| oopzeed.com/images/education-online-books.png |  172.67.138.12 | | 310 kB |
URL oopzeed.com/images/education-online-books.png IP172.67.138.12:0
File typePNG image data, 725 x 905, 8-bit/color RGBA, non-interlaced\012- data Size310 kB (310455 bytes) Hasheffbcadb714b24e2cabb8d64097c8dcc 239e471a633629d027c050e19b441a6ce9fa77b4 3752073371d57443834b6693c146073d90c52015eff88f241fe2e1df21b8b203
GET /images/education-online-books.png HTTP/1.1
Host: oopzeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oopzeed.com/vumingo_ete_player_download_crack.zip?c=AM9taGX8RQUAnlkCAFNHFwASAAAAAADU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 11:11:59 GMT
content-type: image/png
content-length: 310455
last-modified: Thu, 29 Dec 2022 07:38:01 GMT
etag: "4bcb7-5f0f29085e840"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6867
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rheVitboT88SJEs%2FKvhUYG%2B1SL7TkIfDgpRnKCqUgQ7buFWwZyvI1AKrXRLbrX%2F9p5oo6LagnB2%2FPfA6cnR1BYTn%2FHt4NuKwXO6pJp0fqMPxt7uvWbmHg1QpZJCSHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e2a71bafce1bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oopzeed.com/images/avatar/portrait-beautiful-young-woman-standing-grey-wall.jpg | 172.67.138.12 | | 24 kB |
URL oopzeed.com/images/avatar/portrait-beautiful-young-woman-standing-grey-wall.jpg IP172.67.138.12:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=667, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1000], progressive, precision 8, 500x334, components 3\012- data Hash2b00b22d0fc9400405e0a93d2c32581d 9ccb0bcdab3c25027740217df2a64ee2dc18ec93 1b5d07b73321be8f54ea2281e6f6520f4d730df706676895c99d7e988cb96ffc
GET /images/avatar/portrait-beautiful-young-woman-standing-grey-wall.jpg HTTP/1.1
Host: oopzeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oopzeed.com/vumingo_ete_player_download_crack.zip?c=AM9taGX8RQUAnlkCAFNHFwASAAAAAADU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 11:11:59 GMT
content-type: image/jpeg
content-length: 24232
last-modified: Tue, 15 Mar 2022 07:33:50 GMT
etag: "5ea8-5da3cd16c9380"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6867
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDXPr%2BRAYRDJtmJplpKGGYR%2BskbcYqf05w3y6Pvjvfo4Blka5rhJ3DAXohFDBLKFgiVY5Nas9FRsOBe2u%2FxVbr3ipnwCuhwt1E1CCg35cDeH1ERHk4BRBWhjlnRgcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e2a71bafd11bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oopzeed.com/images/avatar/portrait-young-redhead-bearded-male.jpg | 172.67.138.12 | | 26 kB |
URL oopzeed.com/images/avatar/portrait-young-redhead-bearded-male.jpg IP172.67.138.12:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=667, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1000], progressive, precision 8, 500x334, components 3\012- data Hash71e947fcdeaa5cf2a2a5dfb28e4921ec cfa6b029f4437f5687bcd64227597584c47b7ab7 c3df7f5fc1f27d7f400fb7ec2fce0b202d0101c56f8251a3de2c9d3b580d0122
GET /images/avatar/portrait-young-redhead-bearded-male.jpg HTTP/1.1
Host: oopzeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oopzeed.com/vumingo_ete_player_download_crack.zip?c=AM9taGX8RQUAnlkCAFNHFwASAAAAAADU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 11:11:59 GMT
content-type: image/jpeg
content-length: 25921
last-modified: Tue, 15 Mar 2022 10:21:33 GMT
etag: "6541-5da3f2939c540"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6867
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klGZJyUi2N3wdjdilTD%2FZeewebqxfW2fPS%2Bbh7qmksUuhnzezix19qt5Dk2H0PrCyzG6gMBg8yKDmnjoZybdUvHVpLfVdoCSzOVklvOX5Hr2oaxcDqOnOWubwNGARA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e2a71bafd81bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oopzeed.com/images/avatar/pretty-blonde-woman.jpg | 172.67.138.12 | | 30 kB |
URL oopzeed.com/images/avatar/pretty-blonde-woman.jpg IP172.67.138.12:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=667, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1000], progressive, precision 8, 500x334, components 3\012- data Hash83251e8a0f137b34118d0eba449b5471 c8971e020d6ecc4fda7559ef7dfa1c64e7f36d62 b5c8cd944dd5dad57ce0672dfca04123aabd9e35b03052467610d34536518411
GET /images/avatar/pretty-blonde-woman.jpg HTTP/1.1
Host: oopzeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oopzeed.com/vumingo_ete_player_download_crack.zip?c=AM9taGX8RQUAnlkCAFNHFwASAAAAAADU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 11:11:59 GMT
content-type: image/jpeg
content-length: 30052
last-modified: Mon, 14 Mar 2022 04:47:17 GMT
etag: "7564-5da265ff41f40"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6867
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dg5BhgHc4Bkk1jjDV6ThkHpUCZpjsrMGcKeMPeFA889hHqIcdC8XYkJLLQ5gOrxWI5NEK1RR%2FvPEMx6F7kMaP4RH0kgk7Kw5kByh1wDtGwwbrieSzXNmmnd%2BAzjLrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e2a71bafda1bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oopzeed.com/images/avatar/studio-portrait-emotional-happy-funny-smiling-boyfriend.jpg | 172.67.138.12 | | 26 kB |
URL oopzeed.com/images/avatar/studio-portrait-emotional-happy-funny-smiling-boyfriend.jpg IP172.67.138.12:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=667, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1000], progressive, precision 8, 500x334, components 3\012- data Hash2c1eba2ef33f5d5dff9e8dd2b04073ce cb767536742c4844448bb69aa3da8858c77dcf63 f253622fdd5a4f20f46b85f188de785b08302a62164f82721070535a4c9acf04
GET /images/avatar/studio-portrait-emotional-happy-funny-smiling-boyfriend.jpg HTTP/1.1
Host: oopzeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oopzeed.com/vumingo_ete_player_download_crack.zip?c=AM9taGX8RQUAnlkCAFNHFwASAAAAAADU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 11:11:59 GMT
content-type: image/jpeg
content-length: 26473
last-modified: Mon, 14 Mar 2022 04:47:35 GMT
etag: "6769-5da266106c7c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6867
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKRJEncHOn2tNJLupJfnoAdACLNIWQy30YhJmdQuYSjVvciVxSKI4WAxKiwzi%2BLOTq7KsC%2FSZHQ3uSLfP5cPkbocYJRwaR5lp9g5%2FaL%2FwGJuewLFC9tniIY3KxmDTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e2a71bafdb1bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oopzeed.com/images/tablet-screen-contents.jpg | 172.67.138.12 | | 220 kB |
URL oopzeed.com/images/tablet-screen-contents.jpg IP172.67.138.12:0
File typeJPEG image data, progressive, precision 8, 1836x1280, components 3\012- data Size220 kB (219556 bytes) Hash7cf6f9cbec501581b78c4c8e82f8b20d c9bbda23f7cd24eca42a77a6961745abdbdc6c73 d70adc38af1c7c886564b0c2de6eeccb8e3ada43b4e4c9ae365a9491ac8a54a1
GET /images/tablet-screen-contents.jpg HTTP/1.1
Host: oopzeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oopzeed.com/vumingo_ete_player_download_crack.zip?c=AM9taGX8RQUAnlkCAFNHFwASAAAAAADU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 11:11:59 GMT
content-type: image/jpeg
content-length: 219556
last-modified: Mon, 02 Jan 2023 03:08:26 GMT
etag: "359a4-5f13f43c87e80"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6867
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXSuT75YzydiA9RsKliLYItgtsCNYmMNNCEyhETXapI8Wb2YEYG%2FQ7sHrwFuUWdhAEWyJRaTT2hir6BqkRHf7%2FMgL11JSYvNMuywzIz5jVt0MOxX7yllITJRcRO6kA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e2a71bafdc1bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oopzeed.com/images/portrait-mature-smiling-authoress-sitting-desk.jpg | 172.67.138.12 | | 246 kB |
URL oopzeed.com/images/portrait-mature-smiling-authoress-sitting-desk.jpg IP172.67.138.12:0
