 bytes)
Hash
4e6580deb08076ae1749af1f31b64c6c
80d23c5979eb629ae5f24a5def9633af8c7fd7d1
90a3a1938a084374d21e8567ca7ecf28ccf08a384fbbda10f8c3bb7f06067803

HTTP Headers

GET /wp-content/plugins/cactus-rating/js/jquery.raty-fa.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-36c3"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fk5uXeGBQFYyavG3r37FErUQHsTNSteTgPYDAYJQ6f7W1r90fdNkHAkZDLNS7RoSPZ12pm6mphRbnBoB8%2BcKMT0TvxdCWh1LvDyJDVoJ%2B7tRPnA%2FD%2F54fPYW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6efe61c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/themes/9tsu/js/bootstrap-lib.js

104.21.54.188

200 OK

18 kB

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/js/bootstrap-lib.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with CRLF line terminators
Size
18 kB (17631 bytes)
Hash
56cb110e4544d9a91ded126098f2598b
240276b09f4b5e7bb7d5ec01f3ac319e6e5a7be2
96fa4669e2c2be3d615a18f48335f579a36aae2cd9ec74376d25819031e0e70e

HTTP Headers

GET /wp-content/themes/9tsu/js/bootstrap-lib.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-44df"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06pHYFqD2KZ0twLfh%2BihgzgGd11hV3AfTu%2Bdu5S728yCF%2Fed1BkCIX9F7%2BMTk4dLB33Q4Djbi03CqaMpx1CvHcOQzta0hxGVymZylGbMI9MOlrTReceREScC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6efe81c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/themes/9tsu/inc/megamenu/js/mashmenu.js

104.21.54.188

200 OK

1.5 kB

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/inc/megamenu/js/mashmenu.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (1709), with no line terminators
Size
1.5 kB (1454 bytes)
Hash
82feb917b41ce2fecb23228ec5dc2724
afc1131acb1dbb94180695bf947bb0814e0d3565
3b525d54d01a84b0382c56b6f39b3edb8631aa4e4f36083e55715a0cbd137dc4

HTTP Headers

GET /wp-content/themes/9tsu/inc/megamenu/js/mashmenu.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-5ae"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lzMUY7rg99H9T92ARcpI9NL0V4fjRJxZnLELvld5BGKo7LlFdIvSs9LL1iO4UGR5vhSpb1FX12LffCtUyg7rx9FKSdo6akSWTDGm9KZTvzK0Sq1czs5gMsf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6efe71c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/plugins/cactus-video/js/custom.js

104.21.54.188

200 OK

43 kB

URL GET HTTP/3
9tsu.cc/wp-content/plugins/cactus-video/js/custom.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with CRLF line terminators
Size
43 kB (43448 bytes)
Hash
4518925e2de2c2d71ab1dbbb0c436d22
73468ddc4c5fc6d9d72f7113054733a7636a9e09
d973ae2fe868573d80f4313f3debb575c80885ed6e969be974fe85606b9c8809

HTTP Headers

GET /wp-content/plugins/cactus-video/js/custom.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-a9b8"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bbzuyyc%2BoZ7CgKTby8WVrAerPQFIY5lJkfdnsHtJlUOAkV3V638wKWBrUhp3eWiGCgUgVQ65FGDrrx7822G%2FmgUsdser30fH0RFdH%2FXg5M5Rk77nMSJ8PYNS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6eff01c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/themes/9tsu/css/slick.css

104.21.54.188

200 OK

1.2 kB

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/css/slick.css
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (1249), with no line terminators
Size
1.2 kB (1249 bytes)
Hash
a99832be9a0b26dd120e71ce56ab98f5
3eb520c58e045ffe4811e0fa3f0bddeaeae4e901
5de565d97952e932b9b30eee2ac725abd876f166d73225d751e3047b53328721

HTTP Headers

GET /wp-content/themes/9tsu/css/slick.css HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-4e1"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZiV3%2Bhv3WC0frtAJeYE2BUnSosgIgIcnGQn6tp48lqKQryjPVaaO7aCT4A308dcmmP2eL1e%2Ff5eZCowOo1D2yC%2FAEsmfQifVmiZNFO82YKAeA3l4PKJp8bQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6afb51c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/themes/9tsu/style.css

