urlscan.io logo urlscan.io
SecurityTrails logo

brushwrist.vip Open in urlscan Pro
2606:4700:3034::6815:3185  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/8Ij0jFdsU9
Effective URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Submission: On January 24 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3034::6815:3185, located in United States and belongs to CLOUDFLARENET, US. The main domain is brushwrist.vip.
TLS certificate: Issued by E1 on December 28th 2023. Valid for: 3 months.
This is the only time brushwrist.vip was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer) Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.5 13414 (TWITTER)
1 155.254.194.20 398343 (BAXET-GROUP)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
20 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42::649 54113 (FASTLY)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2600:9000:212... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
33 9
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    155.254.194.20 (Baku, Azerbaijan)

ASN398343 (BAXET-GROUP, US)
drovelift.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
octaldrone.world
20    2606:4700:3034::6815:3185 (United States)

ASN13335 (CLOUDFLARENET, US)
brushwrist.vip
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-adulvion.com
event.trk-adulvion.com
2    2600:9000:2127:8200:2:49a2:4500:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets3.lottiefiles.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
20 brushwrist.vip
brushwrist.vip
224 KB
5 trk-adulvion.com
trk-adulvion.com — Cisco Umbrella Rank: 300281
event.trk-adulvion.com — Cisco Umbrella Rank: 317955
3 KB
2 lottiefiles.com
assets3.lottiefiles.com — Cisco Umbrella Rank: 217748
4 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 867
97 KB
1 gstatic.com
fonts.gstatic.com
20 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
30 KB
1 octaldrone.world
octaldrone.world
665 B
1 drovelift.com
drovelift.com
523 B
1 t.co
t.co — Cisco Umbrella Rank: 656
581 B
33 10
Domain Requested by
20 brushwrist.vip drovelift.com
brushwrist.vip
4 event.trk-adulvion.com trk-adulvion.com
2 assets3.lottiefiles.com unpkg.com
2 unpkg.com 1 redirects brushwrist.vip
1 fonts.gstatic.com fonts.googleapis.com
1 trk-adulvion.com brushwrist.vip
1 fonts.googleapis.com brushwrist.vip
1 code.jquery.com brushwrist.vip
1 octaldrone.world 1 redirects
1 drovelift.com t.co
1 t.co
33 11

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-16 -
2024-10-14		 a year crt.sh
drovelift.com
R3		 2023-12-31 -
2024-03-30		 3 months crt.sh
brushwrist.vip
E1		 2023-12-28 -
2024-03-27		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
trk-adulvion.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
*.lottiefiles.com
Amazon RSA 2048 M01		 2023-08-25 -
2024-09-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Frame ID: 140AEA8250367504979DB8E64A84A594
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shopper Survey - We Want Your Opinion!

Page URL History Show full URLs

  1. https://t.co/8Ij0jFdsU9 Page URL
  2. https://drovelift.com/0/0/0/8ba35bc4f32b26e8dba6f162c02fd866 Page URL
  3. https://octaldrone.world/index2.php?s1=350416&s2=1131175552&s3=1742&s4=741&ow=15&p=uk8tsco9b HTTP 302
    https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

97 %
HTTPS

80 %
IPv6

10
Domains

11
Subdomains

9
IPs

3
Countries

381 kB
Transfer

940 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/8Ij0jFdsU9 Page URL
  2. https://drovelift.com/0/0/0/8ba35bc4f32b26e8dba6f162c02fd866 Page URL
  3. https://octaldrone.world/index2.php?s1=350416&s2=1131175552&s3=1742&s4=741&ow=15&p=uk8tsco9b HTTP 302
    https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.3/dist/lottie-player.js

