urlscan.io logo urlscan.io
SecurityTrails logo

m.bingdone.com Open in urlscan Pro
172.67.159.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://2di-rect.com/p/h52n/6fUW/6VL9
Effective URL: https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&r...
Submission: On December 08 via api from US — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 36 HTTP transactions. The main IP is 172.67.159.28, located in United States and belongs to CLOUDFLARENET, US. The main domain is m.bingdone.com.
TLS certificate: Issued by WE1 on November 7th 2024. Valid for: 3 months.
This is the only time m.bingdone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 172.67.157.69 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 188.114.96.3 13335 (CLOUDFLAR...)
14 172.67.159.28 13335 (CLOUDFLAR...)
12 139.45.197.250 9002 (RETN-AS R...)
1 188.114.97.3 13335 (CLOUDFLAR...)
36 7
4    172.67.157.69 (United States)

ASN13335 (CLOUDFLARENET, US)
2di-rect.com
3    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www1.afego.life
14    172.67.159.28 (United States)

ASN13335 (CLOUDFLARENET, US)
m.bingdone.com
12    139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
beevakum.net
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
Apex Domain
Subdomains		 Transfer
14 bingdone.com
m.bingdone.com
686 KB
12 beevakum.net
beevakum.net — Cisco Umbrella Rank: 451876
19 KB
4 2di-rect.com
2di-rect.com
32 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
962 B
1 afego.life
www1.afego.life
967 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
98 KB
36 7
Domain Requested by
14 m.bingdone.com 2di-rect.com
m.bingdone.com
beevakum.net
12 beevakum.net m.bingdone.com
beevakum.net
4 2di-rect.com 2di-rect.com
3 www.google-analytics.com 2di-rect.com
www.google-analytics.com
www.googletagmanager.com
1 my.rtmark.net beevakum.net
1 www1.afego.life 1 redirects
1 www.googletagmanager.com www.google-analytics.com
36 7

This site contains no links.

Subject Issuer Validity Valid
2di-rect.com
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
bingdone.com
WE1		 2024-11-07 -
2025-02-05		 3 months crt.sh
beevakum.net
E5		 2024-10-28 -
2025-01-26		 3 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Frame ID: 65C796767BDDE733F7631669361D0DDA
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Huomio! Sivusto aikuisille.

Page URL History Show full URLs

  1. https://2di-rect.com/p/h52n/6fUW/6VL9 Page URL
  2. https://www1.afego.life/click?pid=62301&offer_id=25&sub1=mlClick-tlZb24Ra&sub2=1110446 HTTP 302
    https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

97 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

859 kB
Transfer

2598 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://2di-rect.com/p/h52n/6fUW/6VL9 Page URL
  2. https://www1.afego.life/click?pid=62301&offer_id=25&sub1=mlClick-tlZb24Ra&sub2=1110446 HTTP 302
    https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
6VL9
2di-rect.com/p/h52n/6fUW/ 		24 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2di-rect.com/p/h52n/6fUW/6VL9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.157.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
181a5adabd30faa8366d3fc6f1265826d665fa045b490cf69408f8d5c6ef0bf2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, private
cf-cache-status
DYNAMIC
cf-ray
8eea948e6f0dbf5b-WAW
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 08 Dec 2024 06:08:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGPdk8dFp2%2BGW3VGNm6ytZmUYBFYLEFo9lFrBESuGCEhC1lysA6jG70DPsqC3%2FzkhECZr%2BS1qMLcLVSJ0dT1D5yXsYbyJMZfsgHxHTeYO9TwZDE3iD4gAUjR%2FOjZJbc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=46682&min_rtt=46426&rtt_var=7622&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4165&recv_bytes=4493&delivery_rate=388&cwnd=12000&unsent_bytes=0&cid=f223cb21509dd03c&ts=340&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-robots-tag
noindex, nofollow
envoirment.js
2di-rect.com/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2di-rect.com/js/envoirment.js?id=a535a99b3fccb8f0756e
Requested by
Host: 2di-rect.com
URL: https://2di-rect.com/p/h52n/6fUW/6VL9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.157.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2360f05aaa5110f0891046d08ab93ee8bfd6249debd8d8c1d173eac2dd5e172