104.21.54.188

200 OK

286 kB

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/style.css
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (1793)
Size
286 kB (285902 bytes)
Hash
52d0a0f407819ea3b8011655f74f0d14
c19f2cb8877ffb9af765c087bcf5bd3b9abf0cb0
d6c2d421491f21f60af29fe47862d493e5e88d89bdef04d2adc430fc8e472576

HTTP Headers

GET /wp-content/themes/9tsu/style.css HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-45cce"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPKoHYAzccMGRdVNJcLaszpTDP1t3ZPf3jezGkAnQeVziPvSXopuruokOa2sBjREeKy53%2BC6mLIVJHelsBmV5h3iVyi6l1TrMDPM96UkJQONvnckr9fKt1T5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6afba1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/themes/9tsu/css/membership.css

104.21.54.188

200 OK

15 kB

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/css/membership.css
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (329), with CRLF line terminators
Size
15 kB (15430 bytes)
Hash
152b57375e2e71ca2de72f831c7e718b
2eb988da072267c617325311943d52134dc455c3
9d608721c68864e0db79077b50bd2ed5f629cfee1c4fb8b01e165056d7f41b16

HTTP Headers

GET /wp-content/themes/9tsu/css/membership.css HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-3c46"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0a5u9WkFxgPI8LNEBgcKqEOiv0bISD9OFvnkxgtsshiMZnGvgA6IE7I207rlzf6DGw8GRQO%2BlR1FQi1YysplL2y6wAQ766vTE9uCGSw9DgmFG3syWoIkBMuG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6afbb1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/plugins/cactus-video/js/lazysizes.min.js

104.21.54.188

200 OK

6.4 kB

URL GET HTTP/3
9tsu.cc/wp-content/plugins/cactus-video/js/lazysizes.min.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (6584), with no line terminators
Size
6.4 kB (6422 bytes)
Hash
3fde759935654e863a2d6edb2e04a4f3
ea499effd044ae0bf650cde74e5c2894189db1e8
43c0167f9d4dc28747f5c9eb07f4984f377a3dbbc6f15e6ee444c0c33b249e9f

HTTP Headers

GET /wp-content/plugins/cactus-video/js/lazysizes.min.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-1916"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7pZDZVC7VXMQmzKYOurDDwpgj3R01T2DkdEg6k9v%2B7q10oZMdMwxzaIJlzPjJrfDHA%2FKKrwLvFvhJGqusD%2BTHDRvHj7Nti3fYIAv56X4tRHwKd7Dkc34Jz2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6eff31c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-185957318-1&l=dataLayer&cx=c

142.250.74.168

200 OK

134 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-185957318-1&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (2213)
Size
134 kB (134336 bytes)
Hash
6237314854f80f78ff999a7aacdddc46
3159e5b16e08cc419c71c536be05980fdb60067f
abe4b50a9bb2baed46933d7c75e13590f3b7a29a5244c2ae4c48056c168e8e82

HTTP Headers

GET /gtag/js?id=UA-185957318-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 06 Jan 2024 13:30:26 GMT
expires: Sat, 06 Jan 2024 13:30:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51193
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

wordplaynevadax.shop/player/65994d7132a92ec9fe4412f6/playlist.m3u8?v=9

188.114.96.1

200 OK

102 kB

URL GET HTTP/3
wordplaynevadax.shop/player/65994d7132a92ec9fe4412f6/playlist.m3u8?v=9
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6
Certificate
IssuerLet's Encrypt
Subjectwordplaynevadax.shop
Fingerprint46:3D:EA:62:A2:18:D9:46:EA:7F:6C:F9:E1:0F:FD:BE:8B:0D:19:79
ValiditySun, 17 Dec 2023 14:20:22 GMT - Sat, 16 Mar 2024 14:20:21 GMT

File type
M3U playlist, ASCII text
Size
102 kB (101727 bytes)
Hash
f347550725c238e1f5abbcbe8c6a34b7
7edcfb14c408a8f3431c0a50f94c2e9dfe9cee35
31f05f0e2d7af6ee0f41429696f0f5811d72390fcaa6957d306b26f030c34488

