k50ptbc.theexcitingsweetflirt.life Open in urlscan Pro
185.155.184.184 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ww38.lushstories.co/
Effective URL:
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED
Submission Tags: scan
Submission: On December 30 via api (December 30th 2024, 4:39:24 am UTC) from US — Scanned from US

Summary HTTP 38 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 11 domains to perform 38 HTTP transactions. The main IP is 185.155.184.184, located in Switzerland and belongs to AS-6898 AS5398 SA, CH. The main domain is k50ptbc.theexcitingsweetflirt.life.
TLS certificate: Issued by R10 on December 19th 2024. Valid for: 3 months.

This is the only time k50ptbc.theexcitingsweetflirt.life was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	76.223.26.96 76.223.26.96	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:220... 2600:9000:2209:1600:1d:4618:5c80:21	16509 (AMAZON-02) (AMAZON-02)
1 2	18.208.55.83 18.208.55.83	14618 (AMAZON-AES) (AMAZON-AES)
1 2	15.197.224.234 15.197.224.234	16509 (AMAZON-02) (AMAZON-02)
1	130.211.29.114 130.211.29.114	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.241.15.240 35.241.15.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	2600:1f18:43d... 2600:1f18:43d1:2a02:c6f9:e151:e2e1:732d	14618 (AMAZON-AES) (AMAZON-AES)
23	185.155.184.184 185.155.184.184	6898 (AS-6898 A...) (AS-6898 AS5398 SA)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
38	10

4 76.223.26.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: aba1c1ff9d2ec5376.awsglobalaccelerator.com

ww38.lushstories.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:1600:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)

d38psrni17bvxu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.208.55.83 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-55-83.compute-1.amazonaws.com

iunia-eap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.224.234 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com

wedlore-c.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com

cdn.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.15.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com

cas.avalon.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (New York, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml-v4.lensgard-2.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:43d1:2a02:c6f9:e151:e2e1:732d (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

8cays.bemobtrcks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 185.155.184.184 (Switzerland)

ASN6898 (AS-6898 AS5398 SA, CH)

k50ptbc.theexcitingsweetflirt.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	theexcitingsweetflirt.life k50ptbc.theexcitingsweetflirt.life	3 MB
4	lushstories.co ww38.lushstories.co	2 KB
3	gstatic.com fonts.gstatic.com	54 KB
3	perfdrive.com cdn.perfdrive.com — Cisco Umbrella Rank: 42639 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 12953	90 KB
2	wedlore-c.click 1 redirects wedlore-c.click	21 KB
2	iunia-eap.com 1 redirects iunia-eap.com	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	bemobtrcks.com 1 redirects 8cays.bemobtrcks.com	1 KB
1	lensgard-2.online 1 redirects xml-v4.lensgard-2.online	483 B
1	cloudfront.net d38psrni17bvxu.cloudfront.net	1 KB
0	bigdatajsext.com Failed bigdatajsext.com Failed
38	11

	Domain	Requested by
23	k50ptbc.theexcitingsweetflirt.life	wedlore-c.click k50ptbc.theexcitingsweetflirt.life
4	ww38.lushstories.co	d38psrni17bvxu.cloudfront.net ww38.lushstories.co
3	fonts.gstatic.com	fonts.googleapis.com
2	cas.avalon.perfdrive.com	cdn.perfdrive.com
2	wedlore-c.click	1 redirects iunia-eap.com
2	iunia-eap.com	1 redirects ww38.lushstories.co
1	fonts.googleapis.com	k50ptbc.theexcitingsweetflirt.life
1	8cays.bemobtrcks.com	1 redirects
1	xml-v4.lensgard-2.online	1 redirects
1	cdn.perfdrive.com	wedlore-c.click
1	d38psrni17bvxu.cloudfront.net	ww38.lushstories.co
0	bigdatajsext.com Failed	k50ptbc.theexcitingsweetflirt.life
38	12

This site contains no links.

Subject Issuer	Validity	Valid
ww38.lushstories.co R11	`2024-12-30` - `2025-03-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
iunia-eap.com Amazon RSA 2048 M03	`2024-11-27` - `2025-12-26`	a year	crt.sh
wedlore-c.click Amazon RSA 2048 M03	`2024-11-18` - `2025-12-17`	a year	crt.sh
*.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2024-09-20` - `2025-09-26`	a year	crt.sh
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2024-07-26` - `2025-08-05`	a year	crt.sh
theexcitingsweetflirt.life R10	`2024-12-19` - `2025-03-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED
Frame ID: 914127DF03D57EC0618A689B498136D3
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Meet local girls in your area?

Page URL History Show full URLs

http://ww38.lushstories.co/ HTTP 307
https://ww38.lushstories.co/ Page URL
https://iunia-eap.com/zclkvisitor/07d80230-c668-11ef-8b58-126e6ade2097/1304ac30-8585-11eb-af9e-0a5... Page URL
https://iunia-eap.com/zclkredirect?visitid=07d80230-c668-11ef-8b58-126e6ade2097&type=js&browserWid... HTTP 302
http://wedlore-c.click/api/v1/px?xmlid=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ HTTP 307
https://wedlore-c.click/api/v1/px?xmlid=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ Page URL
https://wedlore-c.click/api/v1/pxcheck?impId=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ&minfo=eyJjb29r... HTTP 302
http://xml-v4.lensgard-2.online/click?seat=3107752&i=TeZ5a0QCq88_0 HTTP 307
https://xml-v4.lensgard-2.online/click?seat=3107752&i=TeZ5a0QCq88_0 HTTP 302
http://8cays.bemobtrcks.com/go/715ba4e3-99d9-493c-b26a-bdad6e94c883?bid=0.0065&conversion=Jvp1iit*9lU&so... HTTP 307
https://8cays.bemobtrcks.com/go/715ba4e3-99d9-493c-b26a-bdad6e94c883?bid=0.0065&conversion=Jvp1iit*9lU&so... HTTP 302
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