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
8Ij0jFdsU9
t.co/ 		338 B
581 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/8Ij0jFdsU9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
210
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 10:02:03 GMT
expires
Wed, 24 Jan 2024 10:07:03 GMT
perf
7469935968
server
tsa_f
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
93511ad10e627550f987886ce9bac473878d02f0aad55e0ee0234ff97c0b6f95
x-response-time
122
x-transaction-id
4b5ba4ef88588843
x-xss-protection
0
8ba35bc4f32b26e8dba6f162c02fd866
drovelift.com/0/0/0/ 		155 B
523 B 		Document
General
Check archive.org
Download Go to
Full URL
https://drovelift.com/0/0/0/8ba35bc4f32b26e8dba6f162c02fd866
Requested by
Host: t.co
URL: https://t.co/8Ij0jFdsU9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.254.194.20 Baku, Azerbaijan, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://t.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
155
content-type
text/html; charset=UTF-8
date
Wed, 24 Jan 2024 10:02:04 GMT
server
Apache
strict-transport-security
max-age=16000000; includeSubDomains; preload;
Primary Request /
brushwrist.vip/
Redirect Chain
  • https://octaldrone.world/index2.php?s1=350416&s2=1131175552&s3=1742&s4=741&ow=15&p=uk8tsco9b
  • https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
24 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Requested by
Host: drovelift.com
URL: https://drovelift.com/0/0/0/8ba35bc4f32b26e8dba6f162c02fd866
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dae1a55354a459fff7addfefc3968da9e7d7dcde92131c23437d1d243010184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://drovelift.com/0/0/0/8ba35bc4f32b26e8dba6f162c02fd866
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84a770563ded770e-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 24 Jan 2024 10:02:05 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UhTpwOUDOVLdu%2BuWNi7%2BrQSlgiElbl9jTkCccnpASNAu1mD6%2BShtIUgzYProQquBM3aEfNZKFZ7vcYaU2EJz4NTHfzUeycmrzRz%2B9HmTUmF8QfsEjmLIrP9Gu3XXtz2J7PFHCilnl0btmzYMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
84a7705399a15317-LHR
content-type
text/html; charset=UTF-8
date
Wed, 24 Jan 2024 10:02:05 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jiyrt7S0eeJdVuOTuK%2BdxxgXi0i2S1dL%2BR3AGQS%2F3DEaNxuL3S4fX8fRmT9M7wm35XQVEwSjIzHZxJ0ERie0vFtim6VI2Wq40Yt4OfXgSgxOXQ22o%2ByJHcRFeyDe%2FOZMQUnJO4TghVe02x0ZIqQ0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
main00.css
brushwrist.vip/master/css/ 		193 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://brushwrist.vip/master/css/main00.css
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4fae8695dd32226793b6eb343e2acad53294dff39c07c6668fb413b08fcc35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
87878
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 11 Mar 2021 12:43:44 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHf5EJriU2F8QKnZq0fnAsHOri9pvuD0aqfn3yscHb2u2labMqBab9GQ7mRmx%2B%2BNBUwvKenP44n4esTEnuVa61aHsMGvhpEbadRtsMr6yEG9IIxD1K9FUUBHjZRF1DP7vg9hcTNoRH6hREpuDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84a770586935770e-LHR
expires
Tue, 30 Jan 2024 09:37:27 GMT
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
7635838
x-cache
HIT, HIT
content-length
30879
x-served-by
cache-lga13628-LGA, cache-lhr7382-LHR
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1706090526.549807,VS0,VE0
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
41, 53569
dateeu.js
brushwrist.vip/master/js/ 		765 B
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://brushwrist.vip/master/js/dateeu.js
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdac1f1e22831c8407069e65d4d2ad048b46e9d9758a976f510fb6add82bc980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
87878
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpqSeftoMPDMYhg%2FS5V%2BWYB7BWIlXT0KOCKgkIaoOiDrd4EvNS3ai0gm1%2FgIQWkFTsI0JtxlemoGfjbIUY3sw0GCqNs86vXq3Vhe6J%2Fayr1BRgt60GS%2FEcC2hJYRTvPVR95kusRJpu7kSVlxSg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84a770586936770e-LHR
expires
Tue, 30 Jan 2024 09:37:27 GMT
rndm_ppl_cmt_eu.js
brushwrist.vip/master/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://brushwrist.vip/master/js/rndm_ppl_cmt_eu.js
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6Hf9En4TboX5Wbgz4c7%2F1%2FEo3kt0yKq7LniZtLMM71OlLQ%2BI0epdf5fqQwbyASdNTxmRChgn9rG4Zu8crB%2FXatNgopPKFCZP8FWSnn%2BCi5tM3Kl9cbHLCg2uT4fLH9fK59oSJQl9pEvdCRiMg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
84a770586938770e-LHR
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.3/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.3/dist/lottie-player.js
371 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@lottiefiles/lottie-player@2.0.3/dist/lottie-player.js
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b268d8d7e58b5df0bbd18aecb0add2e65801fa45c99e8afbcf1189e6c6c9723f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
166113
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HMRG96R5BTM7N37RVRGYRJFG-lhr
server
cloudflare
etag
W/"5cd3c-gZ8PpSKSbn5Y5KicLgsVGpNROk4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84a77058ff22653b-LHR