HTTP Headers

GET /player/65994d7132a92ec9fe4412f6/playlist.m3u8?v=9 HTTP/1.1
Host: wordplaynevadax.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:27 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
content-disposition: attachment; filename=video.65994d7132a92ec9fe4412f6
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tX43JhpzpC6ZMesguO8EgktiJWCz4Hg36jvlrkFsffsbb6oqDkmPJFaLiiM%2BrsPclegl2Qj4pKrS0Ce%2FBDk8%2FSjE0avBcRwHDPcQ3hUIRkdhQuEYaMcg4u4JACZWBF4o9NnYJWb9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 841450d16891569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

wordplaynevadax.shop/public/css/styles.css

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
wordplaynevadax.shop/public/css/styles.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6
Certificate
IssuerLet's Encrypt
Subjectwordplaynevadax.shop
Fingerprint46:3D:EA:62:A2:18:D9:46:EA:7F:6C:F9:E1:0F:FD:BE:8B:0D:19:79
ValiditySun, 17 Dec 2023 14:20:22 GMT - Sat, 16 Mar 2024 14:20:21 GMT

File type
ASCII text, with very long lines (1055), with no line terminators
Size
1.0 kB (1011 bytes)
Hash
b7a4e10b13c9082c7acdc1ca0218df05
8412e148f1ba712a47fd907eed23fc678a9980c7
ea48dfccb940f440d38fb75c0db1d062cc4915374daeea9248c2590be198cf06

HTTP Headers

GET /public/css/styles.css HTTP/1.1
Host: wordplaynevadax.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:26 GMT
content-type: text/css
last-modified: Mon, 27 Sep 2021 10:07:28 GMT
etag: W/"615197e0-3f3"
expires: Sat, 06 Jan 2024 13:30:27 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soiKaw0LrCJFiKjhZZSqwX8Yc5NbBTwYQb%2F3oqmydAAWf09H0RbksIPsSEiQfI3CQ2FzwZOwMlp6sIE%2BAI2p3qLz2%2FYyKeOBL%2BTj48kBv5Y1m6UdiKizDXiXwxINGi61wqZo2LQupQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 841450ccefe9569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-includes/js/comment-reply.min.js

104.21.54.188

200 OK

2.2 kB

URL GET HTTP/3
9tsu.cc/wp-includes/js/comment-reply.min.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (2290), with no line terminators
Size
2.2 kB (2234 bytes)
Hash
ced63740386cefb4b61547fe41282e5c
a64c9c62309e7f315f6b4b6dfee7269fe7d5206a
481c9ab9a34e839cb04cd76d71fe336342ba046781722c8cd78f978182b09eb6

HTTP Headers

GET /wp-includes/js/comment-reply.min.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-8ba"
expires: Mon, 05 Feb 2024 13:10:13 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUbXh%2Bnis02pMf1BMeawlLbyxz9tLk8rYg%2FYAW7i5X1kd0rnFFsY4HPk%2BIfsX96bIDo3WqFYgDIXYL2y33tdDstiCMh1em4doXEY7%2FpqMWd3EjcmAO1OAHHe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6efee1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

kingdomfreemarathon123.best/cdn01/hls/65994d7132a92ec9fe4412f6/7492933fc80e3a3469ce592303348e30.html

104.21.48.153

200 OK

1.4 MB

URL GET HTTP/2
kingdomfreemarathon123.best/cdn01/hls/65994d7132a92ec9fe4412f6/7492933fc80e3a3469ce592303348e30.html
IP
104.21.48.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6
Certificate
IssuerGoogle Trust Services LLC
Subjectkingdomfreemarathon123.best
Fingerprint38:7C:33:C3:D3:B1:5E:94:B7:FB:9F:72:F8:64:05:3D:D9:41:F0:07
ValidityMon, 11 Dec 2023 03:21:17 GMT - Sun, 10 Mar 2024 03:21:16 GMT