97 %
HTTPS

36 %
IPv6

11
Domains

12
Subdomains

10
IPs

2
Countries

3659 kB
Transfer

3870 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ww38.lushstories.co/ HTTP 307
https://ww38.lushstories.co/ Page URL
https://iunia-eap.com/zclkvisitor/07d80230-c668-11ef-8b58-126e6ade2097/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=07e373e2-c668-11ef-8b58-126e6ade2097 Page URL
https://iunia-eap.com/zclkredirect?visitid=07d80230-c668-11ef-8b58-126e6ade2097&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
http://wedlore-c.click/api/v1/px?xmlid=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ HTTP 307
https://wedlore-c.click/api/v1/px?xmlid=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ Page URL
https://wedlore-c.click/api/v1/pxcheck?impId=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTMxLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly93ZWRsb3JlLWMuY2xpY2svYXBpL3YxL3B4P3htbGlkPVNCZlU3NXBzQTNDanB4SDhnUUZRYWxSTXE5bU4zd0k1anZWSHJ4TlEiLCJkZXZpY2VTcmVlblNpemUiOiIxMjAweDE2MDAiLCJkZXZpY2VXaW5kb3dTaXplIjoiMTIwMHgxNjAwIiwid25kMnNyY1JhdGlvTHdyMDYiOmZhbHNlLCJlZmZlY3RpdmVUeXBlIjoiNGciLCJ0eiI6NjAwLCJ0ekludGwiOiJQYWNpZmljL0hvbm9sdWx1IiwiaXNCb3QiOmZhbHNlLCJmQm90TmFtZSI6IiIsImZSZWFzb25zIjoiIn0= HTTP 302
http://xml-v4.lensgard-2.online/click?seat=3107752&i=TeZ5a0QCq88_0 HTTP 307
https://xml-v4.lensgard-2.online/click?seat=3107752&i=TeZ5a0QCq88_0 HTTP 302
http://8cays.bemobtrcks.com/go/715ba4e3-99d9-493c-b26a-bdad6e94c883?bid=0.0065&conversion=Jvp1iit*9lU&source_subid=f3cca6b8fbc46acde5953e9b3&campaign=1569166&search_referrer_domain=lushstories.co&pubfeed=314622&query=lushstories.co%252Clushstories%252Cco&carrier=Verizon+Internet+Services&state=ny&banner=6733387&ip=208.252.80.43 HTTP 307
https://8cays.bemobtrcks.com/go/715ba4e3-99d9-493c-b26a-bdad6e94c883?bid=0.0065&conversion=Jvp1iit*9lU&source_subid=f3cca6b8fbc46acde5953e9b3&campaign=1569166&search_referrer_domain=lushstories.co&pubfeed=314622&query=lushstories.co%252Clushstories%252Cco&carrier=Verizon+Internet+Services&state=ny&banner=6733387&ip=208.252.80.43 HTTP 302
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ww38.lushstories.co/ HTTP 307
https://ww38.lushstories.co/

Request Chain 6

https://iunia-eap.com/zclkredirect?visitid=07d80230-c668-11ef-8b58-126e6ade2097&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
http://wedlore-c.click/api/v1/px?xmlid=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ HTTP 307
https://wedlore-c.click/api/v1/px?xmlid=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
ww38.lushstories.co/
Redirect Chain

http://ww38.lushstories.co/
https://ww38.lushstories.co/

2 KB
2 KB

479ms
248ms

Document
text/html

76.223.26.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww38.lushstories.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.26.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software: Caddy nginx /
Resource Hash: cfc4370139ea4ca826af87c9db97d868fd1bd3e3d12a650a4deef0e0dc5c0c83

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime: 30
alt-svc: h3=":50944"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 30 Dec 2024 04:39:18 GMT
server: Caddy nginx
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Ax45sQzlmtaRu0sz9PC2nljF4zUETtYhYoMr8cb4AXiaE+R0cM1nfPpv69NnCv6mOhDvR22L3ATXzSBt1zNMyA==
x-domain: lushstories.co
x-pcrew-blocked-reason
x-pcrew-ip-organization: Verizon Internet Services
x-redirect: zeropark_zeroclick
x-subdomain: ww38

Redirect headers

Location: https://ww38.lushstories.co/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js3.js Show response
d38psrni17bvxu.cloudfront.net/scripts/ 1 KB
1 KB 313ms
44ms Script
application/javascript 2600:9000:2209:1600:1d:4618:5c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by: Host: ww38.lushstories.co
URL: https://ww38.lushstories.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:1600:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ww38.lushstories.co/

Response headers

etag: "65fc1e7b-448"
age: 37659
via: 1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1096
x-amz-cf-id: -UadNhQUfyWHcfCyaRyayHV5nPdXpoAuLNLwCWUlOIzuN6HTlfuPmQ==
date: Sun, 29 Dec 2024 18:11:39 GMT
content-type: application/javascript
last-modified: Thu, 21 Mar 2024 11:48:11 GMT
server: nginx
x-amz-cf-pop: EWR53-P1

GET
H2 200 track.php Show response
ww38.lushstories.co/ 0
92 B 60ms
59ms XHR
text/html 76.223.26.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww38.lushstories.co/track.php?domain=lushstories.co&toggle=browserjs&uid=MTczNTUzMzU1OC4xODkxOjZiNjYzYWI5MTQ1NzM5NGZlYmMyMzI2MDRkNzBmYWY0ZmI3ZmJkNjZjYTM1YzJiZGQzNjBhYTFjNDRhNDQwOGY6Njc3MjIzZjYyZTJjZg%3D%3D
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.26.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software: Caddy, nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

viewport-width: 1600
ect: 4g
Referer: https://ww38.lushstories.co/
device-memory: 8
dpr: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt: 150
downlink: 10

