k50ptbc.theexcitingsweetflirt.life Open in urlscan Pro
185.155.184.184  Public Scan

Submitted URL: https://www.clientesvpn.pinoyliterotica.com/
Effective URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Submission: On December 13 via automatic, source certstream-suspicious — Scanned from US

Summary

This website contacted 10 IPs in 2 countries across 11 domains to perform 35 HTTP transactions. The main IP is 185.155.184.184, located in Switzerland and belongs to AS-6898 AS5398 SA, CH. The main domain is k50ptbc.theexcitingsweetflirt.life.
TLS certificate: Issued by R11 on October 20th 2024. Valid for: 3 months.
This is the only time k50ptbc.theexcitingsweetflirt.life was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
4 13.248.148.254 16509 (AMAZON-02)
1 3.171.102.115 16509 (AMAZON-02)
1 2 54.205.42.70 14618 (AMAZON-AES)
1 2 3.33.192.145 16509 (AMAZON-02)
1 130.211.29.114 396982 (GOOGLE-CL...)
2 35.241.15.240 396982 (GOOGLE-CL...)
1 1 173.239.53.32 27257 (WEBAIR-IN...)
1 1 44.223.210.42 14618 (AMAZON-AES)
19 185.155.184.184 6898 (AS-6898 A...)
1 172.217.197.95 15169 (GOOGLE)
3 74.125.192.94 15169 (GOOGLE)
35 10
Domain Requested by
19 k50ptbc.theexcitingsweetflirt.life wedlore-c.click
k50ptbc.theexcitingsweetflirt.life
4 www.clientesvpn.pinoyliterotica.com d38psrni17bvxu.cloudfront.net
www.clientesvpn.pinoyliterotica.com
3 fonts.gstatic.com fonts.googleapis.com
2 cas.avalon.perfdrive.com cdn.perfdrive.com
2 wedlore-c.click 1 redirects iunia-eap.com
2 iunia-eap.com 1 redirects www.clientesvpn.pinoyliterotica.com
1 fonts.googleapis.com k50ptbc.theexcitingsweetflirt.life
1 8cays.bemobtrcks.com 1 redirects
1 xml-v4.ngcluster-b.online 1 redirects
1 cdn.perfdrive.com wedlore-c.click
1 d38psrni17bvxu.cloudfront.net www.clientesvpn.pinoyliterotica.com
0 bigdatajsext.com Failed k50ptbc.theexcitingsweetflirt.life
35 12

This site contains no links.

Subject Issuer Validity Valid
www.clientesvpn.pinoyliterotica.com
R10
2024-12-13 -
2025-03-13
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
iunia-eap.com
Amazon RSA 2048 M03
2024-11-27 -
2025-12-26
a year crt.sh
wedlore-c.click
Amazon RSA 2048 M03
2024-11-18 -
2025-12-17
a year crt.sh
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2
2024-09-20 -
2025-09-26
a year crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2
2024-07-26 -
2025-08-05
a year crt.sh
theexcitingsweetflirt.life
R11
2024-10-20 -
2025-01-18
3 months crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Frame ID: A3D1BED3F28F1BA2ECAF283A9D543FBE
Requests: 35 HTTP requests in this frame

Screenshot

Page Title

Meet local girls in your area?

Page URL History Show full URLs

  1. https://www.clientesvpn.pinoyliterotica.com/ Page URL
  2. https://iunia-eap.com/zclkvisitor/6c7450c3-b927-11ef-aed4-0affcbb8fd7b/1304ac30-8585-11eb-af9e-0a5... Page URL
  3. https://iunia-eap.com/zclkredirect?visitid=6c7450c3-b927-11ef-aed4-0affcbb8fd7b&type=js&browserWid... HTTP 302
    http://wedlore-c.click/api/v1/px?xmlid=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd HTTP 307
    https://wedlore-c.click/api/v1/px?xmlid=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd Page URL
  4. https://wedlore-c.click/api/v1/pxcheck?impId=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd&minfo=eyJjb29r... HTTP 302
    http://xml-v4.ngcluster-b.online/click?seat=3107752&i=oZZYZ-6Vzko_0 HTTP 307
    https://xml-v4.ngcluster-b.online/click?seat=3107752&i=oZZYZ-6Vzko_0 HTTP 302
    http://8cays.bemobtrcks.com/go/715ba4e3-99d9-493c-b26a-bdad6e94c883?bid=0.0035&conversion=LEk40PnenyI&so... HTTP 307
    https://8cays.bemobtrcks.com/go/715ba4e3-99d9-493c-b26a-bdad6e94c883?bid=0.0035&conversion=LEk40PnenyI&so... HTTP 302
    https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