File type

Size
1.4 MB (1410337 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn01/hls/65994d7132a92ec9fe4412f6/7492933fc80e3a3469ce592303348e30.html HTTP/1.1
Host: kingdomfreemarathon123.best
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wordplaynevadax.shop
DNT: 1
Connection: keep-alive
Referer: https://wordplaynevadax.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jan 2024 13:30:27 GMT
content-type: application/octet-stream
vary: Accept-Encoding
last-modified: Sat, 06 Jan 2024 12:55:42 GMT
etag: W/"65994dce-158521"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAQeCDFJEmlmhD%2BEx9uo4oZl3g00qjD%2BptIeW3Nod2aZs9EzJHWP7o1ZuBh7hCN%2F5lKR%2Fepqt1aFkah9Z4qV%2FE226irb3mmxIsTYzQGPP3eF9ir4r%2BW8unBOWz0b66kUxtUd57PxAGtqvEDk1Ek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450d3a9065699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

kingdomfreerun23.best/cdn01/hls/65994d7132a92ec9fe4412f6/02171029e5854fffec68857516d8911f.html

104.21.56.6

200 OK

894 kB

URL GET HTTP/2
kingdomfreerun23.best/cdn01/hls/65994d7132a92ec9fe4412f6/02171029e5854fffec68857516d8911f.html
IP
104.21.56.6:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6
Certificate
IssuerGoogle Trust Services LLC
Subjectkingdomfreerun23.best
Fingerprint24:06:A0:4C:78:3F:B8:33:DD:17:6B:BE:65:9D:BA:73:73:8C:70:A8
ValidityMon, 11 Dec 2023 03:37:00 GMT - Sun, 10 Mar 2024 03:36:59 GMT

File type
PNG image data, 16 x 13, 8-bit/color RGBA, non-interlaced
Size
894 kB (893525 bytes)
Hash
80f539a2f4d30f602b51c3b658c8f137
abd458bc05d9a8f58c19e17c652ac0e71cc0f8dc
b16553bdb4441cea3be6f35e2e265545c43daa01a3c06ddf55f74ca219b11759

HTTP Headers

GET /cdn01/hls/65994d7132a92ec9fe4412f6/02171029e5854fffec68857516d8911f.html HTTP/1.1
Host: kingdomfreerun23.best
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wordplaynevadax.shop
DNT: 1
Connection: keep-alive
Referer: https://wordplaynevadax.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jan 2024 13:30:28 GMT
content-type: application/octet-stream
vary: Accept-Encoding
last-modified: Sat, 06 Jan 2024 12:55:42 GMT
etag: W/"65994dce-da255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KY51fkH0Rt3uSxSSE9%2BeAlU%2Ft7x2yLrfW07dJKm9M0Sh%2FYojn%2BRSZ%2BD7rRJQtPPBcGJesDIXCgWdo9GgxT7p1Oa2X3w3cMeyDvjxPw71iENTRBStIADHlfTO6bwRx9BtWnhqyLqWKIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450d6bd6356b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

9tsu.cc/wp-content/themes/9tsu/js/js.cookie.js

104.21.54.188

200 OK

3.7 kB

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/js/js.cookie.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (4400), with no line terminators
Size
3.7 kB (3677 bytes)
Hash
4196f1d21dfc792a55b9ce8545d8edd5
a331d003d3261f6441e09c47aede38811a0f7dba
165a99cf9934fb17b41604f5a97b015aff7ae344e4afa13fef2158b59feeef5b

HTTP Headers

GET /wp-content/themes/9tsu/js/js.cookie.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-e5d"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vtU1FVAT4jX23o60GXTydms4iBq%2F88Z%2F9PQ3mXQzeW2qAoZ9FcaWoJJC%2B141ThKh8Ha7lVMwF8YdKrtFXuG3PKsJ3cOkNKKC1kyI3hgj3phAjkt05ppwZ91"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6efec1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/plugins/cactus-rating/js/main.js

104.21.54.188

200 OK

9.3 kB

URL GET HTTP/3
9tsu.cc/wp-content/plugins/cactus-rating/js/main.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (9894), with no line terminators
Size
9.3 kB (9332 bytes)
Hash
16425e7613be87e412ffc66bf59e580b
45ca91b2c14fcd4011e179019b0b5d525654374d
b66e8279d07105f4568b96461c96427e19392bb535b8752c918238732b63d94d