Response headers

content-encoding: gzip
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
x-custom-track: browserjs
access-control-allow-origin: *
alt-svc: h3=":50944"; ma=2592000
date: Mon, 30 Dec 2024 04:39:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Caddy, nginx

GET
H2 201 ls.php
ww38.lushstories.co/ 16 B
340 B 77ms
76ms XHR
text/javascript 76.223.26.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww38.lushstories.co/ls.php?t=677223f6&token=502fd955b299dbbce8d70c7a143bd726da24a8e5
Requested by: Host: ww38.lushstories.co
URL: https://ww38.lushstories.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.26.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software: Caddy, nginx /
Resource Hash

Request headers

viewport-width: 1600
ect: 4g
Referer: https://ww38.lushstories.co/
device-memory: 8
dpr: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt: 150
downlink: 10

Response headers

access-control-max-age: 86400
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
access-control-allow-methods: POST, OPTIONS
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_tY0zPZdHqgf9/UjVKAQdNcBCAKwhMSFhYfaYfZGUePJU9bmFyf191vx17ZlZxq+qLMWpd9iMMPn5EzKS4s8Jwg==
accept-ch-lifetime: 30
access-control-allow-origin
alt-svc: h3=":50944"; ma=2592000
date: Mon, 30 Dec 2024 04:39:18 GMT
charset: utf-8
content-type: text/javascript;charset=UTF-8
server: Caddy, nginx

GET
H2 200 track.php
ww38.lushstories.co/ 0
91 B 127ms
127ms XHR
text/html 76.223.26.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww38.lushstories.co/track.php?click=b306fd2ed13b302b15a12c2c3cbb6cfa51739d69&domain=lushstories.co&uid=MTczNTUzMzU1OC4xODkxOjZiNjYzYWI5MTQ1NzM5NGZlYmMyMzI2MDRkNzBmYWY0ZmI3ZmJkNjZjYTM1YzJiZGQzNjBhYTFjNDRhNDQwOGY6Njc3MjIzZjYyZTJjZg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTEsYnVja2V0MDg4LGJ1Y2tldDA4OSxidWNrZXQwNzd8fHx8fHw2NzcyMjNmNjJlMjk2fHx8MTczNTUzMzU1OC4zMjA1fDlmOTk1Nzg0ZjIwZDkwNTM2OWM0OGI4NzE1YTFmMjM0YzA5N2FjODB8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw1MDJmZDk1NWIyOTlkYmJjZThkNzBjN2ExNDNiZDcyNmRhMjRhOGU1fDB8fDB8MHx8fHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.26.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software: Caddy, nginx /
Resource Hash

Request headers

viewport-width: 1600
ect: 4g
Referer: https://ww38.lushstories.co/
device-memory: 8
dpr: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt: 150
downlink: 10

Response headers

x-view-match: true
content-encoding: gzip
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
x-custom-track: none
access-control-allow-origin: *
alt-svc: h3=":50944"; ma=2592000
date: Mon, 30 Dec 2024 04:39:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Caddy, nginx

GET
H2 200 1304ac30-8585-11eb-af9e-0a51339b19df Show response
iunia-eap.com/zclkvisitor/07d80230-c668-11ef-8b58-126e6ade2097/ 3 KB
3 KB 180ms
46ms Document
text/html 18.208.55.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://iunia-eap.com/zclkvisitor/07d80230-c668-11ef-8b58-126e6ade2097/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=07e373e2-c668-11ef-8b58-126e6ade2097

Requested by

Host: ww38.lushstories.co
URL: https://ww38.lushstories.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.208.55.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-208-55-83.compute-1.amazonaws.com

Software

Resource Hash

87f8228a604b124a74629e408b63ebbe4b2a64a69d998a18e7308619f1a1ce74

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: https://ww38.lushstories.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 3088
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Mon, 30 Dec 2024 04:39:19 GMT

GET
H2

200

px Show response
wedlore-c.click/api/v1/
Redirect Chain

https://iunia-eap.com/zclkredirect?visitid=07d80230-c668-11ef-8b58-126e6ade2097&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
http://wedlore-c.click/api/v1/px?xmlid=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ
https://wedlore-c.click/api/v1/px?xmlid=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ

90 KB
21 KB

275ms
114ms

Document
text/html

15.197.224.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wedlore-c.click/api/v1/px?xmlid=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ
Requested by: Host: iunia-eap.com
URL: https://iunia-eap.com/zclkvisitor/07d80230-c668-11ef-8b58-126e6ade2097/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=07e373e2-c668-11ef-8b58-126e6ade2097
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.224.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab226b763647f1870.awsglobalaccelerator.com
Software: /
Resource Hash: 9859caf2978652989b75a89ba59f804b3f6da3e21655432d0bb3e52c415269b1

Request headers

Referer: https://iunia-eap.com/zclkvisitor/07d80230-c668-11ef-8b58-126e6ade2097/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=07e373e2-c668-11ef-8b58-126e6ade2097
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 30 Dec 2024 04:39:19 GMT
etag: W/"1698d-Ljc9cYiR0BznXes1SnwU+HvneKo"
vary: Accept-Encoding

Redirect headers

Location: https://wedlore-c.click/api/v1/px?xmlid=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 stormcaster.js Show response
cdn.perfdrive.com/advanced/ 240 KB
90 KB 268ms
29ms Script
application/javascript 130.211.29.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Requested by: Host: wedlore-c.click
URL: https://wedlore-c.click/api/v1/px?xmlid=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.29.211.130.bc.googleusercontent.com
Software: nginx/1.10.1 /
Resource Hash: 06355098292635455e261866d3ae12f98ce81e3dac79295425ed5863e823e79f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wedlore-c.click/