94 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

10
IPs

2
Countries

3595 kB
Transfer

3806 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.clientesvpn.pinoyliterotica.com/ Page URL
  2. https://iunia-eap.com/zclkvisitor/6c7450c3-b927-11ef-aed4-0affcbb8fd7b/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=6c87d8c0-b927-11ef-aed4-0affcbb8fd7b Page URL
  3. https://iunia-eap.com/zclkredirect?visitid=6c7450c3-b927-11ef-aed4-0affcbb8fd7b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
    http://wedlore-c.click/api/v1/px?xmlid=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd HTTP 307
    https://wedlore-c.click/api/v1/px?xmlid=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd Page URL
  4. https://wedlore-c.click/api/v1/pxcheck?impId=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTMxLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly93ZWRsb3JlLWMuY2xpY2svYXBpL3YxL3B4P3htbGlkPWZIR05yVnBITnRxQllLMVJqdDlKMUxrRHRSckY1dnNVdGhVYUtVaGQiLCJkZXZpY2VTcmVlblNpemUiOiIxMjAweDE2MDAiLCJkZXZpY2VXaW5kb3dTaXplIjoiMTIwMHgxNjAwIiwid25kMnNyY1JhdGlvTHdyMDYiOmZhbHNlLCJlZmZlY3RpdmVUeXBlIjoiNGciLCJ0eiI6NjAwLCJ0ekludGwiOiJQYWNpZmljL0hvbm9sdWx1IiwiaXNCb3QiOmZhbHNlLCJmQm90TmFtZSI6IiIsImZSZWFzb25zIjoiIn0= HTTP 302
    http://xml-v4.ngcluster-b.online/click?seat=3107752&i=oZZYZ-6Vzko_0 HTTP 307
    https://xml-v4.ngcluster-b.online/click?seat=3107752&i=oZZYZ-6Vzko_0 HTTP 302
    http://8cays.bemobtrcks.com/go/715ba4e3-99d9-493c-b26a-bdad6e94c883?bid=0.0035&conversion=LEk40PnenyI&source_subid=0a0653340458fa98d88b16fe3&campaign=1569166&search_referrer_domain=pinoyliterotica.com&pubfeed=314622&query=erotica&carrier=Verizon+Internet+Services&state=ny&banner=6733387&ip=208.252.80.133 HTTP 307
    https://8cays.bemobtrcks.com/go/715ba4e3-99d9-493c-b26a-bdad6e94c883?bid=0.0035&conversion=LEk40PnenyI&source_subid=0a0653340458fa98d88b16fe3&campaign=1569166&search_referrer_domain=pinoyliterotica.com&pubfeed=314622&query=erotica&carrier=Verizon+Internet+Services&state=ny&banner=6733387&ip=208.252.80.133 HTTP 302
    https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://iunia-eap.com/zclkredirect?visitid=6c7450c3-b927-11ef-aed4-0affcbb8fd7b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
  • http://wedlore-c.click/api/v1/px?xmlid=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd HTTP 307
  • https://wedlore-c.click/api/v1/px?xmlid=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd

35 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.clientesvpn.pinoyliterotica.com/
2 KB
2 KB
Document
General
Full URL
https://www.clientesvpn.pinoyliterotica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
Caddy nginx /
Resource Hash
ba819b89f3bdf3267c2c54262e3f74042cc4c0b1bf32126bccdb8f880f0897c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":50944"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 Dec 2024 07:54:04 GMT
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_k1WDYdFloEPeLiVDGAv11rxON6QaEmBPVzOm4iwup7FRpn7HyXMhWAe5c4x8uS5rUxPjyydz68GyQ5YDxNFhTQ==
x-domain
pinoyliterotica.com
x-pcrew-blocked-reason
x-pcrew-ip-organization
Verizon Internet Services
x-redirect
zeropark_zeroclick
x-subdomain
www.clientesvpn
js3.js
d38psrni17bvxu.cloudfront.net/scripts/
1 KB
1 KB
Script
General
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: www.clientesvpn.pinoyliterotica.com
URL: https://www.clientesvpn.pinoyliterotica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.102.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-102-115.iad12.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.clientesvpn.pinoyliterotica.com/

Response headers

etag
"65fc1e7b-448"
age
49374
via
1.1 2c0db92c1f2cc5b91836bff147a5e996.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1096
x-amz-cf-id
glosaf6nXerhCrULDyFQBl3Mp9zNkFfszEAla0PSGF9X8bSH2fHQ0A==
date
Thu, 12 Dec 2024 18:11:11 GMT
content-type
application/javascript
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
IAD12-P5
track.php
www.clientesvpn.pinoyliterotica.com/
0
115 B
XHR
General
Full URL
https://www.clientesvpn.pinoyliterotica.com/track.php?domain=pinoyliterotica.com&toggle=browserjs&uid=MTczNDA3NjQ0NC41ODAzOjg0NmIxM2QwMzBhYzJhYjc0OGQxMjNkZWQ5ZmNjZDY0NzI3MThkNGIxNTU4MzMyZmYyNTU3NmU0NTE3Y2FiOGE6Njc1YmU4MWM4ZGFjMQ%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

viewport-width
1600
ect
4g
Referer
https://www.clientesvpn.pinoyliterotica.com/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt
200
downlink
10