Redirect headers

date
Wed, 24 Jan 2024 10:02:05 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HMXENMQJCK93VK820NJBCC6K-lhr
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
40
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@lottiefiles/lottie-player@2.0.3/dist/lottie-player.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
84a77058aec1653b-LHR
msg.js
brushwrist.vip/inc/ 		942 B
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://brushwrist.vip/inc/msg.js?a907654c3c6d4ceba4a601e7effb96d9
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7582792964fc3ce772602d7e9b803bf3a24de167f4e0d1030c989517a131018f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 05 Dec 2023 15:48:50 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek7uUTV5R%2B4uoK6LwT7IscBPHGQr8q%2FeU691bJ5QwKqHtDU%2FD0AU4%2BTrmGvymACPxnpKxxfmijow5SWdyQGxSwK%2FjRtbFHP%2FX%2FetFf5MQ%2BhH8ipubmg2ulNL61t0mrdvLw%2F8rIB6HpAGgBZfyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84a77058693a770e-LHR
expires
Wed, 31 Jan 2024 10:02:05 GMT
tsclogo.png
brushwrist.vip/master/img/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brushwrist.vip/master/img/tsclogo.png
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8200cf03267a75e1ce90342a01b171f124631a1d216e117d67d2c9cdb6f2a712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
71703
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYwazWruNctXP7EPz4jA2gO8TiUWobcX9fE2duEsofwycf6Z2PcIqq3SjWFyXwcanMd%2FOSQKdAEWyI%2BfbnVyNxpZQ7IZUcU1lY3vBARVHrnHEjccxlRJfTTN8eJ6QhiK8KdfBMSIgfBmQqBcEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84a77058693c770e-LHR
expires
Wed, 31 Jan 2024 10:02:05 GMT
ukflag.png
brushwrist.vip/master/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brushwrist.vip/master/img/ukflag.png
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf8e47f372620d2134048c3a0ed53de3c3ea9b019b4aeaf8a8c1634b8bad13d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
75251
alt-svc
h3=":443"; ma=86400
content-length
19541
x-xss-protection
1; mode=block
last-modified
Wed, 09 Sep 2020 10:24:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvCsZhvRKtsmlzmyLDwAuj2aUXBSY%2Bc1VuBehPXTdH95ibWFHIOVhlDi7ZKjnngrnF3EN%2FJ0tfQ8b7fJSmk1pYR56FJxSCL7MFkc5o9LK9NoHn%2FG92jRghVwcDuEp%2FN4OYhZUDcUhabWOeqv1g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84a77058693e770e-LHR
expires
Tue, 30 Jan 2024 13:07:54 GMT
tscgift.png
brushwrist.vip/master/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brushwrist.vip/master/img/tscgift.png
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b62dd5d3cba8e8057930ec169fdc706a9d7cfd053fc6dd1ec576473d2db0d05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70523
alt-svc
h3=":443"; ma=86400
content-length
13852
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oI%2FzRlDu%2BJ%2B8u0D664WOb3e%2BL%2F8qS52qQ90pk1FNIzTSZ2GDZUUxN8qpkTqezHVZjPFcSiuuAmj9EXTVUuhiHiApChGLsav0fvUWfL1BFuQxUAEJTqHM6ysp5UfRRT59LbVwB%2FVF%2FnInWg8QVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84a77058cf4d63ff-LHR
expires
Tue, 30 Jan 2024 14:26:42 GMT
2ebdcbbe75f2e771343491a1541c83b7.png
brushwrist.vip/master/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brushwrist.vip/master/img/2ebdcbbe75f2e771343491a1541c83b7.png
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735ee02711d4d62d8cfba0c075237f227491a044441540d39f8c8203ccd54cea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
586221
alt-svc
h3=":443"; ma=86400
content-length
1457
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWpysSiH0txIa7eCrWhxSwzlb9b6WcEWNnz30ES2dw%2Bt%2BYeTmn5l11tSld5Fjxc8inHFgm9L5Lw6IjdQEkuilLgtiVv0e8t5q3hnOPeZd5gcd5itgHe6gI6FgplymnWBLgkAd45tVNOfPvKXSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84a770592ff263ff-LHR
expires
Wed, 24 Jan 2024 15:11:44 GMT
0039d2a7dcbf1a1b449884e25d738020.png
brushwrist.vip/master/img/ 		646 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brushwrist.vip/master/img/0039d2a7dcbf1a1b449884e25d738020.png
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fccb5c96c54856548fbad584f0e41f72313b94b33ec32d328985b3267f4035e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
586221
alt-svc
h3=":443"; ma=86400
content-length
646