HTTP Headers

GET /wp-content/plugins/cactus-rating/js/main.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-2474"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1mjtt151T9EBsC1srEls8oJltEjx%2B9wjNX0vDV6Pi690CoU8DqapNFR37MohA6eZWasjmYMDVM%2F0LHHyOfDi1HIqTOUBdkuej7YxfXTKaC2LwxMBNFAQqq9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6efe31c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/plugins/cactus-video/css/main.css

104.21.54.188

200 OK

16 kB

URL GET HTTP/3
9tsu.cc/wp-content/plugins/cactus-video/css/main.css
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (331), with CRLF line terminators
Size
16 kB (15685 bytes)
Hash
2136efa46864adb611f139db80b7eeef
dc32c7c0325ad660126b3c2f1db67032ea96f18f
85662100c5747703c261437e7868e1508377d56da47315203e6e6facf71235fd

HTTP Headers

GET /wp-content/plugins/cactus-video/css/main.css HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-3d45"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBuiSGu6bypXTjBUSb8SKM%2Fc%2BAS%2F2qVKw0gEjoLBKi2q%2F47%2FXb7JBEZ0jPOy9TpYpRPNU13RwgruH%2FfxOiI61MqHUHdmMORtbmq9jMl76%2Fpb%2BAgNnbLt%2FSS7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6afbc1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/sekaju240106

104.21.54.188

200 OK

91 kB

URL User Request GET HTTP/2
9tsu.cc/sekaju240106
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type

Size
91 kB (90575 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sekaju240106 HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-pingback: https://9tsu.cc/xmlrpc.php
link: <https://9tsu.cc/wp-json/>; rel="https://api.w.org/", <https://9tsu.cc/?p=207321>; rel=shortlink
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
last-modified: Sat, 06 Jan 2024 13:30:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hx9UlA1ASlfLOyNHMUfE0AYiBvnjTzRR9IWtB2AilZ4WhSUOP7rehp0iNwAkAs%2FJgk%2FCV0dJib%2Bh2GXNCYZcoYUGsehDfMnCCESEuqkA4W1HnFIFa8fYMaJg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c2de4f56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

9tsu.cc/wp-includes/js/jquery/jquery-migrate.min.js

104.21.54.188

200 OK

10 kB

URL GET HTTP/3
9tsu.cc/wp-includes/js/jquery/jquery-migrate.min.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (9959)
Size
10 kB (10056 bytes)
Hash
7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-2748"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrPJUF06wNPd8QDYTeBBO%2FlVanPjwPaXSCWO1bS4VIrT4EEdpcjhGFZP9EV1uVYH%2Ff%2FHqoOzbPYrCCn9GEYNM7zLXRbAtohUAF4ButSVdPeKz8%2BWC%2FGxIQh1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6bfc51c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/themes/9tsu/js/ajax.js

104.21.54.188

200 OK

3.3 kB

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/js/ajax.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (4065), with no line terminators
Size
3.3 kB (3264 bytes)
Hash
2a430307b174b042ec960d9d2c8cf6ae
a714bf58230ce3c49284fd47f32465ac9b050eaf
e81534fc0ff6df55347791a9bb6882aa8cd4638b150ff4828a876f890ee4f89b

HTTP Headers

GET /wp-content/themes/9tsu/js/ajax.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-cc0"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKMLLvYOk7ucl9WMSgccSBvGL%2FLDr19hlAuXhwpMM%2F%2FcCpPjD4wTN7CSYR%2F7TGosWNXWOT6zVqNyKLs05CUG%2FmHrqqrZPzWwR5I6ntrtdwmPqFujaZnCRs5Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6bfc61c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_1?le=scs

216.58.207.206

200 OK

100 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_1?le=scs
IP
216.58.207.206:443
ASN
#15169 GOOGLE