Response headers

content-encoding
gzip
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime
30
x-custom-track
browserjs
access-control-allow-origin
*
alt-svc
h3=":50944"; ma=2592000
date
Fri, 13 Dec 2024 07:54:05 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Caddy, nginx
ls.php
www.clientesvpn.pinoyliterotica.com/
16 B
340 B
XHR
General
Full URL
https://www.clientesvpn.pinoyliterotica.com/ls.php?t=675be81c&token=33753aa8b029968c0680ccb97fac17be037b2088
Requested by
Host: www.clientesvpn.pinoyliterotica.com
URL: https://www.clientesvpn.pinoyliterotica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash

Request headers

viewport-width
1600
ect
4g
Referer
https://www.clientesvpn.pinoyliterotica.com/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt
200
downlink
10

Response headers

access-control-max-age
86400
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
access-control-allow-methods
POST, OPTIONS
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_aBwyJx3LilkpFJ1PXqMCm6CJzX2C7crSBkZGYKmEQgRSESMZFPn54WHOy9W7nCGJgUYSnrvO545vCc1bsFtuvA==
accept-ch-lifetime
30
access-control-allow-origin
alt-svc
h3=":50944"; ma=2592000
date
Fri, 13 Dec 2024 07:54:05 GMT
charset
utf-8
content-type
text/javascript;charset=UTF-8
server
Caddy, nginx
track.php
www.clientesvpn.pinoyliterotica.com/
0
91 B
XHR
General
Full URL
https://www.clientesvpn.pinoyliterotica.com/track.php?click=4531ee5ee79c6f01edb6d28cc2dba0036227c382&domain=pinoyliterotica.com&uid=MTczNDA3NjQ0NC41ODAzOjg0NmIxM2QwMzBhYzJhYjc0OGQxMjNkZWQ5ZmNjZDY0NzI3MThkNGIxNTU4MzMyZmYyNTU3NmU0NTE3Y2FiOGE6Njc1YmU4MWM4ZGFjMQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTEsYnVja2V0MDg4LGJ1Y2tldDA4OSxidWNrZXQwNzd8fHx8fHw2NzViZTgxYzhkYTU0fHx8MTczNDA3NjQ0NC43Njg4fDJhZGYxNjVjNzRkMDQwNzJhNzBlZWRjYzU3ZDkzNWMwMjRjMDI3MmJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwzMzc1M2FhOGIwMjk5NjhjMDY4MGNjYjk3ZmFjMTdiZTAzN2IyMDg4fDB8fDB8MHx8fHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash

Request headers

viewport-width
1600
ect
4g
Referer
https://www.clientesvpn.pinoyliterotica.com/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt
200
downlink
10

Response headers

x-view-match
true
content-encoding
gzip
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime
30
x-custom-track
none
access-control-allow-origin
*
alt-svc
h3=":50944"; ma=2592000
date
Fri, 13 Dec 2024 07:54:05 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Caddy, nginx
1304ac30-8585-11eb-af9e-0a51339b19df
iunia-eap.com/zclkvisitor/6c7450c3-b927-11ef-aed4-0affcbb8fd7b/
3 KB
3 KB
Document
General
Full URL
https://iunia-eap.com/zclkvisitor/6c7450c3-b927-11ef-aed4-0affcbb8fd7b/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=6c87d8c0-b927-11ef-aed4-0affcbb8fd7b
Requested by
Host: www.clientesvpn.pinoyliterotica.com
URL: https://www.clientesvpn.pinoyliterotica.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.42.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-42-70.compute-1.amazonaws.com
Software
/
Resource Hash
8211e6f068dde2db4d48d912fd4e4b8edd3902385056dc4e155ded8b990a9436
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://www.clientesvpn.pinoyliterotica.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Fri, 13 Dec 2024 07:54:05 GMT
px
wedlore-c.click/api/v1/
Redirect Chain
  • https://iunia-eap.com/zclkredirect?visitid=6c7450c3-b927-11ef-aed4-0affcbb8fd7b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • http://wedlore-c.click/api/v1/px?xmlid=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd
  • https://wedlore-c.click/api/v1/px?xmlid=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd
90 KB
21 KB
Document
General
Full URL
https://wedlore-c.click/api/v1/px?xmlid=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd
Requested by
Host: iunia-eap.com
URL: https://iunia-eap.com/zclkvisitor/6c7450c3-b927-11ef-aed4-0affcbb8fd7b/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=6c87d8c0-b927-11ef-aed4-0affcbb8fd7b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.192.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab226b763647f1870.awsglobalaccelerator.com
Software
/
Resource Hash
8a93c5dcf0f0fdbf7a5960db4e1b51fa3d2fd2828235df5a174f193d2075da57