Response headers

cache-control: max-age=3600,public
content-encoding: gzip
etag: W/"674e9703-3bf3a"
age: 3367
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91395
date: Mon, 30 Dec 2024 03:43:13 GMT
last-modified: Tue, 03 Dec 2024 05:28:35 GMT
content-type: application/javascript
server: nginx/1.10.1
vary: Accept-Encoding

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 360 B
506 B 240ms
34ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://wedlore-c.click/

Response headers

via: 1.1 google
x-response-time: 6ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
date: Mon, 30 Dec 2024 04:39:20 GMT
content-type: text/plain; charset=UTF-8

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 198 B
257 B 267ms
62ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://wedlore-c.click/

Response headers

via: 1.1 google
x-response-time: 15ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
date: Mon, 30 Dec 2024 04:39:20 GMT
content-type: text/plain; charset=UTF-8

GET
H2

200

Primary Request v712fu8 Show response
k50ptbc.theexcitingsweetflirt.life/
Redirect Chain

https://wedlore-c.click/api/v1/pxcheck?impId=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuM...
http://xml-v4.lensgard-2.online/click?seat=3107752&i=TeZ5a0QCq88_0
https://xml-v4.lensgard-2.online/click?seat=3107752&i=TeZ5a0QCq88_0
http://8cays.bemobtrcks.com/go/715ba4e3-99d9-493c-b26a-bdad6e94c883?bid=0.0065&conversion=Jvp1iit*9lU&source_subid=f3cca6b8fbc46acde5953e9b3&campaign=1569166&search_referrer_domain=lushstories.co&p...
https://8cays.bemobtrcks.com/go/715ba4e3-99d9-493c-b26a-bdad6e94c883?bid=0.0065&conversion=Jvp1iit*9lU&source_subid=f3cca6b8fbc46acde5953e9b3&campaign=1569166&search_referrer_domain=lushstories.co&...
https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

6 KB
6 KB

584ms
274ms

Document
text/html

185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to

Full URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED
Requested by: Host: wedlore-c.click
URL: https://wedlore-c.click/api/v1/px?xmlid=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software: openresty /
Resource Hash: adff4bdae059b3c183980cbfd54e620485a2002c3552e58d4841959a6ad23f84

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private no-transform
content-length: 5850
content-type: text/html
date: Mon, 30 Dec 2024 04:39:21 GMT
server: openresty

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
cache-control: no-cache
content-length: 260
content-type: text/html; charset=utf-8
date: Mon, 30 Dec 2024 04:39:20 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED
server: openresty
vary: Accept
x-response-time: 6.812ms

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 187ms
66ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700;900&display=swap

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6249a639e8cfba4180cecb2899158fc25f679b4b8f23ff7d8d043cc5a7508663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 04:39:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 04:39:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 30 Dec 2024 04:39:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 bootstrap.min.css
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/css/ 119 KB
119 KB 191ms
188ms Stylesheet
text/css 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/css/bootstrap.min.css

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

dbc00aa48350bcd97d8552bb0cf29619a4270ed446d373361cd558ebd45d923e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "62bf3f2824e4f6ba94faf3a435dac175"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:21 GMT
date: Mon, 30 Dec 2024 04:39:21 GMT
content-type: text/css
x-amz-meta-mc-attrs: atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1714486480#304984527/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Thu, 01 Aug 2024 07:19:19 GMT
x-amz-id-2: 42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D991598694E4
x-ratelimit-remaining: 336
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-04-30T14:14:40.304984527Z
content-length: 121364
x-xss-protection: 1; mode=block
x-ratelimit-limit: 336
server: openresty

GET
H2 200 style.css
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/css/ 22 KB
23 KB 401ms
399ms Stylesheet
text/css 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/css/style.css

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

22d55a04c370e705ded8c59ae25aa86ee6e9f77a38c6a0e06d453af502a053d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "c627d1f90cd8fc3d841ce6bbbf1b8211"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:21 GMT
date: Mon, 30 Dec 2024 04:39:21 GMT
content-type: text/css
x-amz-meta-mc-attrs: atime:1714486480#536984936/gid:0/gname:root/mode:33188/mtime:1714486480#624985090/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Tue, 30 Apr 2024 14:14:40 GMT
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D99151D6D49B
x-ratelimit-remaining: 1988
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-04-30T14:14:40.676Z
content-length: 22674
x-xss-protection: 1; mode=block
x-ratelimit-limit: 1988
server: openresty

GET
H2 200 js.cookie.js Show response
k50ptbc.theexcitingsweetflirt.life/cookie/ 4 KB
5 KB 403ms
401ms Script
application/javascript 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to

Full URL

https://k50ptbc.theexcitingsweetflirt.life/cookie/js.cookie.js

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "a7e9883924072f15259de6888d5ef515"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:21 GMT
date: Mon, 30 Dec 2024 04:39:21 GMT
content-type: application/javascript
x-amz-meta-mc-attrs: atime:1693134513#248036972/gid:0/gname:root/mode:33188/mtime:1658397637#354375000/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Wed, 20 Sep 2023 15:19:53 GMT
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815DA94400A3BBF
x-ratelimit-remaining: 1988
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2022-07-21T10:00:37.354375Z
content-length: 4264
x-xss-protection: 1; mode=block
x-ratelimit-limit: 1988
server: openresty

GET
H2 200 utils.js Show response
k50ptbc.theexcitingsweetflirt.life/util/ 7 KB
8 KB 403ms
402ms Script
text/javascript 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to