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory
8
Referer
https://2di-rect.com/p/h52n/6fUW/6VL9

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"627a4b98-8078"
age
7104
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MwAHWJhLUQE5QMipBLAbRxqBcSlOin9TdZ60m1s34mnSPYrD3VoaW9tmbJjapP19WdWAQUF6eRdUNEjp3eFxHlkdCO6erBCYYLk2vwLq%2B956QiX5GYX3aZuXiP79cXs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50630&min_rtt=46426&rtt_var=5856&sent=32&recv=17&lost=0&retrans=0&sent_bytes=23954&recv_bytes=5129&delivery_rate=257608&cwnd=22200&unsent_bytes=0&cid=f223cb21509dd03c&ts=402&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 08 Dec 2024 06:08:20 GMT
content-type
application/javascript
last-modified
Tue, 10 May 2022 11:25:12 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eea94908fcbbf5b-WAW
server
cloudflare
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cac135cdd56f989b951575b57e8cef7dc364e29d57de2d4afb6ccb48cce44c17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 2di-rect.com
URL: https://2di-rect.com/p/h52n/6fUW/6VL9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2di-rect.com/

Response headers

content-encoding
gzip
age
6279
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sun, 08 Dec 2024 06:23:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 04:23:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
finger
2di-rect.com/ 		20 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2di-rect.com/finger
Requested by
Host: 2di-rect.com
URL: https://2di-rect.com/js/envoirment.js?id=a535a99b3fccb8f0756e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.157.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://2di-rect.com/p/h52n/6fUW/6VL9
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory
8
Content-Type
application/json

Response headers

cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RsT32OtR202gXvWOO1JNFFMp3ZIK8nS0y2uXpoa5jggkGBqIPnWuqEduNIwXVchrE%2BZdIwBrO8p3ZOu5%2BDdDTptwZmyctw1hVo9Pw5besh5b5JsOJpjug8KXqJVrIi0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eea94916815bf5b-WAW
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=57782&min_rtt=46341&rtt_var=6999&sent=46&recv=31&lost=0&retrans=0&sent_bytes=36577&recv_bytes=7840&delivery_rate=435812&cwnd=22200&unsent_bytes=0&cid=f223cb21509dd03c&ts=579&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 08 Dec 2024 06:08:20 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
collect
www.google-analytics.com/j/ 		15 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=60192364&t=pageview&_s=1&dl=https%3A%2F%2F2di-rect.com%2Fp%2Fh52n%2F6fUW%2F6VL9&ul=fi-fi&de=UTF-8&dt=Adult%20Dating%20-%20Smartlink%20VI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=484744690&gjid=1860568034&cid=1462320022.1733638101&tid=UA-110090096-2&_gid=1656447177.1733638101&_r=1&_slc=1&z=802335122
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
4d99c18018fde2d6060269d70d24f6ffc2435d83367c7e66b9b4f731ea551351
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://2di-rect.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:08:20 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://2di-rect.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
www.google-analytics.com/ 		35 B
324 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://2di-rect.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:08:20 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
https://2di-rect.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
favicon.ico
2di-rect.com/ 		548 B
794 B 		Other
General
Check archive.org
Download Go to
Full URL
https://2di-rect.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.157.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory
8
Referer
https://2di-rect.com/p/h52n/6fUW/6VL9

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nh8mm3r82nMqU0C5pVEQPmHpF%2BDsGAMeXQp%2BtPnr3HIXyDJhd6oPbFVZrlS5Paf7u8agupD9vFZhBFG15E9jdvJcBKhw0mbKMC6EhUKsoW49CMfbgWuLCRcIhE03hoQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eea9491982abf5b-WAW
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=57782&min_rtt=46341&rtt_var=6999&sent=47&recv=31&lost=0&retrans=0&sent_bytes=37266&recv_bytes=7840&delivery_rate=435812&cwnd=22200&unsent_bytes=0&cid=f223cb21509dd03c&ts=601&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 08 Dec 2024 06:08:20 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
js
www.googletagmanager.com/gtag/ 		278 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9R803BRQ9Q&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2di-rect.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 08 Dec 2024 06:08:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:08:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100109
x-xss-protection
0
server
Google Tag Manager
Primary Request c.php
m.bingdone.com/
Redirect Chain
  • https://www1.afego.life/click?pid=62301&offer_id=25&sub1=mlClick-tlZb24Ra&sub2=1110446
  • https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Requested by
Host: 2di-rect.com
URL: https://2di-rect.com/js/envoirment.js?id=a535a99b3fccb8f0756e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb3cabac6789463e823980a0c86fe12341a8a0b36a4e3bc1cfdcf3268affb20a