File typeJPEG image data, progressive, precision 8, 1200x800, components 3\012- data Size246 kB (245913 bytes) Hashc2145d3454a8746683132d9e811983f1 8370e814fdff455fa198d7acb0842ef4f99e5911 0cb646bdf34b06c9bd365078812099e41aae0de5d75d71e6f822be0e76e64fa4
GET /images/portrait-mature-smiling-authoress-sitting-desk.jpg HTTP/1.1
Host: oopzeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oopzeed.com/vumingo_ete_player_download_crack.zip?c=AM9taGX8RQUAnlkCAFNHFwASAAAAAADU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 11:11:59 GMT
content-type: image/jpeg
content-length: 245913
last-modified: Mon, 02 Jan 2023 03:10:16 GMT
etag: "3c099-5f13f4a56f600"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6867
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqkV6ekh8Prp8irSZt0WBBZSr43NVQpP1Q5FCJfOeF06mRHQKPg%2FqPZZ3efRcsR9gffgvdyYZn7zbTtHIVK595IFOGgpPqNNlbAxyaTWzXTEyOq1lvty8yCB9uzNaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e2a71bafde1bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oopzeed.com/images/businessman-sitting-by-table-cafe.jpg | 172.67.138.12 | | 271 kB |
URL oopzeed.com/images/businessman-sitting-by-table-cafe.jpg IP172.67.138.12:0
File typeJPEG image data, progressive, precision 8, 1920x1280, components 3\012- data Size271 kB (271312 bytes) Hash51dc9f63ce344cc166d6f2ae3f9c998e 079bcd439c8959ab809d38a8d739fb04b6e83fcf 061f46b2950582a059e667f2123474063a59a4422aadfd25c84ff007a45b8b14
GET /images/businessman-sitting-by-table-cafe.jpg HTTP/1.1
Host: oopzeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oopzeed.com/vumingo_ete_player_download_crack.zip?c=AM9taGX8RQUAnlkCAFNHFwASAAAAAADU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 11:11:59 GMT
content-type: image/jpeg
content-length: 271312
last-modified: Mon, 02 Jan 2023 03:09:46 GMT
etag: "423d0-5f13f488d3280"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6867
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRDhkKCZeZU9Iy1CIrC70SNKCuiAmA0cXL1IDyG93Cwd5Iz65FzdCm2bDPESO2YQZdAMoawsdT8WoM9SZFC%2FWaSiFEL4N82HpJ77WoL2O%2F3fBgs0u7r%2FS2qYWW3gkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e2a71bbfe41bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oopzeed.com/js/custom.js | 172.67.138.12 | | 28 kB |
IP172.67.138.12:0
Hash2adc2e623f9407039c2dfe90a7c29ab6 fadfe06ac81af039d3d7d879690b13788e3120c7 45d3ebe30154c05721aa8648b4e090e076c01b2c9e3e9590af6d195784e726d4
GET /js/custom.js HTTP/1.1
Host: oopzeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oopzeed.com/vumingo_ete_player_download_crack.zip?c=AM9taGX8RQUAnlkCAFNHFwASAAAAAADU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 11:11:59 GMT
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 10:57:34 GMT
etag: W/"2bd-5f16e0d37a380"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6867
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYkSLChPAT4FSJkt1xNyVmbzr8H6j2OSEckQ620Cv09T6%2BN0P%2BWBKmkW9RSHnKHez1lzp7d5kSC5JBAbITQ0vJJXCMaddT2lIEMKnoxVBIUt%2BTsU0gdzTOh0OVhS2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e2a71bbff01bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| oopzeed.com/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf | 172.67.138.12 | | 112 kB |
URL oopzeed.com/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf IP172.67.138.12:0
File typeWeb Open Font Format (Version 2), TrueType, length 112440, version 1.0\012- data Size112 kB (112440 bytes) Hash31e1300d419245fd27614630601dc74d 3a284b0618771f29da8eb6be900e99439253dce0 c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764
GET /fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf HTTP/1.1
Host: oopzeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://oopzeed.com/css/bootstrap-icons.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 11:11:59 GMT
content-type: font/woff2
content-length: 112440
last-modified: Sat, 16 Jul 2022 23:30:40 GMT
etag: "1b738-5e3f485cec800"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqv2whM3%2FdeESozRFthAwkIlZNlxDaYsr5b2tx0OCQ2Elqs4Lr1DHhHKNpA%2FuQnUEozns4cxV%2FyFqf6jJu1Qd5ZdPfXTk9Y6LbwmDqfXuIU08TqpOYcgHNMuExTMQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e2a71dc9b41bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oopzeed.com/css/templatemo-ebook-landing.css | 172.67.138.12 | | 4.6 kB |
URL oopzeed.com/css/templatemo-ebook-landing.css IP172.67.138.12:0
File typeUnicode text, UTF-8 text, with very long lines (348), with CRLF line terminators Hash32e58598f66eb8e3a283314f8690e9e2 681e6d5ed8d69293dba27833c7bd0344bd6380f3 2540a5dde18a5f70241cc5845e742d90dc6d100b7605037a19df006cc7e3798f
GET /css/templatemo-ebook-landing.css HTTP/1.1
Host: oopzeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oopzeed.com/vumingo_ete_player_download_crack.zip?c=AM9taGX8RQUAnlkCAFNHFwASAAAAAADU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 11:11:59 GMT
content-type: text/css
last-modified: Wed, 29 Mar 2023 07:06:55 GMT
etag: W/"5705-5f8049f0f0138"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6867
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJYrr2WTTee0Exgno0Y%2BZmAfvPlz%2BU0p15Pv3P1PzysAGpJEfv7pFVbCejBt6Raf9BwzvgUYk1NFQsTdYMuyHmCo4GcQ%2FT%2BuGsvp6DgFIXNXlXLEmvq8gCIz9fdlsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e2a71bafcc1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/unbounded/v7/Yq6W-LOTXCb04q32xlpwu8ZfvRQkSJZH.woff2 | 216.58.207.227 | | 51 kB |
URL fonts.gstatic.com/s/unbounded/v7/Yq6W-LOTXCb04q32xlpwu8ZfvRQkSJZH.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 51260, version 1.0\012- data Hash74bf64b24d4a4b52dfa338d65eeaf6ee 4665e45f8f77481f978fba203ab13a7c2fa94444 9984b7beae79d0eb3f15475f9ec1e71063caff4019d5f6ee15ed56a6716c56ae
GET /s/unbounded/v7/Yq6W-LOTXCb04q32xlpwu8ZfvRQkSJZH.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oopzeed.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51260
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 01:28:50 GMT
expires: Fri, 29 Nov 2024 01:28:50 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 20:46:12 GMT
content-type: font/woff2
age: 34989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| oopzeed.com/js/jquery.sticky.js | 172.67.138.12 | | 53 kB |
URL oopzeed.com/js/jquery.sticky.js IP172.67.138.12:0
Hashb8746b98470305fb641e8a0b30d38c4d 495ab774710f8f9a1476f72c77aaf713c19da491 40223bede5475b91b43535458932df276f2750c236732faa669ba9faefd1d1f5
GET /js/jquery.sticky.js HTTP/1.1
Host: oopzeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oopzeed.com/vumingo_ete_player_download_crack.zip?c=AM9taGX8RQUAnlkCAFNHFwASAAAAAADU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 11:11:59 GMT
content-type: application/javascript
last-modified: Thu, 11 Aug 2022 07:36:54 GMT
etag: W/"1c85-5e5f23abf1180"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRd5EEVC1OUcwQFzJ6d1A%2F3dLgY6tgPxZTMDH22gAxWAUN0TNbn6b7XDi1OKr2PwTTSyq7iO%2FjgmCowby1rVi5dgJSCOj39wjmzspkvtxtGDtT1D5F%2FSGBx9eW8zGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e2a71bbfee1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/unbounded/v7/Yq6W-LOTXCb04q32xlpwu8ZfvRQkSJZH.woff2 | 216.58.207.227 | | 51 kB |
URL fonts.gstatic.com/s/unbounded/v7/Yq6W-LOTXCb04q32xlpwu8ZfvRQkSJZH.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 51260, version 1.0\012- data Hash74bf64b24d4a4b52dfa338d65eeaf6ee 4665e45f8f77481f978fba203ab13a7c2fa94444 9984b7beae79d0eb3f15475f9ec1e71063caff4019d5f6ee15ed56a6716c56ae
GET /s/unbounded/v7/Yq6W-LOTXCb04q32xlpwu8ZfvRQkSJZH.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oopzeed.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51260
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 01:28:50 GMT