Full URL

https://k50ptbc.theexcitingsweetflirt.life/util/utils.js

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

a487d76bb55539f230c127ef33550d5c455ac0b67ca2b78b87452345bb0dc718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "85a42b1d6c8769fce99fb44aefb041b0"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:21 GMT
date: Mon, 30 Dec 2024 04:39:21 GMT
content-type: text/javascript
x-amz-meta-mc-attrs: atime:1720010547#640143858/gid:0/gname:root/mode:33188/mtime:1719824938#357078843/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Thu, 01 Aug 2024 07:23:36 GMT
x-amz-id-2: 42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815DA9449115CCC
x-ratelimit-remaining: 336
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-07-01T09:08:58.357078843Z
content-length: 7514
x-xss-protection: 1; mode=block
x-ratelimit-limit: 336
server: openresty

GET
H2 200 flag-icon.css
k50ptbc.theexcitingsweetflirt.life/util/flag-icon/css/ 40 KB
40 KB 402ms
401ms Stylesheet
text/css 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to

Full URL

https://k50ptbc.theexcitingsweetflirt.life/util/flag-icon/css/flag-icon.css

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "0a47b937981e7389e3ebe63e4a503066"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:21 GMT
date: Mon, 30 Dec 2024 04:39:21 GMT
content-type: text/css
x-amz-meta-mc-attrs: atime:1693134513#296037122/gid:0/gname:root/mode:33188/mtime:1655386274#684017000/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Wed, 20 Sep 2023 15:26:15 GMT
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815DA94402AEBCB
x-ratelimit-remaining: 1988
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:14.684017Z
content-length: 40627
x-xss-protection: 1; mode=block
x-ratelimit-limit: 1988
server: openresty

GET
H2 200 logo.svg
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/ 7 KB
8 KB 400ms
400ms Image
image/svg+xml 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/logo.svg

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

5f4d4ccd9b615c92051e826d7df50ac94f633d84cdd92238f795de6c90b6a031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "e8295fe69a31b215b9b777c8e3bd71e3"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:21 GMT
date: Mon, 30 Dec 2024 04:39:21 GMT
content-type: image/svg+xml
x-amz-meta-mc-attrs: atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1714486485#52992874/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Thu, 01 Aug 2024 07:19:19 GMT
x-amz-id-2: af968cfc53e5d4d46c2a7314ea3774fe010d1d1a8defca6495a09901b4f201c0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D9915A14D538
x-ratelimit-remaining: 336
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-04-30T14:14:45.052992874Z
content-length: 7403
x-xss-protection: 1; mode=block
x-ratelimit-limit: 336
server: openresty

GET
H2 200 pin.png
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/ 2 KB
2 KB 401ms
400ms Image
image/png 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/pin.png

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

387fe3f0fe377eb6a64cd292c35320adc4f0c794d29d67cb902f7168b4fc4c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "269856e9ecc6ae6efa3369f149fc69f0"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:21 GMT
date: Mon, 30 Dec 2024 04:39:21 GMT
content-type: image/png
x-amz-meta-mc-attrs: atime:1714486485#276993268/gid:0/gname:root/mode:33188/mtime:1714486485#324993351/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Tue, 30 Apr 2024 14:14:45 GMT
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D9915251F394
x-ratelimit-remaining: 1988
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-04-30T14:14:45.373Z
content-length: 1700
x-xss-protection: 1; mode=block
x-ratelimit-limit: 1988
server: openresty

GET
H2 200 1.gif
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/ 647 KB
648 KB 246ms
241ms Image
image/gif 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/1.gif

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

cae064264662614161221029be0b319a722ee840619cbf401c61c4974f10115a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "630b7121ce12615e754f3eba058627a7"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:22 GMT
date: Mon, 30 Dec 2024 04:39:22 GMT
content-type: image/gif
x-amz-meta-mc-attrs: atime:1714486481#364986390/gid:0/gname:root/mode:33188/mtime:1714486481#692986967/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Tue, 30 Apr 2024 14:14:41 GMT
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D99174C3FA77
x-ratelimit-remaining: 1988
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-04-30T14:14:41.741Z
content-length: 662430
x-xss-protection: 1; mode=block
x-ratelimit-limit: 1988
server: openresty

GET
H2 200 2.gif
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/ 644 KB
645 KB 319ms
314ms Image
image/gif 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/2.gif

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

fd0ff4aa9c30dd8ca9a6edad9da42355a49aedbaa9834d12935de66ffe86210a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "6d77f7c963c4942077471e70237840ff"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:22 GMT
date: Mon, 30 Dec 2024 04:39:22 GMT
content-type: image/gif
x-amz-meta-mc-attrs: atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1714486482#252987951/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Thu, 01 Aug 2024 07:19:19 GMT
x-amz-id-2: 42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D9917CE9A9A5
x-ratelimit-remaining: 336
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-04-30T14:14:42.252987951Z
content-length: 659051
x-xss-protection: 1; mode=block
x-ratelimit-limit: 336
server: openresty

GET
H2 200 3.gif
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/ 320 KB
321 KB 322ms
317ms Image
image/gif 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/3.gif

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

f7957eebe533f0a9e47c4ec9b04aa5af540d5c4fcedfedebd61c9a718db3f477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "7a6112baba3c6ab41630e3b20f7bc633"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:22 GMT
date: Mon, 30 Dec 2024 04:39:22 GMT
content-type: image/gif
x-amz-meta-mc-attrs: atime:1714486482#476988345/gid:0/gname:root/mode:33188/mtime:1714486482#756988838/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Tue, 30 Apr 2024 14:14:42 GMT
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D9917758B6C6
x-ratelimit-remaining: 1988
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-04-30T14:14:42.808Z
content-length: 328170
x-xss-protection: 1; mode=block
x-ratelimit-limit: 1988
server: openresty

GET
H2 200 4.gif
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/ 330 KB
331 KB 322ms
320ms Image
image/gif 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/4.gif