Request headers

Referer
https://iunia-eap.com/zclkvisitor/6c7450c3-b927-11ef-aed4-0affcbb8fd7b/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=6c87d8c0-b927-11ef-aed4-0affcbb8fd7b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 13 Dec 2024 07:54:06 GMT
etag
W/"1698d-sNTVLxKFUkylFUlNuGnPzl+Fe3Y"
vary
Accept-Encoding

Redirect headers

Location
https://wedlore-c.click/api/v1/px?xmlid=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd
Non-Authoritative-Reason
HttpsUpgrades
stormcaster.js
cdn.perfdrive.com/advanced/
240 KB
90 KB
Script
General
Full URL
https://cdn.perfdrive.com/advanced/stormcaster.js
Requested by
Host: wedlore-c.click
URL: https://wedlore-c.click/api/v1/px?xmlid=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash
06355098292635455e261866d3ae12f98ce81e3dac79295425ed5863e823e79f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wedlore-c.click/

Response headers

cache-control
max-age=3600,public
content-encoding
gzip
etag
W/"674e9704-3bf3a"
age
2177
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91395
date
Fri, 13 Dec 2024 07:17:49 GMT
last-modified
Tue, 03 Dec 2024 05:28:36 GMT
content-type
application/javascript
server
nginx/1.10.1
vary
Accept-Encoding
jsdata
cas.avalon.perfdrive.com/
360 B
506 B
XHR
General
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://wedlore-c.click/

Response headers

via
1.1 google
x-response-time
4ms
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
360
date
Fri, 13 Dec 2024 07:54:06 GMT
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/
198 B
257 B
XHR
General
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://wedlore-c.click/

Response headers

via
1.1 google
x-response-time
9ms
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
date
Fri, 13 Dec 2024 07:54:06 GMT
content-type
text/plain; charset=UTF-8
Primary Request v712fu8
k50ptbc.theexcitingsweetflirt.life/
Redirect Chain
  • https://wedlore-c.click/api/v1/pxcheck?impId=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuM...
  • http://xml-v4.ngcluster-b.online/click?seat=3107752&i=oZZYZ-6Vzko_0
  • https://xml-v4.ngcluster-b.online/click?seat=3107752&i=oZZYZ-6Vzko_0
  • http://8cays.bemobtrcks.com/go/715ba4e3-99d9-493c-b26a-bdad6e94c883?bid=0.0035&conversion=LEk40PnenyI&source_subid=0a0653340458fa98d88b16fe3&campaign=1569166&search_referrer_domain=pinoyliterotica....
  • https://8cays.bemobtrcks.com/go/715ba4e3-99d9-493c-b26a-bdad6e94c883?bid=0.0035&conversion=LEk40PnenyI&source_subid=0a0653340458fa98d88b16fe3&campaign=1569166&search_referrer_domain=pinoyliterotica...
  • https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
6 KB
6 KB
Document
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Requested by
Host: wedlore-c.click
URL: https://wedlore-c.click/api/v1/px?xmlid=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
dd9f401baeabc8063c8787136b4930a70593a6a242c98e50ccc0badea0e7a128

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
5834
Content-Type
text/html
Date
Fri, 13 Dec 2024 07:54:08 GMT
Server
openresty
cache-control
private