expires: Fri, 29 Nov 2024 01:28:50 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 20:46:12 GMT
content-type: font/woff2
age: 34989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 3jashd11.monster/z2rFQ0ef07ae76d225cb15dc8ec2fe1ac9504dfb3bf06 |  188.72.236.39 | | 178 B |
URL 3jashd11.monster/z2rFQ0ef07ae76d225cb15dc8ec2fe1ac9504dfb3bf06 IP188.72.236.39:0
File typeHTML document, ASCII text Hash8dfe48322d7ba304ed5d2ee638576aab d7c05d8f94c71f9eb4dc330dc23847f22aa58358 8c755aa6f97868395bd4aa002d36e9ec9b6341ee4980ff8c20fb3f2a3c236335
GET /z2rFQ0ef07ae76d225cb15dc8ec2fe1ac9504dfb3bf06 HTTP/1.1
Host: 3jashd11.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oopzeed.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 30 Nov 2023 11:12:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 178
Connection: keep-alive
Accept-Ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
Location: https://ptbqre.com/great?h=waWQiOjExMzg3NTksInNpZCI6MTE3Nzc4MCwid2lkIjo0Nzk0NjYsInNyYyI6Mn0=eyJ&si1=347319&clickid=AABuaGW3TAUAZF4CAE5PFwAMAAAAAACe
|
|
| mdakky.com/rpe?a=1&s=1&act=18&src=2&p=1138759&st=1177780&wd=479466&d=ptbqre.com&tpl=32&rnd=0.16983282329903138&sbid=347319&sbid2= |  185.162.85.14 | | 0 B |
URL mdakky.com/rpe?a=1&s=1&act=18&src=2&p=1138759&st=1177780&wd=479466&d=ptbqre.com&tpl=32&rnd=0.16983282329903138&sbid=347319&sbid2= IP185.162.85.14:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /rpe?a=1&s=1&act=18&src=2&p=1138759&st=1177780&wd=479466&d=ptbqre.com&tpl=32&rnd=0.16983282329903138&sbid=347319&sbid2= HTTP/1.1
Host: mdakky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ptbqre.com
DNT: 1
Connection: keep-alive
Referer: https://ptbqre.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 30 Nov 2023 11:12:01 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ecrwqu.com/cuclc?aid=12329325209173968418&t=1701342721&s=877656 | 185.162.85.1 | | 411 B |
URL ecrwqu.com/cuclc?aid=12329325209173968418&t=1701342721&s=877656 IP185.162.85.1:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (411), with no line terminators Hashe9675469ec9293497f045ccd8ef7074d 37c02b42e493b9cff21a4bf67a068a98df157e59 da393cd83930c812a3f32274ad7938fbda1054c2523ce64c6b2fd79260ad3db8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cuclc?aid=12329325209173968418&t=1701342721&s=877656 HTTP/1.1
Host: ecrwqu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptbqre.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0
date: Thu, 30 Nov 2023 11:12:01 GMT
content-type: text/html; charset=utf-8
content-length: 411
location: https://track.wbdpnz.com/34cb433c-770b-4be0-a140-affedeca6aad?source_id=a479466&campaign_id=877656&country=NO&browser=Firefox&zone_id=a479466&creative_id={CREATIVE_ID}&format=pops&os=Windows&partner_id=1138759&sub_period={sub_period}&cost=0.0001&click_id=a2_12329325209173968418_479466_2_0
X-Firefox-Spdy: h2
|
|
| track.wbdpnz.com/34cb433c-770b-4be0-a140-affedeca6aad?source_id=a479466&campaign_id=877656&country=NO&browser=Firefox&zone_id=a479466&creative_id={CREATIVE_ID}&format=pops&os=Windows&partner_id=1138759&sub_period={sub_period}&cost=0.0001&click_id=a2_12329325209173968418_479466_2_0 |  18.158.88.249 | | 0 B |
URL track.wbdpnz.com/34cb433c-770b-4be0-a140-affedeca6aad?source_id=a479466&campaign_id=877656&country=NO&browser=Firefox&zone_id=a479466&creative_id={CREATIVE_ID}&format=pops&os=Windows&partner_id=1138759&sub_period={sub_period}&cost=0.0001&click_id=a2_12329325209173968418_479466_2_0 IP18.158.88.249:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /34cb433c-770b-4be0-a140-affedeca6aad?source_id=a479466&campaign_id=877656&country=NO&browser=Firefox&zone_id=a479466&creative_id={CREATIVE_ID}&format=pops&os=Windows&partner_id=1138759&sub_period={sub_period}&cost=0.0001&click_id=a2_12329325209173968418_479466_2_0 HTTP/1.1
Host: track.wbdpnz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ptbqre.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 30 Nov 2023 11:12:01 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://onekoh.com/video-14?h=waWQiOjExMjkwNTQsInNpZCI6MTE1MDY5MCwid2lkIjozNzg2MjksInNyYyI6Mn0=eyJ&click_id=wg34lke5ca92f3dtija93rf0&si1=a479466
pragma: no-cache
set-cookie: 34cb433c-770b-4be0-a140-affedeca6aad-v4=qhFyLA9RsjpOeasgU6f1Wm4VMxgNDMdylH8SE6JGz8Q; Max-Age=86400; Expires=Fri, 01-Dec-2023 11:12:01 GMT; Domain=track.wbdpnz.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=fsoy3TLQaKsrKm8wlWqFIJyGZ1QQ4RIRdjWQDLt8kt%2FJZPsSc7Dr53kxu2hOHD5EJpWScLMv9ANMzEvLLOB3%2FSB5oy3q9JNqQBnr4z%2F8F6AjtXqpOmGi97Hy9Qm%2BPjM77TQaeB9%2FL833M%2F9SxzLmFw%3D%3D; Max-Age=31536000; Expires=Fri, 29-Nov-2024 11:12:01 GMT; Domain=track.wbdpnz.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| mdakky.com/rpe?a=1&s=1&act=18&src=2&p=1129054&st=1150690&wd=378629&d=onekoh.com&tpl=63&rnd=0.48375590432729&sbid=a479466&sbid2= | 185.162.85.2 | | 0 B |
URL mdakky.com/rpe?a=1&s=1&act=18&src=2&p=1129054&st=1150690&wd=378629&d=onekoh.com&tpl=63&rnd=0.48375590432729&sbid=a479466&sbid2= IP185.162.85.2:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /rpe?a=1&s=1&act=18&src=2&p=1129054&st=1150690&wd=378629&d=onekoh.com&tpl=63&rnd=0.48375590432729&sbid=a479466&sbid2= HTTP/1.1
Host: mdakky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onekoh.com
DNT: 1
Connection: keep-alive
Referer: https://onekoh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 30 Nov 2023 11:12:02 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ecrwqu.com/cuclc?aid=5078146219417882604&t=1701342722&s=156 | 185.162.85.1 | | 1.3 kB |
URL ecrwqu.com/cuclc?aid=5078146219417882604&t=1701342722&s=156 IP185.162.85.1:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1325), with no line terminators Hash6ffb620db9decb4befec1ba03d37c6ab b8d1f77af7c1f76fa6c3dba9b5da4973ce1e0c65 4abcd535ce9b4dd03e7f6fb7c60deedfbf6c27e71b066d10c47144e523d0e913
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cuclc?aid=5078146219417882604&t=1701342722&s=156 HTTP/1.1
Host: ecrwqu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onekoh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Thu, 30 Nov 2023 11:12:02 GMT
content-type: text/html; charset=utf-8
content-length: 1325
location: https://twinrdsyn.com/Redirect.eng?MediaSegmentId=30077&dcid=3_ctx_5d311dbf-c21e-4028-b141-36ab7fe3f7ac&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=6aDFSK6P_fFXK68yJUvKY14im8XV56R6cxmgvt9aVZvw2kthCLXG9E2dhy52SWucooZ7pHa8mN-e1Ms_m4zeD1dkdrh8qZuR6pYAmuiTBSfnqcHyFhmD1jI3kY14NrWLLOkwpT8AGOGhAwd8bUCMIhUEbhf82VPAjEAAx9UUMVq377AEPATYyRvwuV-gs9fw4ayEbaRAwGjOBp-e7lOfX9Wg_9HxzUB8QbY7zP3ifiQP4g-Dcb-8J7qgEGOnaW8QHbVwXO3E6zZpfdOoDjifyZPvEClkBaNDP46v65cdhlGCN6BFZomDrdMYIcF8tyjkvpYLQxr9Y4fdaewEIza9US8735IGZafNWGJ26DsiL1DOeA8HDrf_pR3410Ck1_OJaEus9h8R2BU1xPc6cbLyiThKXOj3XmhvcCNIdWmPLxvQgIfz2b1QJPY9NjY3an-v91lPR42zP2_TXpfdfL3NEwRbHPURTaYDDQKIqmeTEeSgI8MkODqW64EeGRCsjeY5slILqoZA2Wfrovbe1LHMu76T-qwHQ6XpDQ2Ws0mWppydH7UcAkBH5A98E0sJZrsgJYdhCDVVCFYKk0QSNbiUsRaizawoKAk8Pw1cRM_QUaBljjmt3cNQxPvQvWvBM2SlFVdIE7Oi_LrxC4Dn7Ix413OxZC1YhCDQDi0_C8-ft_dYHOZUaI5WHgIvxuM7HhaMJpeT0J9GkRkEEQga6Gt84iPWsrWEVkCY1LjiIl-q7rtPlTQiZXJFJQHoX4mPftJUZuiMT4TLMf_oT4xvrKCstCPjkofd6W0TWvKgVqTDZvlH3QH8zqrqLfNEa8v7s6tiGudk9h0cCEN0Pv53qWR_KVH1sJMgZEk1JHqe9t5rfIaqhfPO0Yso9Vbk4qrXn9IWgEnpAYhjyK8p70u3De1vV2odqe3HtKoAZJN4hG5H_RUA39nY-uomtLYvBCjTxqiVPB355CQALqVtxtW9h8wILgiPXXtOuQdLfXEo5BvBPFU1&kw=&mw=1024&mh=768&xml=1
X-Firefox-Spdy: h2
|
|
| ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjExMjkwNTQsInNpZCI6MTE1MDY5MCwid2lkIjozNzg2Mjl9 | 185.162.85.14 | | 23 kB |
URL ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjExMjkwNTQsInNpZCI6MTE1MDY5MCwid2lkIjozNzg2Mjl9 IP185.162.85.14:0 ASN#39572 DataWeb Global Group B.V.