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BjDG7WlIrnh8OXmr7wI0b%2BIovtKv8j1j%2B0GlGbRd82p6Q1OORAoNO%2FOzz4rN4N8n4aCOItBNZGKV4WHgckC3I6oWAMAR5EW0romhHGRYqDDdi1QqIWzP%2Fyrf4Xh7YfvIRVAJrDKbiXzqnaIvA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84a77059586b63ff-LHR
expires
Wed, 24 Jan 2024 15:11:44 GMT
image.php
brushwrist.vip/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brushwrist.vip/image.php?img=images/products_image/ipadnew.jpg
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3d2aff919126192a2c4598fa62c3dc159e5ddef750165a6bcd7590ecafe1ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:06 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAwY51gg9yI9IuRH%2FIcS8q%2BDerqNswGofFr6k0Yx%2FTw7gkvJth8y6ZYXn8RUOKuOrPFqEnKElJw%2FhJwuW367PjH%2Fu7KxD8qF%2Fk03A%2BLbKLKAp05zz4HL%2Fj2wLBGZRAk%2FtaQYKw%2F%2Bnt5cscs3qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/pjpeg
x-frame-options
SAMEORIGIN
cf-ray
84a7705a9aa463ff-LHR
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
9227ed9e10072ce0bac69dc54109221b.png
brushwrist.vip/master/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brushwrist.vip/master/img/9227ed9e10072ce0bac69dc54109221b.png
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea6b093885ce53036c4b381a1ce1496d53029b9a205fe9471666022efde5d8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
586221
alt-svc
h3=":443"; ma=86400
content-length
1172
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1g%2BgmgfyLwDKV%2BOiAN%2FIqKUB%2FCraHHBGRI8iHIZoBhyul1cvbydsx%2Bug8YLfVAwsducdbNaiQ2%2FS7lT6HWyZ0I5XY4WbqSLQx2%2BLhq%2B9%2Fmrvq2bCkVFBJVN8lqDK0NtWH1tnOwEx6nRCbqOLGw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84a7705a9aaa63ff-LHR
expires
Wed, 24 Jan 2024 15:11:44 GMT
mostpopuler.png
brushwrist.vip/offerwall/images/popular_image/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brushwrist.vip/offerwall/images/popular_image/mostpopuler.png
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0118d9d560180d600dcea7397e510abff451d9693b06223a391f5c8e22889fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
586221
alt-svc
h3=":443"; ma=86400
content-length
12169
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 18:05:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2Bj65NaugR9CTAhX57%2FpiDVldV06HgXyuBEdkhDTaEJT7NMr4Kp1%2FVwZW%2BDofVN7xRm1%2FKIfhpeRWirsEcsWG8jvT0M52jNKEKisL2%2B8qBYYmQJzp5VaOKoKhOFguK6wAOtQMNXwUqde0GBpZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84a7705a9aad63ff-LHR
expires
Wed, 24 Jan 2024 15:11:44 GMT
image.php
brushwrist.vip/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brushwrist.vip/image.php?img=images/products_image/dyuk.jpg
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57c373d7e2a8d41a5a118c76d597864cd5abc6e8daafcc13d000abb3b111e7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:06 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/pjpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbnPIr7ijdZrwjJdPmMfxjHHsY6N8dHK0xAszFX5jIhauB4mx9LmqbahMWoA8PIi4kKTYMa7G1ke34aocJg1IlcF0uxakzKgACJ%2FpG1QaCRJwqKGH2CiWfqZSLtSMIFryEohSbj5gCs3eEm4uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84a7705a9ab163ff-LHR
alt-svc
h3=":443"; ma=86400
content-length
6678
x-xss-protection
1; mode=block
deicg.png
brushwrist.vip/master/img/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brushwrist.vip/master/img/deicg.png
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
846db066c20f84092af64faa54b0895461e8457c7b1518487f50925235a1e2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70523
alt-svc
h3=":443"; ma=86400
content-length
37334
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8UrfnDRkLWnlp5SGraD8iWrPKY4EuyWJs70DXT3guT2nA0BlheTj4VWgIvTqdvrfxuzirCr7FwPMZoh5N00hkbFyF7tx2b5SmfYfjAxM2Uoq1qBej4Ndq1uQ6zpQi1OZCI2tJwyCBO6SREhPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84a7705a9ab563ff-LHR
expires
Tue, 30 Jan 2024 14:26:42 GMT
bcf7f117acc460e9148a3031c5b6c4e4.png
brushwrist.vip/master/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brushwrist.vip/master/img/bcf7f117acc460e9148a3031c5b6c4e4.png
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
586221
alt-svc
h3=":443"; ma=86400
content-length
3947