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

498976dc35d2da1bb3c054a58998cd67bd59038956f98e79468aea8f4d0e8456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "fa5689dd0c1dbfc6b86df2c38c910d71"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:22 GMT
date: Mon, 30 Dec 2024 04:39:22 GMT
content-type: image/gif
x-amz-meta-mc-attrs: atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1714486483#252989709/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Thu, 01 Aug 2024 07:19:19 GMT
x-amz-id-2: 31f7dd36b65146a775b93356924fa83cf99019d4a4dfda4a9a6512d5179fdf9c
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D9917F0BEF77
x-ratelimit-remaining: 374
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-04-30T14:14:43.252989709Z
content-length: 337808
x-xss-protection: 1; mode=block
x-ratelimit-limit: 374
server: openresty

GET
H2 200 5.gif
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/ 456 KB
457 KB 322ms
320ms Image
image/gif 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/5.gif

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

75effea9eb10db212e9a485b918fcc5cf13b4380933a0aef4f0f5157dd09e2d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "9e28135137e0c05f91fb0c1db642a582"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:22 GMT
date: Mon, 30 Dec 2024 04:39:22 GMT
content-type: image/gif
x-amz-meta-mc-attrs: atime:1714486483#812990694/gid:0/gname:root/mode:33188/mtime:1714486483#764990610/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Tue, 30 Apr 2024 14:14:43 GMT
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D99177C6823C
x-ratelimit-remaining: 1988
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-04-30T14:14:43.814Z
content-length: 466848
x-xss-protection: 1; mode=block
x-ratelimit-limit: 1988
server: openresty

GET
H2 200 6.gif
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/ 350 KB
351 KB 323ms
321ms Image
image/gif 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/6.gif

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

d7acacc58fc1341166cdd640ef3e3c6dd30c4a97d4fb79705e4ec092505ee7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "4b32cfae93bcdf342d933685fd416b71"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:22 GMT
date: Mon, 30 Dec 2024 04:39:22 GMT
content-type: image/gif
x-amz-meta-mc-attrs: atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1714486484#260991481/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Thu, 01 Aug 2024 07:19:19 GMT
x-amz-id-2: 354f9eb41c4f44111da43ee93430d467ccc8f740dac6a89f93d2690a13b4c5b4
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D9917EC87C55
x-ratelimit-remaining: 365
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-04-30T14:14:44.260991481Z
content-length: 358598
x-xss-protection: 1; mode=block
x-ratelimit-limit: 365
server: openresty

GET
H2 200 jquery.min.js Show response
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/js/ 85 KB
86 KB 149ms
144ms Script
text/javascript 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/js/jquery.min.js

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "378087a64e1394fc51f300bb9c11878c"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:22 GMT
date: Mon, 30 Dec 2024 04:39:22 GMT
content-type: text/javascript
x-amz-meta-mc-attrs: atime:1720014410#12176278/gid:0/gname:root/mode:33188/mtime:1719827164#573764602/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Thu, 01 Aug 2024 07:19:19 GMT
x-amz-id-2: 354f9eb41c4f44111da43ee93430d467ccc8f740dac6a89f93d2690a13b4c5b4
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D9917E1A7138
x-ratelimit-remaining: 365
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-07-01T09:46:04.573764602Z
content-length: 86929
x-xss-protection: 1; mode=block
x-ratelimit-limit: 365
server: openresty

GET
H2 200 main.js Show response
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/js/ 2 KB
3 KB 320ms
315ms Script
text/javascript 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/js/main.js

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

f592a3ef0e9211a4cab1ffa4d6c0b58f350006aa115dc3eb2d1b73baf0a31466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "006bd1079c28e5ecb27ad3a2cbd43642"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:22 GMT
date: Mon, 30 Dec 2024 04:39:22 GMT
content-type: text/javascript
x-amz-meta-mc-attrs: atime:1715611636#813343337/gid:0/gname:root/mode:33188/mtime:1719827164#461764354/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Mon, 01 Jul 2024 09:46:04 GMT
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D991779FB750
x-ratelimit-remaining: 1988
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-07-01T09:46:04.524Z
content-length: 2373
x-xss-protection: 1; mode=block
x-ratelimit-limit: 1988
server: openresty

GET
H2 200 bb.js Show response
k50ptbc.theexcitingsweetflirt.life/media/ 639 B
1 KB 320ms
316ms Script
application/javascript 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/bb.js

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "0d553e4bac91c74bfee2dbabba61e99e"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:22 GMT
date: Mon, 30 Dec 2024 04:39:22 GMT
content-type: application/javascript
x-amz-meta-mc-attrs: atime:1693134512#756035434/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Wed, 20 Sep 2023 15:21:05 GMT
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D92BEAAAE2C6
x-ratelimit-remaining: 1988
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.852764Z
content-length: 639
x-xss-protection: 1; mode=block
x-ratelimit-limit: 1988
server: openresty

GET
H2 200 exit1.js Show response
k50ptbc.theexcitingsweetflirt.life/media/exit-new/ 3 KB
4 KB 320ms
316ms Script
text/javascript 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/exit-new/exit1.js

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "625e5e2950612f771e246beb33c9ea61"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:22 GMT
date: Mon, 30 Dec 2024 04:39:22 GMT
content-type: text/javascript
x-amz-meta-mc-attrs: atime:1720014412#200181126/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Thu, 01 Aug 2024 07:20:12 GMT
x-amz-id-2: 31f7dd36b65146a775b93356924fa83cf99019d4a4dfda4a9a6512d5179fdf9c
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D92BF38E68D9
x-ratelimit-remaining: 374
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z
content-length: 3473
x-xss-protection: 1; mode=block
x-ratelimit-limit: 374
server: openresty

GET
H2 200 notification-ext.js Show response
k50ptbc.theexcitingsweetflirt.life/util/push-dt4/ 43 KB
43 KB 321ms
317ms Script
text/javascript 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to