File typeJSON data\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (54753), with CRLF, LF line terminators Hash9378fcc4b7ef7295a374df9e399d0340 9023fe8aaad682f4779fd2e0668e1f3b864da668 c2ae8d29bad79a9e7fe20e6540347ef29bfe801c049244c30450f2c0f7df1672
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /phtbload?a=1&e=aeyJwaWQiOjExMjkwNTQsInNpZCI6MTE1MDY5MCwid2lkIjozNzg2Mjl9 HTTP/1.1
Host: ecrwqu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onekoh.com/
Origin: https://onekoh.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 30 Nov 2023 11:12:02 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Platform-Version
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| crmentjg.com/apple-touch-icon-180x180.png?v=1 |  93.93.51.223 | | 2.2 kB |
URL crmentjg.com/apple-touch-icon-180x180.png?v=1 IP93.93.51.223:0 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data Hash1d005c971e4708075244620366756c6f 5fc0f0b59a47a9656bc5011e0f17fb4eb8090936 3f560e1ccedb12654b628e0b3138c7e8ee8fb2437e76670b1fc68947095533d2
GET /apple-touch-icon-180x180.png?v=1 HTTP/1.1
Host: crmentjg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmentjg.com/pu/?psid=ed_dprmntdtt1&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=15634&sub_source=TwinRed%20Exchange%20Partner_ID%2015634
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:03 GMT
content-type: image/png
content-length: 2174
last-modified: Tue, 28 Nov 2023 08:59:11 GMT
etag: "6565abdf-87e"
server: unknown
set-cookie: psui=a59f007fbf3384ccc33cc586d5d348f0; Path=/; Expires=Sat, 30-Dec-23 11:12:03 GMT; SameSite=None
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| crmentjg.com/favicon.ico?v=1 | 93.93.51.223 | | 1.2 kB |
URL crmentjg.com/favicon.ico?v=1 IP93.93.51.223:0 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Hashe16d749198f73da1e36b32d943c04011 070c9027c47ae4215eac3d7e4e47c8d73e2d6221 a38d9ef5e246bb21840e9aade1ad857ab5c0f28e196c2d4cbf9f6a8806d2155e
GET /favicon.ico?v=1 HTTP/1.1
Host: crmentjg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmentjg.com/pu/?psid=ed_dprmntdtt1&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=15634&sub_source=TwinRed%20Exchange%20Partner_ID%2015634
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:03 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Tue, 28 Nov 2023 08:59:11 GMT
etag: "6565abdf-47e"
server: unknown
set-cookie: psui=a59f007fbf3384ccc33cc586d5d348f0; Path=/; Expires=Sat, 30-Dec-23 11:12:03 GMT; SameSite=None
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| oopzeed.com/favicon.ico | 172.67.138.12 | | 12 kB |
IP172.67.138.12:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hashcdcc97b45da1d6dddabfe31b66a4db24 e0bc8a415003976ee8600fbacbb8cd58c803489c 0821b6740493ed15995d309b7a720c306ecd7210930ed715ffe2a0afadfa3743
GET /favicon.ico HTTP/1.1
Host: oopzeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oopzeed.com/vumingo_ete_player_download_crack.zip?c=AM9taGX8RQUAnlkCAFNHFwASAAAAAADU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 30 Nov 2023 11:12:00 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZ3M8ajPqTlRGr5vkH7apq1boKzic3PVjVPl1Oemgq5iWYhSVMCVS7KRzTqjtlnvh9PD8lAT%2Fr%2FZt3AMR9Juh2BwfU0hlxTShKB5dIr%2BI0os8I0bY0r7QGFC56GT%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e2a71fdb3d1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| pt-static2.jsmsat.com/npe/_common/script/adblock/advertisement-v966444.js | 93.93.51.201 | 200 OK | 21 B |
URL GET HTTP/2pt-static2.jsmsat.com/npe/_common/script/adblock/advertisement-v966444.js IP93.93.51.201:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerLet's Encrypt Subjectpt.awempt.com Fingerprint55:E1:D4:78:CF:7E:3E:2E:80:6A:51:70:29:FA:63:93:0E:F7:24:4A ValidityWed, 01 Nov 2023 08:01:05 GMT - Tue, 30 Jan 2024 08:01:04 GMT
File typeASCII text, with no line terminators Hash01c6e7ecb819ef28b0c9b962513a1596 1a49f493db7b91ed34a7040d36732352b9a5dc39 e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
GET /npe/_common/script/adblock/advertisement-v966444.js HTTP/1.1
Host: pt-static2.jsmsat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:03 GMT
content-type: application/javascript
content-length: 21
last-modified: Wed, 29 Nov 2023 16:17:08 GMT
etag: "65676404-15"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:03 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-MJ29FD7 | 142.250.74.168 | 200 OK | 94 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-MJ29FD7 IP142.250.74.168:443
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File typeASCII text, with very long lines (61863) Hash8ec4c42ae3e8ad699a3ab73a14d76dda 24f4ae4de401ec025d500ea2b7e52c779d1f499e e52f178e91761932dc5bbb9f3f8f32e163d2d121748427e5d852d54f31bc228f
GET /gtm.js?id=GTM-MJ29FD7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 11:12:03 GMT
expires: Thu, 30 Nov 2023 11:12:03 GMT
cache-control: private, max-age=900
last-modified: Thu, 30 Nov 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94272
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pt-static4.jsmsat.com/npe/_common/fonts/roboto_medium-webfont-v966444.woff | 93.93.51.201 | 200 OK | 70 kB |
URL GET HTTP/2pt-static4.jsmsat.com/npe/_common/fonts/roboto_medium-webfont-v966444.woff IP93.93.51.201:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerLet's Encrypt Subjectpt-static3.jsmsat.com FingerprintB5:B9:AF:A1:51:6D:94:9A:6E:8A:86:D5:9D:DA:A4:EE:94:05:2A:32 ValidityTue, 31 Oct 2023 20:01:04 GMT - Mon, 29 Jan 2024 20:01:03 GMT
File typeWeb Open Font Format, TrueType, length 70184, version 1.0\012- data Hashae0a4265d4db4667a8994b313ca54458 b15d253899a66998907b2c60cc9781f24204122b bbd509f42e1a66e91e73bb195a7a837284c1ace0d35eddae02a52877ea20f149
GET /npe/_common/fonts/roboto_medium-webfont-v966444.woff HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crmpt.livejasmin.com
DNT: 1
Connection: keep-alive
Referer: https://pt-static4.jsmsat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:04 GMT
content-type: application/font-woff
content-length: 70184
last-modified: Wed, 29 Nov 2023 16:17:08 GMT
etag: "65676404-11228"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:04 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| pt-static1.jsmsat.com/npe/_common/script/incognito/di.min-v966444.js | 93.93.51.201 | 200 OK | 24 kB |
URL GET HTTP/2pt-static1.jsmsat.com/npe/_common/script/incognito/di.min-v966444.js IP93.93.51.201:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerLet's Encrypt Subjectpt.awempt.com Fingerprint55:E1:D4:78:CF:7E:3E:2E:80:6A:51:70:29:FA:63:93:0E:F7:24:4A ValidityWed, 01 Nov 2023 08:01:05 GMT - Tue, 30 Jan 2024 08:01:04 GMT
File typegzip compressed data, max speed, from Unix\012- data Hasha3bd0f1648374e1adb96e0e27e993050 91daaa1d8c1f9ae6d76a148e7bf797cdb6e7a123 7bf22cef7e6728a8ea9b951b45d22353dbd8177eb38791da65b7d2c4dc5b86f4
GET /npe/_common/script/incognito/di.min-v966444.js HTTP/1.1
Host: pt-static1.jsmsat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:03 GMT
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 16:17:08 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"65676404-d47"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:03 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| pt-static2.jsmsat.com/npe/pu/vipls/script/pu.vipls-v966444.js | 93.93.51.201 | 200 OK | 237 kB |
URL GET HTTP/2pt-static2.jsmsat.com/npe/pu/vipls/script/pu.vipls-v966444.js IP93.93.51.201:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerLet's Encrypt Subjectpt.awempt.com Fingerprint55:E1:D4:78:CF:7E:3E:2E:80:6A:51:70:29:FA:63:93:0E:F7:24:4A ValidityWed, 01 Nov 2023 08:01:05 GMT - Tue, 30 Jan 2024 08:01:04 GMT