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3UUxWsHORpvy4GYQhzggPJ15LcIccplTu8JxlAV4eKKSXUX6TtwNcgtNFIdq6GhhbvRNxxCuY5QX3ox7Lvunzf3MGlOvtGlqLL%2BX6X3Aa3r5IISfcyrJCnV6SYORJW5V6A7Bxdml5fAk1bFsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84a7705a9ab763ff-LHR
expires
Wed, 24 Jan 2024 15:11:44 GMT
x.png
brushwrist.vip/master/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brushwrist.vip/master/img/x.png
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
586221
alt-svc
h3=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jS1996LuOTsPePIy4MWD6ObHHei5BiIktDHFZokm3YoAyqJkNVS6TbZJGmZKcgfFV9P6mMZ%2Bmpvss%2BoDIwtQrCJSwcTUCQTkQMXoV0K%2BFXS1%2BCmgE4TYc9DTB1NdqWiSlENKM8NoXaYbtCzk6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84a7705a9ab963ff-LHR
expires
Wed, 24 Jan 2024 15:11:44 GMT
q_grcstr.js
brushwrist.vip/master/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brushwrist.vip/master/js/q_grcstr.js
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6569ed237a785488cecad0efd063d7670c5f6372e0668ec697b4ba4e449439c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70523
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UUHd0MtehA0I2EhaH2Xn5Q7yAEQPtWAeUw%2BxNVl6Gr7gYSwrUNM2mkH7mGb0nERa25bwSo0q4y%2FXfRnLGNjP84MUZDeheTYlOu8G66OFyvSONpHp1bECtNiP4n8Jqa5xCtcWvRyZrLovkfJNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84a7705988b263ff-LHR
expires
Tue, 30 Jan 2024 14:26:42 GMT
timer.js
brushwrist.vip/master/js/ 		619 B
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://brushwrist.vip/master/js/timer.js
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
204d5a3538e51529f2c2cc56c90c4023cb0bbad4bd03e9c116cbcfffd616952b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
586222
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmRfOxPizvCthJsheDZ%2B0hUJSxtELlqYC2M7ap8AfFKi9F4uf3EpczRDhADjVDoP8PqPIsPAK6%2Fev4%2BFPV2sNazr23iJcjQ9hJRscnP%2BSfQhG8wO9qa9Pj818UzJHq04JmgIXSPnsTTJPBzJUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84a77059b92263ff-LHR
expires
Wed, 24 Jan 2024 15:11:43 GMT
modal.js
brushwrist.vip/master/js/ 		673 B
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://brushwrist.vip/master/js/modal.js
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a421e3d21b620b2df12e22230e89290da9ed22a3245ab3ce6de31a6a2a661d6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
586222
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4QbNrHiNxw9FT0iq3fCTri953FI3%2BHP58xteF%2BwjmEby2X%2BqFv8JTi6yZiMBx9XOmjLzZlaGNDBkHBmokty%2BDVUbRYun6ikhY54ncYNOaSEL8aEJ%2Fn%2F5n9HH1YgoxKN5Nf3ERm6rprkpoI9sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84a7705a09a363ff-LHR
expires
Wed, 24 Jan 2024 15:11:43 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Arimo:wght@400;700&display=swap
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/master/css/main00.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85bdbe52389fc877c500613b5362b2ca07c8d9c56d0a3cd50ba11d9311993ff7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jan 2024 10:02:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 09:59:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jan 2024 10:02:05 GMT
v9e118mez8
trk-adulvion.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-adulvion.com/scripts/push/v9e118mez8
Requested by
Host: brushwrist.vip
URL: https://brushwrist.vip/inc/msg.js?a907654c3c6d4ceba4a601e7effb96d9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a4a7e1e3b6806e9eb4b719dcdd56c7f3dec5c4991bc15b56193c7e99f719f8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 10:02:05 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2738
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jan 2024 09:16:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxP2lypaLpkZsWTVzFBKb47TTjCc3XBsld7FP4RwmRC0D2OdQjlK1eao49A8DhhWFkH2rpF2vMJ%2FtzALzYJecExXaoGZdv7snhEPoozK8ECR%2BaI0bl2%2B0biDU%2B5%2BwwXwNn4JDOHhPcSibr3o3ujF"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
84a7705afad06316-LHR
expires
0
lf20_NxuRdg.json
assets3.lottiefiles.com/temp/ 		20 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets3.lottiefiles.com/temp/lf20_NxuRdg.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8200:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30abbcea5f8fb2a97caae4dd9368cfe177ab288bbc0e90437cfec4cf231f31af