Request headers

Referer
https://2di-rect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8eea949388fe3bcd-WAW
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 08 Dec 2024 06:08:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bGj0WHEF1WG%2FqsDn3Inovirl0bKALKAKJ1guSf4VeNIZR3Wdayc%2FZSPmlO%2FIN%2FTZFYt%2FHYBnX8zx6bh5xI4NTC2Yox3sscQptti0YDW8EH6hbiwY8oYQrHwYqM8QVN%2FbgA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=46670&min_rtt=46505&rtt_var=7541&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4244&recv_bytes=4631&delivery_rate=390&cwnd=12000&unsent_bytes=0&cid=b5ed03cedbe5fb7c&ts=181&x=1" cfExtPri cfHdrFlush;dur=0

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8eea949279943494-WAW
content-length
0
date
Sun, 08 Dec 2024 06:08:20 GMT
location
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fGuaHPz%2FPHmnulrjsqD7BUijbwiNu%2BzQn%2F9Kve9NRGeJolAdTfssiDOjKB72hd%2FNmqLqXrk5V%2BRR2rNq95khBsesJOohDcrC%2BRwzneevNp%2Bd5bnWO4CMnr%2FKA8vu0pOfXSs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=46420&min_rtt=46368&rtt_var=9849&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4242&recv_bytes=4490&delivery_rate=12551&cwnd=12000&unsent_bytes=0&cid=114a423841a39c09&ts=116&x=1" cfExtPri cfHdrFlush;dur=0
x-adjust-use-original-forwarded-for
1
collect
www.google-analytics.com/g/ 		0
0
preview.jpg
m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/preview.jpg?1
Requested by
Host: m.bingdone.com
URL: https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2ed28357b0489fe5b615883a6f30b1f9527167c678be19b33c6f46d00c6e64c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=

Response headers

cf-cache-status
HIT
etag
"60f6ab04-180fc"
age
3940
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pkpvr10bgnF9Gl%2B%2FBRHP5DSy2JfisMcBFNZ5wFh9DqAakRRFCKT%2FedU%2Bajf8q9CMLnDzS5PEvWZFvFNVMtTIS1rB2uk0reuPU1w5sVrryv47ooJ5nx70U5WBIiAj7MqoGw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46621&min_rtt=46348&rtt_var=4321&sent=15&recv=13&lost=0&retrans=0&sent_bytes=7099&recv_bytes=5867&delivery_rate=61102&cwnd=12000&unsent_bytes=0&cid=b5ed03cedbe5fb7c&ts=244&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 08 Dec 2024 06:08:21 GMT
content-type
image/jpeg
last-modified
Tue, 20 Jul 2021 10:52:52 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eea9494a9a83bcd-WAW
accept-ranges
bytes
content-length
98556
server
cloudflare
jquery.min.js
m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/js/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/js/jquery.min.js
Requested by
Host: m.bingdone.com
URL: https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"60f6ab04-15d84"
age
5438
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EyW1xiza8B%2BkijJNT2Ld5MYJFnbDIBMDKm2hKesVpDSdpentH8np6Sz5xxbkSwClfhnB4jE3Gjtba03zgCZFNkZZOJHv%2BA4LySojf3ckanhDK%2BoN1JIm60VJQ5ykB%2BQiwA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46621&min_rtt=46348&rtt_var=4321&sent=25&recv=13&lost=0&retrans=0&sent_bytes=19099&recv_bytes=5867&delivery_rate=61102&cwnd=12000&unsent_bytes=0&cid=b5ed03cedbe5fb7c&ts=244&x=1", cfExtPri, cfHdrFlush;dur=48
date
Sun, 08 Dec 2024 06:08:21 GMT
content-type
application/javascript
last-modified
Tue, 20 Jul 2021 10:52:52 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eea9494a9a93bcd-WAW
server
cloudflare
template.js
m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/js/ 		525 B
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/js/template.js
Requested by
Host: m.bingdone.com
URL: https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c63e2a50f95200d4de0cb961d2b8be481f169cb0258fae07713f796133853b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"60f6ab04-20d"
age
271
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bSeGfyEdCn%2F1mgX0X0G0Ga5iG37ymIhT3wuwcOr%2FYgJwtpGj9jv8D6dM0PnSYDeXSKI3%2BMA%2FFPfK7JyF%2FnIaB5Sj5HigTEG7NKJMkSLcKVhTVQiA3TPlDQkYS17Tejzdig%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46621&min_rtt=46348&rtt_var=4321&sent=29&recv=19&lost=0&retrans=0&sent_bytes=19193&recv_bytes=9374&delivery_rate=61102&cwnd=12000&unsent_bytes=0&cid=b5ed03cedbe5fb7c&ts=256&x=1", cfExtPri, cfHdrFlush;dur=36
date
Sun, 08 Dec 2024 06:08:21 GMT
content-type
application/javascript
last-modified
Tue, 20 Jul 2021 10:52:52 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eea9494b9b13bcd-WAW
server
cloudflare
pattern.png
m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/pattern.png
Requested by
Host: m.bingdone.com
URL: https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
367dacef3f3650058439ad17f01b2b82c9de869cd470ccc068c380d71cae7a06