File typegzip compressed data, max speed, from Unix\012- data Size237 kB (237289 bytes) Hash3e84b98dd8556c85f7ecee090a3851fc 499d3e8b085838d833a71f4b997b47169250c308 f13f5a687198646bc1c4e592738691acb8bfb80b620d15eb0e7d45c0ca933499
GET /npe/pu/vipls/script/pu.vipls-v966444.js HTTP/1.1
Host: pt-static2.jsmsat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:03 GMT
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 16:17:08 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"65676404-72e84"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:03 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| pt-static4.jsmsat.com/npe/_common/fonts/roboto_regular-webfont-v966444.woff | 93.93.51.201 | 200 OK | 89 kB |
URL GET HTTP/2pt-static4.jsmsat.com/npe/_common/fonts/roboto_regular-webfont-v966444.woff IP93.93.51.201:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerLet's Encrypt Subjectpt-static3.jsmsat.com FingerprintB5:B9:AF:A1:51:6D:94:9A:6E:8A:86:D5:9D:DA:A4:EE:94:05:2A:32 ValidityTue, 31 Oct 2023 20:01:04 GMT - Mon, 29 Jan 2024 20:01:03 GMT
File typeWeb Open Font Format, TrueType, length 89436, version 2.1101\012- data Hash27ebb57ca80d9efd1d7b2bb174af090f 527a35fa8eb34124d8bdc9bee973de676977637d 866c21d6cada368ff5a8049cb94a899b547fc763068036aacf94be7b24a2a40e
GET /npe/_common/fonts/roboto_regular-webfont-v966444.woff HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crmpt.livejasmin.com
DNT: 1
Connection: keep-alive
Referer: https://pt-static4.jsmsat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:04 GMT
content-type: application/font-woff
content-length: 89436
last-modified: Wed, 29 Nov 2023 16:17:08 GMT
etag: "65676404-15d5c"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:04 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| pt-static4.jsmsat.com/npe/image/more_models_jsm-v966444.png | 93.93.51.201 | 200 OK | 31 kB |
URL GET HTTP/2pt-static4.jsmsat.com/npe/image/more_models_jsm-v966444.png IP93.93.51.201:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerLet's Encrypt Subjectpt-static3.jsmsat.com FingerprintB5:B9:AF:A1:51:6D:94:9A:6E:8A:86:D5:9D:DA:A4:EE:94:05:2A:32 ValidityTue, 31 Oct 2023 20:01:04 GMT - Mon, 29 Jan 2024 20:01:03 GMT
File typePNG image data, 180 x 101, 8-bit/color RGBA, non-interlaced\012- data Hash4eaea38e52a7403de85f0b183fb2b972 712a0f0d0009ab7bbe36110c15ec30a7f2df1711 551007f217235bc96a341ca01ce1eecb98dc509ae5fbc47e5013c7ac6ac8a9d2
GET /npe/image/more_models_jsm-v966444.png HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:04 GMT
content-type: image/png
content-length: 30562
last-modified: Wed, 29 Nov 2023 16:17:08 GMT
etag: "65676404-7762"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:04 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 | 93.93.51.191 | 200 OK | 28 kB |
URL User Request GET HTTP/2crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 IP93.93.51.191:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
CertificateIssuerLet's Encrypt Subjectcrmpt.livejasmin.com Fingerprint94:36:98:3E:6B:F5:EC:61:46:A3:7A:E2:90:5F:85:61:58:F1:57:AA ValiditySun, 26 Nov 2023 16:01:07 GMT - Sat, 24 Feb 2024 16:01:06 GMT
File typegzip compressed data, max speed, from Unix\012- data Hash5aa0944084884b882ddd9c0d43b5cc0f cce9b8abff86598b4abe4ed5dec8943422df1f6a 190cfc781c23850a01f22e2d1a9d69446e316290fa6a70da575d5a8624f44fcb
GET /pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 HTTP/1.1
Host: crmpt.livejasmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmentjg.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-ud-id: 9sYxA/V1J
cache-control: no-cache
date: Thu, 30 Nov 2023 11:12:03 GMT
server: unknown
x-cache-status: R-MISS
set-cookie: psui=a59f007fbf3384ccc33cc586d5d348f0; Path=/; Expires=Sat, 30-Dec-23 11:12:03 GMT; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| crmentjg.com/pu/?psid=ed_dprmntdtt1&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=15634&sub_source=TwinRed%20Exchange%20Partner_ID%2015634 | 93.93.51.223 | 200 OK | 8.3 kB |
URL User Request GET HTTP/2crmentjg.com/pu/?psid=ed_dprmntdtt1&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=15634&sub_source=TwinRed%20Exchange%20Partner_ID%2015634 IP93.93.51.223:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
CertificateIssuerLet's Encrypt Subjectcrmentjg.com Fingerprint00:D7:49:69:04:52:E7:F7:99:60:F7:55:B6:14:68:59:E6:BD:BA:C9 ValidityTue, 10 Oct 2023 15:01:05 GMT - Mon, 08 Jan 2024 15:01:04 GMT
File typegzip compressed data, max speed, from Unix\012- data Hash5bed8b520488e1077685edd56d1ecd8e 1c3dc1a5d16b2d03b84f1fc29680af90fb59d32e bdcfceab12c8a32753774a09b5f2084041fd1ecffc0a90564487bd667664c722
GET /pu/?psid=ed_dprmntdtt1&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=15634&sub_source=TwinRed%20Exchange%20Partner_ID%2015634 HTTP/1.1
Host: crmentjg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://twinrdsyn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-target-pstool: 300_342
server: unknown
set-cookie: psui=a59f007fbf3384ccc33cc586d5d348f0; Path=/; Expires=Sat, 30-Dec-23 11:12:03 GMT; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f16/6406c0fc6dc92f9e3da6612b296f8e28_glamour_896x504.jpg?cno=896f | 93.93.51.190 | 200 OK | 75 kB |
URL GET HTTP/2galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f16/6406c0fc6dc92f9e3da6612b296f8e28_glamour_896x504.jpg?cno=896f IP93.93.51.190:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerSectigo Limited Subject*.vcmdiawe.com FingerprintAA:C6:B9:40:26:EC:8E:97:8B:70:D4:4A:8A:19:9C:C6:19:5D:07:EE ValidityTue, 02 May 2023 00:00:00 GMT - Thu, 02 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data Hash99672c7e69d7ea309e07eff410b10584 68b41577f0f8fad6a13293ba0649d75aa1c81408 6978d0fdb4b38a6e4f4b50db25f9093704dad28f4100242addd47370e12c6c67
GET /ff268cab8d9fbae1ed7506f97496274f16/6406c0fc6dc92f9e3da6612b296f8e28_glamour_896x504.jpg?cno=896f HTTP/1.1
Host: galleryn1.vcmdiawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:04 GMT
content-type: image/jpeg
content-length: 74659
last-modified: Sun, 26 Nov 2023 12:20:40 GMT
x-rgw-object-type: Normal
etag: "99672c7e69d7ea309e07eff410b10584"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:04 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f14/412d0fbc8c1a619dd26f0786fa2589b3_glamour_215x121.jpg?cno=ba43 | 93.93.51.190 | 200 OK | 5.1 kB |
URL GET HTTP/2galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f14/412d0fbc8c1a619dd26f0786fa2589b3_glamour_215x121.jpg?cno=ba43 IP93.93.51.190:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerSectigo Limited Subject*.vcmdiawe.com FingerprintAA:C6:B9:40:26:EC:8E:97:8B:70:D4:4A:8A:19:9C:C6:19:5D:07:EE ValidityTue, 02 May 2023 00:00:00 GMT - Thu, 02 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 215x121, components 3\012- data Hash51b58bcb5907f3460d764bc02ae88e5b d6fb48dbe981129ba57f64fd438d4f6adcbd6421 e5aaf3d088581e05c57fd52b3badc5513deee1b3de6fbcc0ca2c2a82932adf0c
GET /ff268cab8d9fbae1ed7506f97496274f14/412d0fbc8c1a619dd26f0786fa2589b3_glamour_215x121.jpg?cno=ba43 HTTP/1.1
Host: galleryn1.vcmdiawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:04 GMT
content-type: image/jpeg
content-length: 5118
last-modified: Fri, 09 Jun 2023 07:12:48 GMT
x-rgw-object-type: Normal
etag: "51b58bcb5907f3460d764bc02ae88e5b"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:04 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| pt-static2.jsmsat.com/npe/image/jsm/favicon-v966444.ico | 93.93.51.201 | 200 OK | 392 B |
URL GET HTTP/2pt-static2.jsmsat.com/npe/image/jsm/favicon-v966444.ico IP93.93.51.201:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerLet's Encrypt Subjectpt.awempt.com Fingerprint55:E1:D4:78:CF:7E:3E:2E:80:6A:51:70:29:FA:63:93:0E:F7:24:4A ValidityWed, 01 Nov 2023 08:01:05 GMT - Tue, 30 Jan 2024 08:01:04 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Hashf56e924ea4f68fe44ee8838ac0b8e7c3 d7468113aa5fb5ba21e3aa3def804444f8a56e0e 7a50956463e19c120d3dc96067e46425223fee02d230233b14ed5dda3685f9ae