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
XpGQn9jTqdCH_09IHXy3AQYee1_F_s91
content-encoding
br
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
date
Wed, 24 Jan 2024 10:02:07 GMT
x-amz-cf-pop
PRG50-C1
x-cache
RefreshHit from cloudfront
last-modified
Wed, 03 Apr 2019 15:01:36 GMT
server
AmazonS3
etag
W/"1b4e549cdda1e3a3e3f75846ec48beea"
access-control-max-age
1800
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=315360000
vary
Accept-Encoding,Origin
x-amz-cf-id
8uF1F14I6BBagCUL12hxrpsIAPwDfHZCEXmDDcpQruv7YQw6us5PPw==
lf20_NxuRdg.json
assets3.lottiefiles.com/temp/ 		20 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets3.lottiefiles.com/temp/lf20_NxuRdg.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8200:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30abbcea5f8fb2a97caae4dd9368cfe177ab288bbc0e90437cfec4cf231f31af

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://brushwrist.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
XpGQn9jTqdCH_09IHXy3AQYee1_F_s91
content-encoding
br
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
date
Wed, 24 Jan 2024 10:02:07 GMT
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
last-modified
Wed, 03 Apr 2019 15:01:36 GMT
server
AmazonS3
etag
W/"1b4e549cdda1e3a3e3f75846ec48beea"
access-control-max-age
1800
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=315360000
vary
Accept-Encoding,Origin
x-amz-cf-id
B2XfCu2xPnIcIXTrQeYvkAbGTRbputHllM1BJpuZHatTxxwWSyczAg==
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arimo:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://brushwrist.vip
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:48:32 GMT
x-content-type-options
nosniff
age
137613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20040
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 19:48:32 GMT
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Requested by
Host: trk-adulvion.com
URL: https://trk-adulvion.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://brushwrist.vip/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Wed, 24 Jan 2024 10:02:06 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gPCxI7DQ%2BnQLOOTgH3n6acmndVxAHdkPhxk2cN7jifQ1Cq2rNJRBsVDl2eXboPKtmIKJKeLPzqB2D79ooIvAAikiva2ynK8Lj8KoWBwnbQpdGm3hDrbM8TULcPSTmiag2GkRDXWZ0wSfywQ70lRQVCF%2F7br"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
84a7705f7f1153a5-LHR
x-pushplatformapp-params
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://brushwrist.vip
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84a7705cbac853a5-LHR
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Wed, 24 Jan 2024 10:02:06 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osI8wz4joChYFJXonrnwL%2Ft%2F3VgYkZAie8oc1FLEJTyrzL0gzAW%2BanvYtSSZhdEE%2FXkrFb2nBdINKW71Nyf2gmIQ0LapgrXn4xqM0VIc7a8KYkQaKQ4gYyarrRFTraF4F1231PI%2BQ2VQftQx0HBBh0KCaA8z"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://brushwrist.vip
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84a7705cbac953a5-LHR
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Wed, 24 Jan 2024 10:02:06 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1u9vgTS0SuFeIBQiRbrFcqZLVWtvU5lE%2FdnOQ0JNUUYgZTIyeVh4Zqg2fGKimIAXuRvNV4TRaPyLuu%2FGIOdBXohjo3po3Eqc%2FTX23N0LHbrLsormhM2Lfy%2FTIlRKYSH1ZBY15R0OACllCRirm3JICqnz3rWH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Requested by
Host: trk-adulvion.com
URL: https://trk-adulvion.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://brushwrist.vip/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Wed, 24 Jan 2024 10:02:06 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r56vWGefL1tevUe0WcFKxiABAMfzD6C1oYA9aLkjWxV9Lb7AdkAlQX0fu8eCgp6Y1hyP%2FzKxA53yrBT5RVi8LC5ontagfuhijGQlINX9IAEyDCaMck9AFboiME7G1vz2nCVSbnFxpuVNJqv5YtJ5S2W%2F5%2Fbo"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
84a7705f7f1353a5-LHR
x-pushplatformapp-params