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin
*
cache-control
no-cache
content-length
260
content-type
text/html; charset=utf-8
date
Fri, 13 Dec 2024 07:54:07 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
server
openresty
vary
Accept
x-response-time
21.938ms
css2
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700;900&display=swap
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.197.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f95.1e100.net
Software
ESF /
Resource Hash
6249a639e8cfba4180cecb2899158fc25f679b4b8f23ff7d8d043cc5a7508663
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 07:54:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 07:54:08 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 13 Dec 2024 07:54:08 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bootstrap.min.css
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/css/
119 KB
119 KB
Stylesheet
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/css/bootstrap.min.css
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
dbc00aa48350bcd97d8552bb0cf29619a4270ed446d373361cd558ebd45d923e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"62bf3f2824e4f6ba94faf3a435dac175"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:08 GMT
Date
Fri, 13 Dec 2024 07:54:08 GMT
Content-Type
text/css
x-amz-meta-mc-attrs
atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1714486480#304984527/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Thu, 01 Aug 2024 07:19:19 GMT
X-Amz-Id-2
354f9eb41c4f44111da43ee93430d467ccc8f740dac6a89f93d2690a13b4c5b4
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD5799576092
X-Ratelimit-Remaining
365
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2024-04-30T14:14:40.304984527Z
Content-Length
121364
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
365
Server
openresty
style.css
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/css/
22 KB
23 KB
Stylesheet
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/css/style.css
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
22d55a04c370e705ded8c59ae25aa86ee6e9f77a38c6a0e06d453af502a053d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"c627d1f90cd8fc3d841ce6bbbf1b8211"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:08 GMT
Date
Fri, 13 Dec 2024 07:54:08 GMT
Content-Type
text/css
x-amz-meta-mc-attrs
atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1714486480#624985090/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Thu, 01 Aug 2024 07:19:19 GMT
X-Amz-Id-2
af968cfc53e5d4d46c2a7314ea3774fe010d1d1a8defca6495a09901b4f201c0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57B4881143
X-Ratelimit-Remaining
336
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2024-04-30T14:14:40.62498509Z
Content-Length
22674
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
336
Server
openresty
js.cookie.js
k50ptbc.theexcitingsweetflirt.life/cookie/
4 KB
5 KB
Script
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/cookie/js.cookie.js
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"a7e9883924072f15259de6888d5ef515"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:08 GMT
Date
Fri, 13 Dec 2024 07:54:08 GMT
Content-Type
application/javascript
Last-Modified
Wed, 31 Aug 2022 09:31:17 GMT
Vary
Origin, Accept-Encoding
X-Amz-Id-2
af968cfc53e5d4d46c2a7314ea3774fe010d1d1a8defca6495a09901b4f201c0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57AB949D5B
X-Ratelimit-Remaining
336
Accept-Ranges
bytes
Content-Length
4264
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
336
Server
openresty
utils.js
k50ptbc.theexcitingsweetflirt.life/util/
7 KB
8 KB
Script
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/util/utils.js
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
a487d76bb55539f230c127ef33550d5c455ac0b67ca2b78b87452345bb0dc718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"85a42b1d6c8769fce99fb44aefb041b0"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:08 GMT
Date
Fri, 13 Dec 2024 07:54:08 GMT
Content-Type
text/javascript
x-amz-meta-mc-attrs
atime:1719824921#861045785/gid:0/gname:root/mode:33188/mtime:1719824938#357078843/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Mon, 01 Jul 2024 09:08:58 GMT
X-Amz-Id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57ABCC93CA
X-Ratelimit-Remaining
1988
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2024-07-01T09:08:58.408Z
Content-Length
7514
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
1988
Server
openresty
flag-icon.css
k50ptbc.theexcitingsweetflirt.life/util/flag-icon/css/
40 KB
41 KB
Stylesheet
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/util/flag-icon/css/flag-icon.css
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"0a47b937981e7389e3ebe63e4a503066"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:08 GMT
Date
Fri, 13 Dec 2024 07:54:08 GMT
Content-Type
text/css
x-amz-meta-mc-attrs
atime:1693134513#296037122/gid:0/gname:root/mode:33188/mtime:1655386274#684017000/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Wed, 20 Sep 2023 15:26:15 GMT
X-Amz-Id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57AACFC8A7
X-Ratelimit-Remaining
1988
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2022-06-16T13:31:14.684017Z
Content-Length
40627
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
1988
Server
openresty
logo.svg
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/
7 KB
8 KB
Image
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/logo.svg
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
5f4d4ccd9b615c92051e826d7df50ac94f633d84cdd92238f795de6c90b6a031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"e8295fe69a31b215b9b777c8e3bd71e3"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:08 GMT
Date
Fri, 13 Dec 2024 07:54:08 GMT
Content-Type
image/svg+xml
x-amz-meta-mc-attrs
atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1714486485#52992874/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Thu, 01 Aug 2024 07:19:19 GMT
X-Amz-Id-2
42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57B4A6DC7D
X-Ratelimit-Remaining
336
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2024-04-30T14:14:45.052992874Z
Content-Length
7403
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
336
Server
openresty
pin.png
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/
2 KB
3 KB
Image
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/pin.png
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
387fe3f0fe377eb6a64cd292c35320adc4f0c794d29d67cb902f7168b4fc4c13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"269856e9ecc6ae6efa3369f149fc69f0"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:08 GMT
Date
Fri, 13 Dec 2024 07:54:08 GMT
Content-Type
image/png
x-amz-meta-mc-attrs
atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1714486485#324993351/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Thu, 01 Aug 2024 07:19:19 GMT
X-Amz-Id-2
354f9eb41c4f44111da43ee93430d467ccc8f740dac6a89f93d2690a13b4c5b4
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57B67138C7
X-Ratelimit-Remaining
364
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2024-04-30T14:14:45.324993351Z
Content-Length
1700
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
365
Server
openresty
1.gif
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/
647 KB
648 KB
Image
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/1.gif
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
cae064264662614161221029be0b319a722ee840619cbf401c61c4974f10115a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"630b7121ce12615e754f3eba058627a7"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:08 GMT
Date
Fri, 13 Dec 2024 07:54:08 GMT
Content-Type
image/gif
x-amz-meta-mc-attrs
atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1714486481#692986967/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Thu, 01 Aug 2024 07:19:19 GMT