GET /npe/image/jsm/favicon-v966444.ico HTTP/1.1
Host: pt-static2.jsmsat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:04 GMT
content-type: image/x-icon
content-length: 392
last-modified: Wed, 29 Nov 2023 16:17:08 GMT
etag: "65676404-188"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:04 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1d/d73fefa77fb25260a828be745bd5dba5_glamour_215x121.jpg?cno=bd75 | 93.93.51.190 | 200 OK | 6.4 kB |
URL GET HTTP/2galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1d/d73fefa77fb25260a828be745bd5dba5_glamour_215x121.jpg?cno=bd75 IP93.93.51.190:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerSectigo Limited Subject*.vcmdiawe.com FingerprintAA:C6:B9:40:26:EC:8E:97:8B:70:D4:4A:8A:19:9C:C6:19:5D:07:EE ValidityTue, 02 May 2023 00:00:00 GMT - Thu, 02 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 215x121, components 3\012- data Hashebc6ad3e94a2e1f0fd801c9ba1b6de87 41345d65ca4d62dd8166ff61e855e3c91cbda941 6fd7e4df2e51836726bbfe1ce432c55551af53fab5a9f6ee467f69baecef1a09
GET /ff268cab8d9fbae1ed7506f97496274f1d/d73fefa77fb25260a828be745bd5dba5_glamour_215x121.jpg?cno=bd75 HTTP/1.1
Host: galleryn1.vcmdiawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:04 GMT
content-type: image/jpeg
content-length: 6427
last-modified: Sat, 18 Nov 2023 06:50:07 GMT
x-rgw-object-type: Normal
etag: "ebc6ad3e94a2e1f0fd801c9ba1b6de87"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:04 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/destination?id=G-H7LMNP6Q9N&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 83 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/destination?id=G-H7LMNP6Q9N&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File typeASCII text, with very long lines (7711) Hash87b1932144d72fb449b9873e4886a3a4 952a41a3386b4cd59c7aaf061b757a25e709b1df aae4cb0c80ee6f83e2392dd546a1df178c57f633225cb2b41d995cfdede545ef
GET /gtag/destination?id=G-H7LMNP6Q9N&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 11:12:05 GMT
expires: Thu, 30 Nov 2023 11:12:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 82957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lsc-edge-95-128-120-36.dditscdn.com/memberChat/jasmin49eb9dc0-f558-4b24-891d-fcd3a4b7eafab4615d0576407a528927f97d8bcb11f6?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkb2NsZXIubHNjLmFwaSIsImF1ZCI6Ijk1LjEyOC4xMjAuMzYiLCJuaWNrIjoiNDllYjlkYzAtZjU1OC00YjI0LTg5MWQtZmNkM2E0YjdlYWZhIiwiaGFzaCI6ImI0NjE1ZDA1NzY0MDdhNTI4OTI3Zjk3ZDhiY2IxMWY2IiwianRpIjo2MzA1NDI5OTQ5NzQyMDA1LCJpYXQiOjE3MDEzNDI3MjQsImV4cCI6MTcwMTM0Mjc4NH0.xu--J2rtvydEI-f4Hcu7-VCNCXrs2S00D6AD7w0M0jc | 95.128.120.36 | | 0 B |
URL lsc-edge-95-128-120-36.dditscdn.com/memberChat/jasmin49eb9dc0-f558-4b24-891d-fcd3a4b7eafab4615d0576407a528927f97d8bcb11f6?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkb2NsZXIubHNjLmFwaSIsImF1ZCI6Ijk1LjEyOC4xMjAuMzYiLCJuaWNrIjoiNDllYjlkYzAtZjU1OC00YjI0LTg5MWQtZmNkM2E0YjdlYWZhIiwiaGFzaCI6ImI0NjE1ZDA1NzY0MDdhNTI4OTI3Zjk3ZDhiY2IxMWY2IiwianRpIjo2MzA1NDI5OTQ5NzQyMDA1LCJpYXQiOjE3MDEzNDI3MjQsImV4cCI6MTcwMTM0Mjc4NH0.xu--J2rtvydEI-f4Hcu7-VCNCXrs2S00D6AD7w0M0jc IP95.128.120.36:0 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /memberChat/jasmin49eb9dc0-f558-4b24-891d-fcd3a4b7eafab4615d0576407a528927f97d8bcb11f6?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkb2NsZXIubHNjLmFwaSIsImF1ZCI6Ijk1LjEyOC4xMjAuMzYiLCJuaWNrIjoiNDllYjlkYzAtZjU1OC00YjI0LTg5MWQtZmNkM2E0YjdlYWZhIiwiaGFzaCI6ImI0NjE1ZDA1NzY0MDdhNTI4OTI3Zjk3ZDhiY2IxMWY2IiwianRpIjo2MzA1NDI5OTQ5NzQyMDA1LCJpYXQiOjE3MDEzNDI3MjQsImV4cCI6MTcwMTM0Mjc4NH0.xu--J2rtvydEI-f4Hcu7-VCNCXrs2S00D6AD7w0M0jc HTTP/1.1
Host: lsc-edge-95-128-120-36.dditscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://crmpt.livejasmin.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wLOqUa2ZzJe1HMZ81rj2sg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 30 Nov 2023 11:12:05 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qtH8uXxGuxmSMTJqtDaMcdSiqpQ=
Server: unknown
|
|
| gallery.vcmdiawe.com/lpp/6/49eb9dc0-f558-4b24-891d-fcd3a4b7eafa/49eb9dc0-f558-4b24-891d-fcd3a4b7eafa.20.mp4 | 93.93.51.190 | 206 Partial Content | 1.3 MB |
URL GET HTTP/2gallery.vcmdiawe.com/lpp/6/49eb9dc0-f558-4b24-891d-fcd3a4b7eafa/49eb9dc0-f558-4b24-891d-fcd3a4b7eafa.20.mp4 IP93.93.51.190:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerSectigo Limited Subject*.vcmdiawe.com FingerprintAA:C6:B9:40:26:EC:8E:97:8B:70:D4:4A:8A:19:9C:C6:19:5D:07:EE ValidityTue, 02 May 2023 00:00:00 GMT - Thu, 02 May 2024 23:59:59 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size1.3 MB (1321193 bytes) Hashc4a35db5693a70124d9f4279f7c6df9b a4e8372643cb42e718eccce0ea4205b38a0a292c 631c6c9cec13363d101b3a6701579f194faebd637baa374784b4701bc9c57850
GET /lpp/6/49eb9dc0-f558-4b24-891d-fcd3a4b7eafa/49eb9dc0-f558-4b24-891d-fcd3a4b7eafa.20.mp4 HTTP/1.1
Host: gallery.vcmdiawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Thu, 30 Nov 2023 11:12:05 GMT
content-type: video/mp4
content-length: 1321193
last-modified: Thu, 30 Nov 2023 11:11:20 GMT
etag: "65686dd8-1428e9"
x-cache-source: Streampreroll
access-control-allow-origin: *
x-content-type-options: nosniff
cache-control: max-age=60
expires: Thu, 30 Nov 2023 11:13:05 GMT
server: unknown
x-cdn-node: sesto
x-cache-status: R-MISS
x-real-source: -, -
content-range: bytes 0-1321192/1321193
X-Firefox-Spdy: h2
|
|
| api-protected.protoawegw.com/v2/player/performer/get?includeTestAccounts=&product=livejasmin&category=girl&withSb=1&psid=ed_dprmntdtt1&pstool=300_342&profilePictureSize=896x504,504x896&ngs=1&performerIds[]=49eb9dc0-f558-4b24-891d-fcd3a4b7eafa | 93.93.51.225 | 200 OK | 817 B |
URL GET HTTP/2api-protected.protoawegw.com/v2/player/performer/get?includeTestAccounts=&product=livejasmin&category=girl&withSb=1&psid=ed_dprmntdtt1&pstool=300_342&profilePictureSize=896x504,504x896&ngs=1&performerIds[]=49eb9dc0-f558-4b24-891d-fcd3a4b7eafa IP93.93.51.225:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerLet's Encrypt Subjectstaging.sgsin.api.protoawegw.com Fingerprint1C:AE:AF:0C:FD:70:2F:44:69:2A:75:17:70:AE:67:9D:EB:D7:A7:D5 ValidityFri, 27 Oct 2023 19:01:05 GMT - Thu, 25 Jan 2024 19:01:04 GMT
File typegzip compressed data, max speed, from Unix\012- data Hash4428242c2a77d98d90642cc9bf819bf6 2fda0208deac010503a6eb94fbed735e1689e022 ea3129efbff1eaee54b51d059662624ca6baffb764bb3db25d47e57c3bafd49a
GET /v2/player/performer/get?includeTestAccounts=&product=livejasmin&category=girl&withSb=1&psid=ed_dprmntdtt1&pstool=300_342&profilePictureSize=896x504,504x896&ngs=1&performerIds[]=49eb9dc0-f558-4b24-891d-fcd3a4b7eafa HTTP/1.1
Host: api-protected.protoawegw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crmpt.livejasmin.com/
Origin: https://crmpt.livejasmin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:04 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE, PATCH
server: unknown
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ngs-edge-95-128-121-39.dditscdn.com/eyJhbGciOiJIUzI1NiJ9.eyJhbGxvd0g1TGl2ZVByb3h5Ijp0cnVlLCJvcmlnaW4iOiIqIiwicHJvdG9jb2wiOiJoNWxpdmUiLCJzZXJ2ZXIiOiJ3c3M6Ly9uZ3MtZWRnZS05NS0xMjgtMTIxLTM5LmRkaXRzY2RuLmNvbSIsInRva2VuSWQiOiJNQ3d4TWpneFl6STRaaTFoWm1KbExUUTBNbUl0WVRnek1TMWtOek15WXpRM01XUXhZVEFzTVN3MVpqZ3dOemt5Tnl4M1oyMTVjazVMTWtzNE1rNXJVekZtZVdOc2RGaGpZVWt5UVZFOSIsInN0cmVhbUlkIjoiNjdjYzUzOWEtYzg3OC00N2U4LWFiZGMtMDNmMGU1MGMyNzkzIiwidHlwZSI6InZpZXciLCJjSWQiOiJtZmw3eWt5dnNnazg5YTZpIiwiYXVkIjoidmlld2VyIiwiaXNzIjoiZG9jbGVyLnN0cmVhbWluZy5zdHJlYW1jb250cm9sbGVyIiwiaWF0IjoxNzAxMzQyNzI1LCJleHAiOjE3MDEzNDI3ODV9.2D_TGtAp8cYjLK_Rs9NUX7vrrLni5b-4XT0P-IUCiYQ? | 95.128.121.39 | | 0 B |