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer) Generic Scam (Online)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| asdf function| datehax object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| replaceUrlParam object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain function| nextQuestion function| drawszlider function| selectReward function| showModal object| comments number| slidewhere number| holvanszlider function| startTimer function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore

4 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: a31861ec-7e15-400d-b543-6b5f35aa531f
drovelift.com/ Name: uid1742
Value: 1131175552-20240124050204-15270e4998856c6e6b5e414dbdf682ca-0
octaldrone.world/ Name: PHPSESSID
Value: 1109f5d63e6173949066eb1b0e7c5030
brushwrist.vip/ Name: PHPSESSID
Value: 658236818aca61a183b989981fbfc98e

3 Console Messages

Source Level URL
Text
network error URL: https://brushwrist.vip/master/js/rndm_ppl_cmt_eu.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Message:
Refused to execute script from 'https://brushwrist.vip/master/js/rndm_ppl_cmt_eu.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other error URL: https://brushwrist.vip/?4d8ca671d08f45a3039f481603fd7c1d
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets3.lottiefiles.com
brushwrist.vip
code.jquery.com
drovelift.com
event.trk-adulvion.com
fonts.googleapis.com
fonts.gstatic.com
octaldrone.world
t.co
trk-adulvion.com
unpkg.com
104.244.42.5
155.254.194.20
2600:9000:2127:8200:2:49a2:4500:93a1
2606:4700:3034::6815:3185
2606:4700::6810:7eaf
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a04:4e42::649
2a06:98c1:3120::3
2a06:98c1:3121::3
0118d9d560180d600dcea7397e510abff451d9693b06223a391f5c8e22889fb1
204d5a3538e51529f2c2cc56c90c4023cb0bbad4bd03e9c116cbcfffd616952b
2ea6b093885ce53036c4b381a1ce1496d53029b9a205fe9471666022efde5d8f
30abbcea5f8fb2a97caae4dd9368cfe177ab288bbc0e90437cfec4cf231f31af
40a4a7e1e3b6806e9eb4b719dcdd56c7f3dec5c4991bc15b56193c7e99f719f8
57c373d7e2a8d41a5a118c76d597864cd5abc6e8daafcc13d000abb3b111e7bd
597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4
5a3d2aff919126192a2c4598fa62c3dc159e5ddef750165a6bcd7590ecafe1ac
6569ed237a785488cecad0efd063d7670c5f6372e0668ec697b4ba4e449439c7
735ee02711d4d62d8cfba0c075237f227491a044441540d39f8c8203ccd54cea
7582792964fc3ce772602d7e9b803bf3a24de167f4e0d1030c989517a131018f
7d4fae8695dd32226793b6eb343e2acad53294dff39c07c6668fb413b08fcc35
7dae1a55354a459fff7addfefc3968da9e7d7dcde92131c23437d1d243010184
8200cf03267a75e1ce90342a01b171f124631a1d216e117d67d2c9cdb6f2a712
846db066c20f84092af64faa54b0895461e8457c7b1518487f50925235a1e2ba
85bdbe52389fc877c500613b5362b2ca07c8d9c56d0a3cd50ba11d9311993ff7
8fccb5c96c54856548fbad584f0e41f72313b94b33ec32d328985b3267f4035e
9b62dd5d3cba8e8057930ec169fdc706a9d7cfd053fc6dd1ec576473d2db0d05
a421e3d21b620b2df12e22230e89290da9ed22a3245ab3ce6de31a6a2a661d6e
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
b268d8d7e58b5df0bbd18aecb0add2e65801fa45c99e8afbcf1189e6c6c9723f
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
ccf8e47f372620d2134048c3a0ed53de3c3ea9b019b4aeaf8a8c1634b8bad13d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fdac1f1e22831c8407069e65d4d2ad048b46e9d9758a976f510fb6add82bc980