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=

Response headers

cf-cache-status
HIT
etag
"60f6ab04-af4"
age
271
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2B6BC7NoHQPsYt7Y16IMBYAS226eYyQZVzPPvNEx05yh5nuKLXZ5AOc1TMET4CDebb4HdJs1yLtjBllqXyVrf0fsDCVmtJ7M1Y2qXc8byfNYgpZUMTzGP8l3AKwhdMAtHg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46621&min_rtt=46348&rtt_var=4321&sent=29&recv=19&lost=0&retrans=0&sent_bytes=19193&recv_bytes=9374&delivery_rate=61102&cwnd=12000&unsent_bytes=0&cid=b5ed03cedbe5fb7c&ts=258&x=1", cfExtPri, cfHdrFlush;dur=34
date
Sun, 08 Dec 2024 06:08:21 GMT
content-type
image/png
last-modified
Tue, 20 Jul 2021 10:52:52 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eea9494c9b53bcd-WAW
accept-ranges
bytes
content-length
2804
server
cloudflare
Montserrat-ExtraLight.woff
m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/fonts/ 		175 KB
175 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/fonts/Montserrat-ExtraLight.woff
Requested by
Host: m.bingdone.com
URL: https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b53100f5197f2df519b4dea2b69928887f319a598404d15cf078ff6e1dc47009

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://m.bingdone.com
Referer
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=

Response headers

cf-cache-status
HIT
etag
"60f6ab04-2bb00"
age
271
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHQDtM0cQ07IKLZA%2F%2FiXrwS2%2BoJoL1z9%2F2YQDka9pHA6hVICyCPvbWGiVL16SDOWbdGtWlkhTSFU5QPo7o0HgltCFiFRHRwFxKWjoA0Apy6REVLPZ5nnTUdPAECfWZPJ5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46621&min_rtt=46348&rtt_var=4321&sent=29&recv=19&lost=0&retrans=0&sent_bytes=19193&recv_bytes=9374&delivery_rate=61102&cwnd=12000&unsent_bytes=0&cid=b5ed03cedbe5fb7c&ts=261&x=1", cfExtPri, cfHdrFlush;dur=31
date
Sun, 08 Dec 2024 06:08:21 GMT
content-type
font/woff
last-modified
Tue, 20 Jul 2021 10:52:52 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eea9494c9b63bcd-WAW
accept-ranges
bytes
content-length
178944
server
cloudflare
Montserrat-Bold.woff
m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/fonts/ 		174 KB
174 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/fonts/Montserrat-Bold.woff
Requested by
Host: m.bingdone.com
URL: https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbab597ae18ef8748b75b1f705bef3df84fa7d8520fc51a92f4843b0a28fab25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://m.bingdone.com
Referer
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=