X-Amz-Id-2
42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57C03FE207
X-Ratelimit-Remaining
336
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2024-04-30T14:14:41.692986967Z
Content-Length
662430
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
336
Server
openresty
2.gif
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/
644 KB
644 KB
Image
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/2.gif
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
fd0ff4aa9c30dd8ca9a6edad9da42355a49aedbaa9834d12935de66ffe86210a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"6d77f7c963c4942077471e70237840ff"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:08 GMT
Date
Fri, 13 Dec 2024 07:54:08 GMT
Content-Type
image/gif
x-amz-meta-mc-attrs
atime:1714486481#932987389/gid:0/gname:root/mode:33188/mtime:1714486482#252987951/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Tue, 30 Apr 2024 14:14:42 GMT
X-Amz-Id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57B78F9AB8
X-Ratelimit-Remaining
1988
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2024-04-30T14:14:42.304Z
Content-Length
659051
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
1988
Server
openresty
3.gif
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/
320 KB
321 KB
Image
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/3.gif
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
f7957eebe533f0a9e47c4ec9b04aa5af540d5c4fcedfedebd61c9a718db3f477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"7a6112baba3c6ab41630e3b20f7bc633"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:09 GMT
Date
Fri, 13 Dec 2024 07:54:09 GMT
Content-Type
image/gif
x-amz-meta-mc-attrs
atime:1714486482#476988345/gid:0/gname:root/mode:33188/mtime:1714486482#756988838/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Tue, 30 Apr 2024 14:14:42 GMT
X-Amz-Id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57BC658AC4
X-Ratelimit-Remaining
1988
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2024-04-30T14:14:42.808Z
Content-Length
328170
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
1988
Server
openresty
4.gif
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/
330 KB
331 KB
Image
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/4.gif
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
498976dc35d2da1bb3c054a58998cd67bd59038956f98e79468aea8f4d0e8456
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"fa5689dd0c1dbfc6b86df2c38c910d71"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:09 GMT
Date
Fri, 13 Dec 2024 07:54:09 GMT
Content-Type
image/gif
x-amz-meta-mc-attrs
atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1714486483#252989709/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Thu, 01 Aug 2024 07:19:19 GMT
X-Amz-Id-2
31f7dd36b65146a775b93356924fa83cf99019d4a4dfda4a9a6512d5179fdf9c
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57D799A921
X-Ratelimit-Remaining
374
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2024-04-30T14:14:43.252989709Z
Content-Length
337808
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
374
Server
openresty
5.gif
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/
456 KB
457 KB
Image
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/5.gif
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
75effea9eb10db212e9a485b918fcc5cf13b4380933a0aef4f0f5157dd09e2d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"9e28135137e0c05f91fb0c1db642a582"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:09 GMT
Date
Fri, 13 Dec 2024 07:54:09 GMT
Content-Type
image/gif
x-amz-meta-mc-attrs
atime:1714486483#812990694/gid:0/gname:root/mode:33188/mtime:1714486483#764990610/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Tue, 30 Apr 2024 14:14:43 GMT
X-Amz-Id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57CEC8CBA4
X-Ratelimit-Remaining
1988
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2024-04-30T14:14:43.814Z
Content-Length
466848
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
1988
Server
openresty
6.gif
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/
350 KB
351 KB
Image
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/6.gif
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
d7acacc58fc1341166cdd640ef3e3c6dd30c4a97d4fb79705e4ec092505ee7a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"4b32cfae93bcdf342d933685fd416b71"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:09 GMT
Date
Fri, 13 Dec 2024 07:54:09 GMT
Content-Type
image/gif
x-amz-meta-mc-attrs
atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1714486484#260991481/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Thu, 01 Aug 2024 07:19:19 GMT
X-Amz-Id-2
42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57E36FD262
X-Ratelimit-Remaining
336
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2024-04-30T14:14:44.260991481Z
Content-Length
358598
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
336
Server
openresty
jquery.min.js
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/js/
85 KB
86 KB
Script
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/js/jquery.min.js
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"378087a64e1394fc51f300bb9c11878c"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:09 GMT
Date
Fri, 13 Dec 2024 07:54:09 GMT
Content-Type
text/javascript
x-amz-meta-mc-attrs
atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1719827164#573764602/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Thu, 01 Aug 2024 07:19:19 GMT
X-Amz-Id-2
af968cfc53e5d4d46c2a7314ea3774fe010d1d1a8defca6495a09901b4f201c0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57C65ACE97
X-Ratelimit-Remaining
336
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2024-07-01T09:46:04.573764602Z
Content-Length
86929
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
336
Server
openresty
main.js
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/js/
2 KB
3 KB
Script
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/js/main.js
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
f592a3ef0e9211a4cab1ffa4d6c0b58f350006aa115dc3eb2d1b73baf0a31466
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"006bd1079c28e5ecb27ad3a2cbd43642"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:09 GMT
Date
Fri, 13 Dec 2024 07:54:09 GMT
Content-Type
text/javascript
x-amz-meta-mc-attrs
atime:1715611636#813343337/gid:0/gname:root/mode:33188/mtime:1719827164#461764354/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Mon, 01 Jul 2024 09:46:04 GMT
X-Amz-Id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57BC8334CF
X-Ratelimit-Remaining
1988
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2024-07-01T09:46:04.524Z
Content-Length
2373
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
1988
Server
openresty
bb.js
k50ptbc.theexcitingsweetflirt.life/media/
639 B
1 KB
Script
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/bb.js
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"0d553e4bac91c74bfee2dbabba61e99e"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:08 GMT
Date
Fri, 13 Dec 2024 07:54:08 GMT
Content-Type
application/javascript
x-amz-meta-mc-attrs
atime:1676832256#258761277/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Mon, 20 Feb 2023 09:29:45 GMT
X-Amz-Id-2
42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810ACC412AAE959
X-Ratelimit-Remaining
336
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2022-07-28T17:55:13.852764Z
Content-Length
639
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
336
Server
openresty
exit1.js
k50ptbc.theexcitingsweetflirt.life/media/exit-new/
3 KB
4 KB
Script
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/exit-new/exit1.js
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=Ebq1uPJL9rMzTfb2mUFBcL&cid=Ebq1uPJL9rMzTfb2mUFBcL