URL ngs-edge-95-128-121-39.dditscdn.com/eyJhbGciOiJIUzI1NiJ9.eyJhbGxvd0g1TGl2ZVByb3h5Ijp0cnVlLCJvcmlnaW4iOiIqIiwicHJvdG9jb2wiOiJoNWxpdmUiLCJzZXJ2ZXIiOiJ3c3M6Ly9uZ3MtZWRnZS05NS0xMjgtMTIxLTM5LmRkaXRzY2RuLmNvbSIsInRva2VuSWQiOiJNQ3d4TWpneFl6STRaaTFoWm1KbExUUTBNbUl0WVRnek1TMWtOek15WXpRM01XUXhZVEFzTVN3MVpqZ3dOemt5Tnl4M1oyMTVjazVMTWtzNE1rNXJVekZtZVdOc2RGaGpZVWt5UVZFOSIsInN0cmVhbUlkIjoiNjdjYzUzOWEtYzg3OC00N2U4LWFiZGMtMDNmMGU1MGMyNzkzIiwidHlwZSI6InZpZXciLCJjSWQiOiJtZmw3eWt5dnNnazg5YTZpIiwiYXVkIjoidmlld2VyIiwiaXNzIjoiZG9jbGVyLnN0cmVhbWluZy5zdHJlYW1jb250cm9sbGVyIiwiaWF0IjoxNzAxMzQyNzI1LCJleHAiOjE3MDEzNDI3ODV9.2D_TGtAp8cYjLK_Rs9NUX7vrrLni5b-4XT0P-IUCiYQ? IP95.128.121.39:0 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eyJhbGciOiJIUzI1NiJ9.eyJhbGxvd0g1TGl2ZVByb3h5Ijp0cnVlLCJvcmlnaW4iOiIqIiwicHJvdG9jb2wiOiJoNWxpdmUiLCJzZXJ2ZXIiOiJ3c3M6Ly9uZ3MtZWRnZS05NS0xMjgtMTIxLTM5LmRkaXRzY2RuLmNvbSIsInRva2VuSWQiOiJNQ3d4TWpneFl6STRaaTFoWm1KbExUUTBNbUl0WVRnek1TMWtOek15WXpRM01XUXhZVEFzTVN3MVpqZ3dOemt5Tnl4M1oyMTVjazVMTWtzNE1rNXJVekZtZVdOc2RGaGpZVWt5UVZFOSIsInN0cmVhbUlkIjoiNjdjYzUzOWEtYzg3OC00N2U4LWFiZGMtMDNmMGU1MGMyNzkzIiwidHlwZSI6InZpZXciLCJjSWQiOiJtZmw3eWt5dnNnazg5YTZpIiwiYXVkIjoidmlld2VyIiwiaXNzIjoiZG9jbGVyLnN0cmVhbWluZy5zdHJlYW1jb250cm9sbGVyIiwiaWF0IjoxNzAxMzQyNzI1LCJleHAiOjE3MDEzNDI3ODV9.2D_TGtAp8cYjLK_Rs9NUX7vrrLni5b-4XT0P-IUCiYQ? HTTP/1.1
Host: ngs-edge-95-128-121-39.dditscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://crmpt.livejasmin.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bBADGa+7wfGnvZQiQSG20A==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 30 Nov 2023 11:12:05 GMT
Connection: upgrade
server: ngs-h5live-proxy
Upgrade: websocket
Sec-WebSocket-Accept: s9k08Z7oDSqx5vl8bkM7PD68TVg=
|
|
| ccs.livejasmin.com/ccs.php?ccs=1&psid=ed_dprmntdtt1&subAffId=15634&psref=TwinRed&pstool=300_342 | 93.93.51.225 | 200 OK | 69 B |
URL GET HTTP/2ccs.livejasmin.com/ccs.php?ccs=1&psid=ed_dprmntdtt1&subAffId=15634&psref=TwinRed&pstool=300_342 IP93.93.51.225:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerLet's Encrypt Subjectccs.livejasmin.com FingerprintA4:D6:F2:B2:1A:30:76:1E:7B:25:4B:09:EC:8C:DE:70:F2:0C:45:4A ValiditySat, 04 Nov 2023 08:01:05 GMT - Fri, 02 Feb 2024 08:01:04 GMT
File typePNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data Hashdf15c61986fc44f0000081374bdcd6fb da69991e3d456f15f1b9ac2f11d6c79a5240541d 126a629b1a5b11de957e290957f73e9bf7abf7cf63eb0ddb7eb5db95edfdff2a
GET /ccs.php?ccs=1&psid=ed_dprmntdtt1&subAffId=15634&psref=TwinRed&pstool=300_342 HTTP/1.1
Host: ccs.livejasmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Cookie: _ga_H7LMNP6Q9N=GS1.1.1701342729.1.1.1701342729.0.0.0; _ga=GA1.1.1661814259.1701342730
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:08 GMT
content-type: image/png
content-length: 69
set-cookie: macctid=ed_dprmntdtt1; expires=Thu, 14-Dec-2023 11:12:08 GMT; Max-Age=1209600; path=/; domain=.livejasmin.com; secure; SameSite=None
ccs=YToxMDp7czo0OiJwc2lkIjtzOjEzOiJlZF9kcHJtbnRkdHQxIjtzOjU6InBzcmVmIjtzOjc6IlR3aW5SZWQiO3M6NjoicHN0b3VyIjtzOjI6InQxIjtzOjk6InBzcHJvZ3JhbSI7czo0OiJSRVZTIjtzOjY6InBzdG9vbCI7czo3OiIzMDBfMzQyIjtzOjExOiJjYW1wYWlnbl9pZCI7aTowO3M6MTM6InBzcGVyZm9ybWVyaWQiO3M6MDoiIjtzOjk6InBzaHR0cHJlZiI7czozNzoiaHR0cHMlM0ElMkYlMkZjcm1wdC5saXZlamFzbWluLmNvbSUyRiI7czoxMDoiY3JlYXRlZF9hdCI7aToxNzAxMzQyNzI4O3M6OToiYWZmcGFyYW1zIjtzOjI4OiJleUp6ZFdKQlptWkpaQ0k2SWpFMU5qTTBJbjA9Ijt9; expires=Thu, 14-Dec-2023 11:12:08 GMT; Max-Age=1209600; path=/; domain=.livejasmin.com; secure; SameSite=None
server: unknown
X-Firefox-Spdy: h2
|
|
| lsc-edge-95-128-120-36.dditscdn.com/memberChat/jasmin49eb9dc0-f558-4b24-891d-fcd3a4b7eafab4615d0576407a528927f97d8bcb11f6?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkb2NsZXIubHNjLmFwaSIsImF1ZCI6Ijk1LjEyOC4xMjAuMzYiLCJuaWNrIjoiNDllYjlkYzAtZjU1OC00YjI0LTg5MWQtZmNkM2E0YjdlYWZhIiwiaGFzaCI6ImI0NjE1ZDA1NzY0MDdhNTI4OTI3Zjk3ZDhiY2IxMWY2IiwianRpIjo2MzA1NDI5OTQ5NzQyMDA1LCJpYXQiOjE3MDEzNDI3MjQsImV4cCI6MTcwMTM0Mjc4NH0.xu--J2rtvydEI-f4Hcu7-VCNCXrs2S00D6AD7w0M0jc | 95.128.120.36 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1lsc-edge-95-128-120-36.dditscdn.com/memberChat/jasmin49eb9dc0-f558-4b24-891d-fcd3a4b7eafab4615d0576407a528927f97d8bcb11f6?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkb2NsZXIubHNjLmFwaSIsImF1ZCI6Ijk1LjEyOC4xMjAuMzYiLCJuaWNrIjoiNDllYjlkYzAtZjU1OC00YjI0LTg5MWQtZmNkM2E0YjdlYWZhIiwiaGFzaCI6ImI0NjE1ZDA1NzY0MDdhNTI4OTI3Zjk3ZDhiY2IxMWY2IiwianRpIjo2MzA1NDI5OTQ5NzQyMDA1LCJpYXQiOjE3MDEzNDI3MjQsImV4cCI6MTcwMTM0Mjc4NH0.xu--J2rtvydEI-f4Hcu7-VCNCXrs2S00D6AD7w0M0jc IP95.128.120.36:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerSectigo Limited Subject*.dditscdn.com FingerprintAF:3F:1C:B9:3F:3B:A0:B1:DF:09:73:47:FC:59:FC:20:F5:AA:42:CC ValidityFri, 28 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /memberChat/jasmin49eb9dc0-f558-4b24-891d-fcd3a4b7eafab4615d0576407a528927f97d8bcb11f6?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkb2NsZXIubHNjLmFwaSIsImF1ZCI6Ijk1LjEyOC4xMjAuMzYiLCJuaWNrIjoiNDllYjlkYzAtZjU1OC00YjI0LTg5MWQtZmNkM2E0YjdlYWZhIiwiaGFzaCI6ImI0NjE1ZDA1NzY0MDdhNTI4OTI3Zjk3ZDhiY2IxMWY2IiwianRpIjo2MzA1NDI5OTQ5NzQyMDA1LCJpYXQiOjE3MDEzNDI3MjQsImV4cCI6MTcwMTM0Mjc4NH0.xu--J2rtvydEI-f4Hcu7-VCNCXrs2S00D6AD7w0M0jc HTTP/1.1
Host: lsc-edge-95-128-120-36.dditscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://crmpt.livejasmin.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wLOqUa2ZzJe1HMZ81rj2sg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 30 Nov 2023 11:12:05 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qtH8uXxGuxmSMTJqtDaMcdSiqpQ=
Server: unknown
|
|
| pt-static4.jsmsat.com/npe/_common/fonts/roboto_light-webfont-v966444.woff | 93.93.51.201 | 200 OK | 89 kB |
URL GET HTTP/2pt-static4.jsmsat.com/npe/_common/fonts/roboto_light-webfont-v966444.woff IP93.93.51.201:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerLet's Encrypt Subjectpt-static3.jsmsat.com FingerprintB5:B9:AF:A1:51:6D:94:9A:6E:8A:86:D5:9D:DA:A4:EE:94:05:2A:32 ValidityTue, 31 Oct 2023 20:01:04 GMT - Mon, 29 Jan 2024 20:01:03 GMT
File typeWeb Open Font Format, TrueType, length 89300, version 2.1151\012- data Hash6fb3854bc6501b99ee5370bc82e97485 6aefa4d321260f61564f3c11ecf131615f7deb63 9c269ea9659b715463650b2944ea666e3bc51983c739bdcd73c282ef13384b3c
GET /npe/_common/fonts/roboto_light-webfont-v966444.woff HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crmpt.livejasmin.com
DNT: 1
Connection: keep-alive
Referer: https://pt-static4.jsmsat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:04 GMT
content-type: application/font-woff
content-length: 89300
last-modified: Wed, 29 Nov 2023 16:17:08 GMT