Full URL

https://k50ptbc.theexcitingsweetflirt.life/util/push-dt4/notification-ext.js

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

d01390d74fced6d81ba0279ce1152a3c3512cd0a7d6bed3e234677d92216479f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "abac32869d9f63fb3cf298c3b1c07763"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:22 GMT
date: Mon, 30 Dec 2024 04:39:22 GMT
content-type: text/javascript
x-amz-meta-mc-attrs: atime:1707757533#797025877/gid:0/gname:root/mode:33188/mtime:1707757546#781048365/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Mon, 12 Feb 2024 17:05:46 GMT
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D92BEABA180B
x-ratelimit-remaining: 1988
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-02-12T17:05:46.81Z
content-length: 43567
x-xss-protection: 1; mode=block
x-ratelimit-limit: 1988
server: openresty

GET
H2 200 bg.png
k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/ 361 KB
362 KB 319ms
319ms Image
image/png 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/images/bg.png

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

b60d033c34d508030083e9728c8a38eefdb52f2f9ce97b683798278639f2a794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/media/dating/picksub4/css/style.css

Response headers

etag: "776af7090545473f0a242c8bcaea1220"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:22 GMT
date: Mon, 30 Dec 2024 04:39:22 GMT
content-type: image/png
x-amz-meta-mc-attrs: atime:1714486484#816992459/gid:0/gname:root/mode:33188/mtime:1714486484#772992382/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Tue, 30 Apr 2024 14:14:44 GMT
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D99177A18BD2
x-ratelimit-remaining: 1987
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-04-30T14:14:44.822Z
content-length: 369561
x-xss-protection: 1; mode=block
x-ratelimit-limit: 1988
server: openresty

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 251ms
29ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://k50ptbc.theexcitingsweetflirt.life
Referer: https://fonts.googleapis.com/

Response headers

age: 290613
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 26 Dec 2025 19:55:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 19:55:49 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 274ms
52ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://k50ptbc.theexcitingsweetflirt.life
Referer: https://fonts.googleapis.com/

Response headers

age: 229848
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 27 Dec 2025 12:48:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 12:48:34 GMT
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18436
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 245ms
24ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://k50ptbc.theexcitingsweetflirt.life
Referer: https://fonts.googleapis.com/

Response headers

age: 243748
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 27 Dec 2025 08:56:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 08:56:54 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 style4.css
k50ptbc.theexcitingsweetflirt.life/util/push-dt4/ 15 KB
16 KB 840ms
839ms Stylesheet
text/css 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to

Full URL

https://k50ptbc.theexcitingsweetflirt.life/util/push-dt4/style4.css?v=1.4

Requested by

Host: k50ptbc.theexcitingsweetflirt.life
URL: https://k50ptbc.theexcitingsweetflirt.life/util/push-dt4/notification-ext.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

85a45b676efc7c60d6f4fa4bf4ae4bf5b02ce7cdc6b192fe4478f7bb519ffaba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "643a833b3c4665ace4b23bf73550a2d1"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:22 GMT
date: Mon, 30 Dec 2024 04:39:22 GMT
content-type: text/css
x-amz-meta-mc-attrs: atime:1693134513#308037160/gid:0/gname:root/mode:33188/mtime:1655386320#580109000/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Wed, 20 Sep 2023 15:26:18 GMT
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815D92C19DB9731
x-ratelimit-remaining: 1988
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2022-06-16T13:32:00.580109Z
content-length: 15716
x-xss-protection: 1; mode=block
x-ratelimit-limit: 1988
server: openresty

GET getextparams
bigdatajsext.com/ExtService.svc/ 0
0

GET
H2 204 favicon.ico
k50ptbc.theexcitingsweetflirt.life/ 0
64 B 119ms
119ms Other
text/plain 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to

Full URL: https://k50ptbc.theexcitingsweetflirt.life/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

date: Mon, 30 Dec 2024 04:39:23 GMT
server: openresty
cache-control: no-transform

GET
H2 200 v4-ava-6.jpg
k50ptbc.theexcitingsweetflirt.life/util/push-dt4/images/en/ 6 KB
7 KB 228ms
228ms Image
image/jpeg 185.155.184.184
AS-6898 AS5398 SA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://k50ptbc.theexcitingsweetflirt.life/util/push-dt4/images/en/v4-ava-6.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.184 , Switzerland, ASN6898 (AS-6898 AS5398 SA, CH),

Reverse DNS

Software

openresty /

Resource Hash

864e11c2e4aed9fb3b2655cf4b76e1186de091292716afe0ea7e366b1dc0c816

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://k50ptbc.theexcitingsweetflirt.life/v712fu8?cid=2AqkmSfHK8BwpMvFuE5WED&cid=2AqkmSfHK8BwpMvFuE5WED

Response headers

etag: "61f0b32476e7f80fad37e3be1333bb60"
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 04:39:23 GMT
date: Mon, 30 Dec 2024 04:39:23 GMT
content-type: image/jpeg
x-amz-meta-mc-attrs: atime:1693134513#304037147/gid:0/gname:root/mode:33188/mtime:1655386318#924106000/uid:0/uname:root
vary: Origin, Accept-Encoding
last-modified: Wed, 20 Sep 2023 15:26:18 GMT
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, no-transform
x-amz-request-id: 1815DA1F7B854FDF
x-ratelimit-remaining: 1988
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:58.924106Z
content-length: 6129
x-xss-protection: 1; mode=block
x-ratelimit-limit: 1988
server: openresty

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bigdatajsext.com
URL: https://bigdatajsext.com/ExtService.svc/getextparams