Response headers

ETag
"625e5e2950612f771e246beb33c9ea61"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:09 GMT
Date
Fri, 13 Dec 2024 07:54:09 GMT
Content-Type
text/javascript
x-amz-meta-mc-attrs
atime:1720014412#200181126/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Thu, 01 Aug 2024 07:20:12 GMT
X-Amz-Id-2
42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810ACC413669B2F
X-Ratelimit-Remaining
336
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2022-06-16T13:19:04.182688Z
Content-Length
3473
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
336
Server
openresty
bg.png
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/
361 KB
362 KB
Image
General
Full URL
https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/bg.png
Requested by
Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software
openresty /
Resource Hash
b60d033c34d508030083e9728c8a38eefdb52f2f9ce97b683798278639f2a794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/css/style.css

Response headers

ETag
"776af7090545473f0a242c8bcaea1220"
X-Content-Type-Options
nosniff
Expires
Sat, 13 Dec 2025 07:54:09 GMT
Date
Fri, 13 Dec 2024 07:54:09 GMT
Content-Type
image/png
x-amz-meta-mc-attrs
atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1714486484#772992382/uid:0/uname:root
Vary
Origin, Accept-Encoding
Last-Modified
Thu, 01 Aug 2024 07:19:19 GMT
X-Amz-Id-2
31f7dd36b65146a775b93356924fa83cf99019d4a4dfda4a9a6512d5179fdf9c
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=31536000, no-transform
Connection
keep-alive
X-Amz-Request-Id
1810AD57CE067C79
X-Ratelimit-Remaining
374
Accept-Ranges
bytes
x-amz-meta-mm-source-mtime
2024-04-30T14:14:44.772992382Z
Content-Length
369561
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
374
Server
openresty
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://k50ptbc.theexcitingsweetflirt.life
Referer
https://fonts.googleapis.com/

Response headers

age
46550
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 18:58:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 18:58:19 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://k50ptbc.theexcitingsweetflirt.life
Referer
https://fonts.googleapis.com/

Response headers

age
175967
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 07:01:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 07:01:22 GMT
last-modified
Thu, 01 Aug 2024 20:41:28 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18436
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://k50ptbc.theexcitingsweetflirt.life
Referer
https://fonts.googleapis.com/

Response headers

age
23808
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 01:17:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 01:17:21 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
favicon.ico
k50ptbc.theexcitingsweetflirt.life/
0
0

getextparams
bigdatajsext.com/ExtService.svc/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
k50ptbc.theexcitingsweetflirt.life
URL
https://k50ptbc.theexcitingsweetflirt.life/favicon.ico
Domain
bigdatajsext.com
URL
https://bigdatajsext.com/ExtService.svc/getextparams

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| requestLink object| geoInfo string| ip string| devInfo number| exDays function| wireUpEvents function| Cookies function| docReady function| getParameterByName function| hideUnsub function| languageDetection function| writeLocation function| showLocation function| appendPixels function| getCookie function| getBackendParamsByName function| addSessionId function| $ function| jQuery function| getUrlParameter function| getUrlWithParam string| exitsplashpage function| DisplayExitSplash function| addLoadEvent function| addClickEvent function| disablelinksfunc function| disableformsfunc string| optPushSite string| optPushMethod object| optPush