etag: "65676404-15cd4"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:04 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ngs-edge-95-128-121-39.dditscdn.com/eyJhbGciOiJIUzI1NiJ9.eyJhbGxvd0g1TGl2ZVByb3h5Ijp0cnVlLCJvcmlnaW4iOiIqIiwicHJvdG9jb2wiOiJoNWxpdmUiLCJzZXJ2ZXIiOiJ3c3M6Ly9uZ3MtZWRnZS05NS0xMjgtMTIxLTM5LmRkaXRzY2RuLmNvbSIsInRva2VuSWQiOiJNQ3d4TWpneFl6STRaaTFoWm1KbExUUTBNbUl0WVRnek1TMWtOek15WXpRM01XUXhZVEFzTVN3MVpqZ3dOemt5Tnl4M1oyMTVjazVMTWtzNE1rNXJVekZtZVdOc2RGaGpZVWt5UVZFOSIsInN0cmVhbUlkIjoiNjdjYzUzOWEtYzg3OC00N2U4LWFiZGMtMDNmMGU1MGMyNzkzIiwidHlwZSI6InZpZXciLCJjSWQiOiJtZmw3eWt5dnNnazg5YTZpIiwiYXVkIjoidmlld2VyIiwiaXNzIjoiZG9jbGVyLnN0cmVhbWluZy5zdHJlYW1jb250cm9sbGVyIiwiaWF0IjoxNzAxMzQyNzI1LCJleHAiOjE3MDEzNDI3ODV9.2D_TGtAp8cYjLK_Rs9NUX7vrrLni5b-4XT0P-IUCiYQ? | 95.128.121.39 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1ngs-edge-95-128-121-39.dditscdn.com/eyJhbGciOiJIUzI1NiJ9.eyJhbGxvd0g1TGl2ZVByb3h5Ijp0cnVlLCJvcmlnaW4iOiIqIiwicHJvdG9jb2wiOiJoNWxpdmUiLCJzZXJ2ZXIiOiJ3c3M6Ly9uZ3MtZWRnZS05NS0xMjgtMTIxLTM5LmRkaXRzY2RuLmNvbSIsInRva2VuSWQiOiJNQ3d4TWpneFl6STRaaTFoWm1KbExUUTBNbUl0WVRnek1TMWtOek15WXpRM01XUXhZVEFzTVN3MVpqZ3dOemt5Tnl4M1oyMTVjazVMTWtzNE1rNXJVekZtZVdOc2RGaGpZVWt5UVZFOSIsInN0cmVhbUlkIjoiNjdjYzUzOWEtYzg3OC00N2U4LWFiZGMtMDNmMGU1MGMyNzkzIiwidHlwZSI6InZpZXciLCJjSWQiOiJtZmw3eWt5dnNnazg5YTZpIiwiYXVkIjoidmlld2VyIiwiaXNzIjoiZG9jbGVyLnN0cmVhbWluZy5zdHJlYW1jb250cm9sbGVyIiwiaWF0IjoxNzAxMzQyNzI1LCJleHAiOjE3MDEzNDI3ODV9.2D_TGtAp8cYjLK_Rs9NUX7vrrLni5b-4XT0P-IUCiYQ? IP95.128.121.39:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerSectigo Limited Subject*.dditscdn.com FingerprintAF:3F:1C:B9:3F:3B:A0:B1:DF:09:73:47:FC:59:FC:20:F5:AA:42:CC ValidityFri, 28 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eyJhbGciOiJIUzI1NiJ9.eyJhbGxvd0g1TGl2ZVByb3h5Ijp0cnVlLCJvcmlnaW4iOiIqIiwicHJvdG9jb2wiOiJoNWxpdmUiLCJzZXJ2ZXIiOiJ3c3M6Ly9uZ3MtZWRnZS05NS0xMjgtMTIxLTM5LmRkaXRzY2RuLmNvbSIsInRva2VuSWQiOiJNQ3d4TWpneFl6STRaaTFoWm1KbExUUTBNbUl0WVRnek1TMWtOek15WXpRM01XUXhZVEFzTVN3MVpqZ3dOemt5Tnl4M1oyMTVjazVMTWtzNE1rNXJVekZtZVdOc2RGaGpZVWt5UVZFOSIsInN0cmVhbUlkIjoiNjdjYzUzOWEtYzg3OC00N2U4LWFiZGMtMDNmMGU1MGMyNzkzIiwidHlwZSI6InZpZXciLCJjSWQiOiJtZmw3eWt5dnNnazg5YTZpIiwiYXVkIjoidmlld2VyIiwiaXNzIjoiZG9jbGVyLnN0cmVhbWluZy5zdHJlYW1jb250cm9sbGVyIiwiaWF0IjoxNzAxMzQyNzI1LCJleHAiOjE3MDEzNDI3ODV9.2D_TGtAp8cYjLK_Rs9NUX7vrrLni5b-4XT0P-IUCiYQ? HTTP/1.1
Host: ngs-edge-95-128-121-39.dditscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://crmpt.livejasmin.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bBADGa+7wfGnvZQiQSG20A==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 30 Nov 2023 11:12:05 GMT
Connection: upgrade
server: ngs-h5live-proxy
Upgrade: websocket
Sec-WebSocket-Accept: s9k08Z7oDSqx5vl8bkM7PD68TVg=
|
|
| pt-static4.jsmsat.com/npe/_common/fonts/pt-icons-v966444.woff | 93.93.51.201 | 200 OK | 22 kB |
URL GET HTTP/2pt-static4.jsmsat.com/npe/_common/fonts/pt-icons-v966444.woff IP93.93.51.201:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerLet's Encrypt Subjectpt-static3.jsmsat.com FingerprintB5:B9:AF:A1:51:6D:94:9A:6E:8A:86:D5:9D:DA:A4:EE:94:05:2A:32 ValidityTue, 31 Oct 2023 20:01:04 GMT - Mon, 29 Jan 2024 20:01:03 GMT
File typeWeb Open Font Format, TrueType, length 22336, version 1.0\012- data Hash68d6c2571b31b2aec684df15d90a7d12 81b540636375d8648d30839a810f73907923d1db 33e3503ef3a7dc205b9a36025f8ec534daad28ae8773c930c245d463d250f472
GET /npe/_common/fonts/pt-icons-v966444.woff HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crmpt.livejasmin.com
DNT: 1
Connection: keep-alive
Referer: https://pt-static4.jsmsat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:04 GMT
content-type: application/font-woff
content-length: 22336
last-modified: Wed, 29 Nov 2023 16:17:08 GMT
etag: "65676404-5740"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:04 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| pt-static4.jsmsat.com/npe/image/pt_di-v966444.png | 93.93.51.201 | 200 OK | 20 kB |
URL GET HTTP/2pt-static4.jsmsat.com/npe/image/pt_di-v966444.png IP93.93.51.201:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerLet's Encrypt Subjectpt-static3.jsmsat.com FingerprintB5:B9:AF:A1:51:6D:94:9A:6E:8A:86:D5:9D:DA:A4:EE:94:05:2A:32 ValidityTue, 31 Oct 2023 20:01:04 GMT - Mon, 29 Jan 2024 20:01:03 GMT
File typePNG image data, 320 x 180, 8-bit/color RGBA, non-interlaced\012- data Hash2a39f133a8af87dc3b845832ff6d30cb e67bba16969705430f54e65ad0a241ff987aa273 0d4451ade7ff63c59585c3637be283849dedd52d49886c6a7e73ec1364337ad4
GET /npe/image/pt_di-v966444.png HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:04 GMT
content-type: image/png
content-length: 20381
last-modified: Wed, 29 Nov 2023 16:17:08 GMT
etag: "65676404-4f9d"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:04 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1a/a2001af25c6306cb6d15c3d6c9c5dfd2_glamour_215x121.jpg?cno=dcf9 | 93.93.51.190 | 200 OK | 7.7 kB |
URL GET HTTP/2galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1a/a2001af25c6306cb6d15c3d6c9c5dfd2_glamour_215x121.jpg?cno=dcf9 IP93.93.51.190:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerSectigo Limited Subject*.vcmdiawe.com FingerprintAA:C6:B9:40:26:EC:8E:97:8B:70:D4:4A:8A:19:9C:C6:19:5D:07:EE ValidityTue, 02 May 2023 00:00:00 GMT - Thu, 02 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 215x121, components 3\012- data Hash5ba91a476604dd38e6ef0ae97ca35f72 64819776863423aac1dfe032ba7616db12715f05 6e66bd556ad8ea41ef08304039a68905a52ce9ebd980d1ea7a04869a3a6e5dc0
GET /ff268cab8d9fbae1ed7506f97496274f1a/a2001af25c6306cb6d15c3d6c9c5dfd2_glamour_215x121.jpg?cno=dcf9 HTTP/1.1
Host: galleryn0.vcmdiawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:04 GMT
content-type: image/jpeg
content-length: 7713
last-modified: Thu, 30 Nov 2023 09:45:09 GMT
x-rgw-object-type: Normal
etag: "5ba91a476604dd38e6ef0ae97ca35f72"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:04 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| crmpt.livejasmin.com/9sYxA/V1J.gif?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed&categoryName=girl&im=1 | 93.93.51.191 | 200 OK | 43 B |
URL GET HTTP/2crmpt.livejasmin.com/9sYxA/V1J.gif?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed&categoryName=girl&im=1 IP93.93.51.191:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerLet's Encrypt Subjectcrmpt.livejasmin.com Fingerprint94:36:98:3E:6B:F5:EC:61:46:A3:7A:E2:90:5F:85:61:58:F1:57:AA ValiditySun, 26 Nov 2023 16:01:07 GMT - Sat, 24 Feb 2024 16:01:06 GMT
File typeGIF image data, version 89a, 1 x 1\012- data Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /9sYxA/V1J.gif?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed&categoryName=girl&im=1 HTTP/1.1
Host: crmpt.livejasmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634
Cookie: psui=a59f007fbf3384ccc33cc586d5d348f0; _ga_H7LMNP6Q9N=GS1.1.1701342729.1.1.1701342729.0.0.0; _ga=GA1.1.1661814259.1701342730
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:05 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
set-cookie: psui=a59f007fbf3384ccc33cc586d5d348f0; Path=/; Expires=Sat, 30-Dec-23 11:12:05 GMT; SameSite=None; Secure
expires: Thu, 30 Nov 2023 11:12:04 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| pt-static4.jsmsat.com/npe/pu/vipls/css/vip-live-stream-v966444.css | 93.93.51.201 | 200 OK | 49 kB |
URL GET HTTP/2pt-static4.jsmsat.com/npe/pu/vipls/css/vip-live-stream-v966444.css IP93.93.51.201:443 ASN#34655 DuoDecad IT Services Luxembourg S.a r.l.
Requested byhttps://crmpt.livejasmin.com/pu/vip/lf?ms_rnd=1701342723.21538&pstool=300_342&psid=ed_dprmntdtt1&utm_source=tr&category=girl&site=jsm&utm_medium=network&subAffId=15634&sub_source=TwinRed+Exchange+Partner_ID+15634&origin=TwinRed+Exchange+Partner_ID+15634 CertificateIssuerLet's Encrypt Subjectpt-static3.jsmsat.com FingerprintB5:B9:AF:A1:51:6D:94:9A:6E:8A:86:D5:9D:DA:A4:EE:94:05:2A:32 ValidityTue, 31 Oct 2023 20:01:04 GMT - Mon, 29 Jan 2024 20:01:03 GMT
File typeASCII text, with very long lines (28735) Hash8f9aa44b9da6ae452651ac71788e7eb4 645721097ad882a7236b38d853acb1cd2e5982f6 08d1172b77863b1f1a732df5047afae77412d26dba5382e49cb0cddaa4c22084
GET /npe/pu/vipls/css/vip-live-stream-v966444.css HTTP/1.1
Host: pt-static4.jsmsat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crmpt.livejasmin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 11:12:03 GMT
content-type: text/css
last-modified: Wed, 29 Nov 2023 16:17:08 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"65676404-c041"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
expires: Thu, 14 Dec 2023 11:12:03 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
0.0.0.0