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wedlore-c.click/	1970-01-21 06:24:45	Name: __ssds Value: 2
.wedlore-c.click/	1970-01-21 06:24:45	Name: __ssuzjsr2 Value: a9be0cd8e
.wedlore-c.click/	1970-01-21 06:24:45	Name: __uzmaj2 Value: f4c8c22c-dc83-4dc5-ae19-59a242594f6a
.wedlore-c.click/	1970-01-21 06:24:45	Name: __uzmbj2 Value: 1735533560
.wedlore-c.click/	1970-01-21 06:24:45	Name: __uzmcj2 Value: 915001023626
.wedlore-c.click/	1970-01-21 06:24:45	Name: __uzmdj2 Value: 1735533560
.wedlore-c.click/	1970-01-21 06:24:45	Name: __uzmlj2 Value: qGacVPOOYQOvaQTMyPWfb2sHMxmnSM/TCNhKGitIKiE=
.wedlore-c.click/	1970-01-21 06:24:45	Name: __uzmfj2 Value: 7f60007a6ae879-4e5d-45b9-88d6-46a28f36735417355335605070-797f6b27439ed2a710
.8cays.bemobtrcks.com/	1970-01-21 10:51:09	Name: bemob-viewer-id Value: 6e5af734-832d-48e7-8134-c836d89a1f2f
.8cays.bemobtrcks.com/	1970-01-21 02:06:59	Name: bemob-uniq-visit:715ba4e3-99d9-493c-b26a-bdad6e94c883 Value: 1
.8cays.bemobtrcks.com/	1970-01-21 02:06:59	Name: bemob-rotation:715ba4e3-99d9-493c-b26a-bdad6e94c883:random:8180f269b48999c4fddb3e964617dfed Value: 0-0-0
.8cays.bemobtrcks.com/	1970-01-21 02:48:45	Name: bemob-click-id Value: 2AqkmSfHK8BwpMvFuE5WED
k50ptbc.theexcitingsweetflirt.life/	1969-12-31 23:59:59	Name: sid Value: t1~x24efdf42vtlltc2az240kem

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://iunia-eap.com/zclkvisitor/07d80230-c668-11ef-8b58-126e6ade2097/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=07e373e2-c668-11ef-8b58-126e6ade2097 Message: [GroupMarkerNotSet(crbug.com/242999)!:A070D703340E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://wedlore-c.click/api/v1/px?xmlid=SBfU75psA3CjpxH8gQFQalRMq9mN3wI5jvVHrxNQ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A07709340E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8cays.bemobtrcks.com
bigdatajsext.com
cas.avalon.perfdrive.com
cdn.perfdrive.com
d38psrni17bvxu.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
iunia-eap.com
k50ptbc.theexcitingsweetflirt.life
wedlore-c.click
ww38.lushstories.co
xml-v4.lensgard-2.online
bigdatajsext.com
130.211.29.114
15.197.224.234
173.239.53.32
18.208.55.83
185.155.184.184
2600:1f18:43d1:2a02:c6f9:e151:e2e1:732d
2600:9000:2209:1600:1d:4618:5c80:21
2607:f8b0:4006:80e::200a
2607:f8b0:4006:817::2003
35.241.15.240
76.223.26.96
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
06355098292635455e261866d3ae12f98ce81e3dac79295425ed5863e823e79f
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
22d55a04c370e705ded8c59ae25aa86ee6e9f77a38c6a0e06d453af502a053d7
387fe3f0fe377eb6a64cd292c35320adc4f0c794d29d67cb902f7168b4fc4c13
498976dc35d2da1bb3c054a58998cd67bd59038956f98e79468aea8f4d0e8456
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
5f4d4ccd9b615c92051e826d7df50ac94f633d84cdd92238f795de6c90b6a031
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
6249a639e8cfba4180cecb2899158fc25f679b4b8f23ff7d8d043cc5a7508663
75effea9eb10db212e9a485b918fcc5cf13b4380933a0aef4f0f5157dd09e2d8
85a45b676efc7c60d6f4fa4bf4ae4bf5b02ce7cdc6b192fe4478f7bb519ffaba
864e11c2e4aed9fb3b2655cf4b76e1186de091292716afe0ea7e366b1dc0c816
87f8228a604b124a74629e408b63ebbe4b2a64a69d998a18e7308619f1a1ce74
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
9859caf2978652989b75a89ba59f804b3f6da3e21655432d0bb3e52c415269b1
a487d76bb55539f230c127ef33550d5c455ac0b67ca2b78b87452345bb0dc718
adff4bdae059b3c183980cbfd54e620485a2002c3552e58d4841959a6ad23f84
b60d033c34d508030083e9728c8a38eefdb52f2f9ce97b683798278639f2a794
cae064264662614161221029be0b319a722ee840619cbf401c61c4974f10115a
cfc4370139ea4ca826af87c9db97d868fd1bd3e3d12a650a4deef0e0dc5c0c83
d01390d74fced6d81ba0279ce1152a3c3512cd0a7d6bed3e234677d92216479f
d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39
d7acacc58fc1341166cdd640ef3e3c6dd30c4a97d4fb79705e4ec092505ee7a5
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dbc00aa48350bcd97d8552bb0cf29619a4270ed446d373361cd558ebd45d923e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f592a3ef0e9211a4cab1ffa4d6c0b58f350006aa115dc3eb2d1b73baf0a31466
f7957eebe533f0a9e47c4ec9b04aa5af540d5c4fcedfedebd61c9a718db3f477
fd0ff4aa9c30dd8ca9a6edad9da42355a49aedbaa9834d12935de66ffe86210a

k50ptbc.theexcitingsweetflirt.life Open in urlscan Pro 185.155.184.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

97 %HTTPS

36 %IPv6

11 Domains

12 Subdomains

10 IPs

2 Countries

3659 kBTransfer

3870 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

k50ptbc.theexcitingsweetflirt.life Open in urlscan Pro
185.155.184.184 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

97 %
HTTPS

36 %
IPv6

11
Domains

12
Subdomains

10
IPs

2
Countries

3659 kB
Transfer

3870 kB
Size

13
Cookies

38 HTTP transactions
0 data transactions