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT

File type
ASCII text, with very long lines (1586)
Size
100 kB (99711 bytes)
Hash
eb090adba99a3ef5ddd7391d67e0a0e7
659239fc3af1f2e79c809bca0959fb894ebd8341
30f3855dafef7d28d65e1969f2d8c7c651b92f590fb2946f80c818064742745b

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 34350
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 01 Jan 2024 13:08:35 GMT
expires: Tue, 31 Dec 2024 13:08:35 GMT
cache-control: public, max-age=31536000
age: 433312
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

9tsu.cc/wp-content/plugins/cactus-rating/css/animate.min.css

104.21.54.188

200 OK

56 kB

URL GET HTTP/3
9tsu.cc/wp-content/plugins/cactus-rating/css/animate.min.css
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (54696), with CRLF line terminators
Size
56 kB (55855 bytes)
Hash
f880233b33d999973da8815110ef1a6b
51f2c3849a3962f6a5272965250b2ecc6334b7b7
72c105caa06c21134f40520c934ab86261d6965840d36e8862fb19e68725f238

HTTP Headers

GET /wp-content/plugins/cactus-rating/css/animate.min.css HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-da2f"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jbpdon2K6hFTWb%2F9q%2BiiJj11i92o46zKXuYaZiCzH3S882CkS3IurPxI%2BvVJVI9lj375pHCaQANkCbQOZvHsmp3jYdgex1CsDAD4LqVBUF05Os3lFWaIRh6F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6afb11c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/plugins/cactus-video/js/lightbox/lightbox.css

104.21.54.188

200 OK

5.9 kB

URL GET HTTP/3
9tsu.cc/wp-content/plugins/cactus-video/js/lightbox/lightbox.css
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (6628), with no line terminators
Size
5.9 kB (5874 bytes)
Hash
c024bb5da2990c3fa8141b42231a91fd
4416e29c229befcc3b8dd43ac65f23f584483cec
96bea870a814250943d9106996774b68e8e340049a77512f392bfc2cafbb6e0f

HTTP Headers

GET /wp-content/plugins/cactus-video/js/lightbox/lightbox.css HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-16f2"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1OvGZ1nXmVebRyDVG%2FgNXXdex%2BzrsofeeyFZF3aKbvktO7ZKwuS3mllv6MaW8x0bLV17Gm4rxi0BjS%2BvAGTq%2BG3DfhLeSmOq6Kes%2BxgJ7W%2BUJAEd%2FzHK8QD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6afbd1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-content/themes/9tsu/js/slick.min.js

104.21.54.188

200 OK

42 kB

URL GET HTTP/3
9tsu.cc/wp-content/themes/9tsu/js/slick.min.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (32088), with CRLF line terminators
Size
42 kB (42375 bytes)
Hash
b876684aae948feb61d2d98d16ebf572
19307499d3506bba43def189c44a469990cb9945
91f8f119b1fae505cda049543b9aa0f4e492cf4e11127c66d489ddd7040f28bc

HTTP Headers

GET /wp-content/themes/9tsu/js/slick.min.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-a587"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9vVvIWcmhoSNnVQqIqZ4gxkXLGSsYFTsQGbRz9AqPDCm8oYeGAjAB4FQ7%2BSevY%2BLBgpfdQt66DkBq3hbxLB3tVP%2Bf4mTAWd0Jzl1By1CIXpcmSCfSja%2BF2S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6efe91c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

wordplaynevadax.shop/public/js/player.js?v=1009

188.114.96.1

200 OK

2.9 kB

URL GET HTTP/3
wordplaynevadax.shop/public/js/player.js?v=1009
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6
Certificate
IssuerLet's Encrypt
Subjectwordplaynevadax.shop
Fingerprint46:3D:EA:62:A2:18:D9:46:EA:7F:6C:F9:E1:0F:FD:BE:8B:0D:19:79
ValiditySun, 17 Dec 2023 14:20:22 GMT - Sat, 16 Mar 2024 14:20:21 GMT

File type
Unicode text, UTF-8 text, with very long lines (3053), with no line terminators
Size
2.9 kB (2908 bytes)
Hash
8421acd32ceb955577c4605191193e02
04f4ba3b5a19f4df310ac009b55b3d19c4aaf1a7
b6f5f83abd8a99bffcfebdae306899dce5b05de77cb037e4070ece88925b97b6