13 Cookies

Domain/Path Name / Value
.wedlore-c.click/ Name: __ssds
Value: 2
.wedlore-c.click/ Name: __ssuzjsr2
Value: a9be0cd8e
.wedlore-c.click/ Name: __uzmaj2
Value: baa49ab3-6d8d-4b69-8fcb-cea181d25bb9
.wedlore-c.click/ Name: __uzmbj2
Value: 1734076446
.wedlore-c.click/ Name: __uzmcj2
Value: 354641040860
.wedlore-c.click/ Name: __uzmdj2
Value: 1734076446
.wedlore-c.click/ Name: __uzmlj2
Value: zaWvXFp9/URfp2xx7PS2AEsku7iVlAFh5ZcDA+4PotU=
.wedlore-c.click/ Name: __uzmfj2
Value: 7f6000a9129ad5-4ec3-4d05-a4a3-2f12f6e9db0117340764467780-e64a3c7958cd675410
.8cays.bemobtrcks.com/ Name: bemob-viewer-id
Value: 3be4974f-5039-4717-913f-5ea8359a68f5
.8cays.bemobtrcks.com/ Name: bemob-uniq-visit:715ba4e3-99d9-493c-b26a-bdad6e94c883
Value: 1
.8cays.bemobtrcks.com/ Name: bemob-rotation:715ba4e3-99d9-493c-b26a-bdad6e94c883:random:8180f269b48999c4fddb3e964617dfed
Value: 0-0-0
.8cays.bemobtrcks.com/ Name: bemob-click-id
Value: Ebq1uPJL9rMzTfb2mUFBcL
k50ptbc.theexcitingsweetflirt.life/ Name: sid
Value: t2~ggpyoiybume2f1ct2wwrkxqv

2 Console Messages

Source Level URL
Text
rendering warning URL: https://iunia-eap.com/zclkvisitor/6c7450c3-b927-11ef-aed4-0affcbb8fd7b/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=6c87d8c0-b927-11ef-aed4-0affcbb8fd7b
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A030F500AC1E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://wedlore-c.click/api/v1/px?xmlid=fHGNrVpHNtqBYK1Rjt9J1LkDtRrF5vsUthUaKUhd
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A030F500AC1E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8cays.bemobtrcks.com
bigdatajsext.com
cas.avalon.perfdrive.com
cdn.perfdrive.com
d38psrni17bvxu.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
iunia-eap.com
k50ptbc.theexcitingsweetflirt.life
wedlore-c.click
www.clientesvpn.pinoyliterotica.com
xml-v4.ngcluster-b.online
bigdatajsext.com
k50ptbc.theexcitingsweetflirt.life
13.248.148.254
130.211.29.114
172.217.197.95
173.239.53.32
185.155.184.184
3.171.102.115
3.33.192.145
35.241.15.240
44.223.210.42
54.205.42.70
74.125.192.94
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
06355098292635455e261866d3ae12f98ce81e3dac79295425ed5863e823e79f
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
22d55a04c370e705ded8c59ae25aa86ee6e9f77a38c6a0e06d453af502a053d7
387fe3f0fe377eb6a64cd292c35320adc4f0c794d29d67cb902f7168b4fc4c13
498976dc35d2da1bb3c054a58998cd67bd59038956f98e79468aea8f4d0e8456
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
5f4d4ccd9b615c92051e826d7df50ac94f633d84cdd92238f795de6c90b6a031
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
6249a639e8cfba4180cecb2899158fc25f679b4b8f23ff7d8d043cc5a7508663
75effea9eb10db212e9a485b918fcc5cf13b4380933a0aef4f0f5157dd09e2d8
8211e6f068dde2db4d48d912fd4e4b8edd3902385056dc4e155ded8b990a9436
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a93c5dcf0f0fdbf7a5960db4e1b51fa3d2fd2828235df5a174f193d2075da57
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
a487d76bb55539f230c127ef33550d5c455ac0b67ca2b78b87452345bb0dc718
b60d033c34d508030083e9728c8a38eefdb52f2f9ce97b683798278639f2a794
ba819b89f3bdf3267c2c54262e3f74042cc4c0b1bf32126bccdb8f880f0897c3
cae064264662614161221029be0b319a722ee840619cbf401c61c4974f10115a
d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39
d7acacc58fc1341166cdd640ef3e3c6dd30c4a97d4fb79705e4ec092505ee7a5
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dbc00aa48350bcd97d8552bb0cf29619a4270ed446d373361cd558ebd45d923e
dd9f401baeabc8063c8787136b4930a70593a6a242c98e50ccc0badea0e7a128
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f592a3ef0e9211a4cab1ffa4d6c0b58f350006aa115dc3eb2d1b73baf0a31466
f7957eebe533f0a9e47c4ec9b04aa5af540d5c4fcedfedebd61c9a718db3f477
fd0ff4aa9c30dd8ca9a6edad9da42355a49aedbaa9834d12935de66ffe86210a