HTTP Headers

GET /public/js/player.js?v=1009 HTTP/1.1
Host: wordplaynevadax.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wordplaynevadax.shop/public/index.html?id=65994d7132a92ec9fe4412f6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:26 GMT
content-type: application/javascript
last-modified: Mon, 11 Dec 2023 07:34:41 GMT
etag: W/"6576bb91-b5c"
expires: Sat, 06 Jan 2024 13:30:27 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnAoDRD8JV8YlHkHr31vfFrJxOy0UE9R28wT%2B3FOna2grxY79I2fJVzu8JpGY2p%2B9bklMgEWl7w47cEXjmZiXVq1h2ghKypAf2ajG4g42KQD6bzKXvJUZazoGMVfydRyDNX5Xx5PDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 841450cceff1569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2F9tsu.cc&url=https%3A%2F%2F9tsu.cc%2Fsekaju240106&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__

216.58.207.206

301 Moved Permanently

0 B

URL GET HTTP/2
apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2F9tsu.cc&url=https%3A%2F%2F9tsu.cc%2Fsekaju240106&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
IP
216.58.207.206:443
ASN
#15169 GOOGLE

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
FingerprintBF:09:8A:B9:E4:51:77:53:17:7A:E6:3F:41:6D:27:35:7B:DD:F5:3D
ValidityMon, 20 Nov 2023 08:09:55 GMT - Mon, 12 Feb 2024 08:09:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2F9tsu.cc&url=https%3A%2F%2F9tsu.cc%2Fsekaju240106&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 06 Jan 2024 13:30:26 GMT
expires: Sat, 06 Jan 2024 14:00:26 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

9tsu.cc/wp-includes/css/dist/block-library/style.min.css

104.21.54.188

200 OK

29 kB

URL GET HTTP/3
9tsu.cc/wp-includes/css/dist/block-library/style.min.css
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (29295), with no line terminators
Size
29 kB (29295 bytes)
Hash
375bd65d60ff3c8723fccc343afb1b9b
b06ba18a307bdf4821dded9ebffd2489f7b01d6a
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-726f"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrIHtpuIbDQguHEjn2ra7qctBS4uUMTEN345SMBHXbSD4Zg%2Fvrs0%2FvbrJNBAMNSjGDuTSGvetQx0yXAyeqD8fs5l84ZM8%2BBsHwWgVlBOZBhjsWNLWIdtQu5Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6afad1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

9tsu.cc/wp-includes/js/jquery/jquery.js

104.21.54.188

200 OK

97 kB

URL GET HTTP/3
9tsu.cc/wp-includes/js/jquery/jquery.js
IP
104.21.54.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://9tsu.cc/sekaju240106
Certificate
IssuerGoogle Trust Services LLC
Subject9tsu.cc
Fingerprint94:9A:B4:A6:4C:1A:C0:DB:C7:6E:3E:A9:C1:60:11:76:A9:4A:28:7B
ValiditySat, 25 Nov 2023 02:49:50 GMT - Fri, 23 Feb 2024 02:49:49 GMT

File type
ASCII text, with very long lines (31997)
Size
97 kB (96873 bytes)
Hash
49edccea2e7ba985cadc9ba0531cbed1
f8747f8ee704d9af31d0950015e01d3f9635b070
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

HTTP Headers

GET /wp-includes/js/jquery/jquery.js HTTP/1.1
Host: 9tsu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9tsu.cc/sekaju240106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jan 2024 13:30:25 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 04:28:28 GMT
vary: Accept-Encoding
etag: W/"6108c5ec-17a69"
expires: Mon, 05 Feb 2024 13:30:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IX9LMB1Brwrf%2BX0F1QAtwj5hlDJO%2FBU2eZSHbBi7nsUX8i05hHtzK7nU9Y2oSOZYTb7%2B%2FXTvz%2BkTpAkKiGRM4e4wJ6eUFG5E2NkaSk%2FMkbL%2FWnvS1BjI4REZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 841450c6afbe1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (53)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by