Response headers

cf-cache-status
HIT
etag
"60f6ab03-2b704"
age
271
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ov4E%2BvrZ2ZaIea6CTZ8cnjBqFds9JHqW7MyrmsBzfRt%2F4A6ClVVNHpcbbAA5k99miA4CrKM7wy6ZVkRtS9evODdQrbZgRxkW%2B4HVmHBEZLx%2BwRebe00gepunE8UkyPaDpA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46621&min_rtt=46348&rtt_var=4321&sent=29&recv=19&lost=0&retrans=0&sent_bytes=19193&recv_bytes=9374&delivery_rate=61102&cwnd=12000&unsent_bytes=0&cid=b5ed03cedbe5fb7c&ts=260&x=1", cfExtPri, cfHdrFlush;dur=32
date
Sun, 08 Dec 2024 06:08:21 GMT
content-type
font/woff
last-modified
Tue, 20 Jul 2021 10:52:51 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eea9494c9b73bcd-WAW
accept-ranges
bytes
content-length
177924
server
cloudflare
Montserrat-Regular.woff
m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/fonts/ 		177 KB
178 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/fonts/Montserrat-Regular.woff
Requested by
Host: m.bingdone.com
URL: https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
581f4e23900b88c2bfe488fa5bf091832fe21c62ef1fcabda19d8a9e6bfa61ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://m.bingdone.com
Referer
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=

Response headers

cf-cache-status
HIT
etag
"60f6ab03-2c374"
age
271
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iuFjSloLNNBRm7XeNgvTVxGe50maggLmGltIYN7MhJKjyUaGH%2FfAS6eCzmquV6skLZhhJKOuNFSlTkO2FTd8kss%2B9OSu0anfMXcyLLEZ5UCGK%2BvN8NrKVK%2BjXilKQ1hgGA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46621&min_rtt=46348&rtt_var=4321&sent=29&recv=19&lost=0&retrans=0&sent_bytes=19193&recv_bytes=9374&delivery_rate=61102&cwnd=12000&unsent_bytes=0&cid=b5ed03cedbe5fb7c&ts=266&x=1", cfExtPri, cfHdrFlush;dur=26
date
Sun, 08 Dec 2024 06:08:21 GMT
content-type
font/woff
last-modified
Tue, 20 Jul 2021 10:52:51 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eea9494c9b83bcd-WAW
accept-ranges
bytes
content-length
181108
server
cloudflare
girls.mp4
m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/ 		36 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/girls.mp4
Requested by
Host: m.bingdone.com
URL: https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cf-cache-status
HIT
etag
"60f6ab03-1644b8"
age
1102
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYZ8WGXY7Wg0yzFb%2FNEGyNtoNytPYEll2uknrh6%2BVUAx6ytJDWWCj7q607bN1QChQc0gczMfxXL17YqmIzSa6LqHhtPgWTUvOWlt75Ga4K5Cj6S34Jn0I30eDKY6rZ8xyg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46621&min_rtt=46348&rtt_var=4321&sent=29&recv=19&lost=0&retrans=0&sent_bytes=19193&recv_bytes=9374&delivery_rate=61102&cwnd=12000&unsent_bytes=0&cid=b5ed03cedbe5fb7c&ts=263&x=1", cfExtPri, cfHdrFlush;dur=29
date
Sun, 08 Dec 2024 06:08:21 GMT
content-type
video/mp4
last-modified
Tue, 20 Jul 2021 10:52:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-1459383/1459384
cf-ray
8eea9494c9be3bcd-WAW
Content-Length
1459384
server
cloudflare
data.json
m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/data.json
Requested by
Host: m.bingdone.com
URL: https://m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/js/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c3e71f27703728db49129370b65b639a1dd8f23060e9f326ea65d2417f48076

Request headers

Referer
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
etag
W/"60f6ab04-ea4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9CcwARB5C%2BiGAf9IcvYIgs7n4A21%2B0F%2FOLd35azCzDTNFlOggEKs3FFFhavqHEa84CzoXwDb6g%2FSqCblPeHEwTLKyaoZFE30cuyoQVYdHanwR%2FyT1c0w54pYCNIB5io3Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eea9496aae83bcd-WAW
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48058&min_rtt=46348&rtt_var=182&sent=1226&recv=155&lost=16&retrans=0&sent_bytes=1436004&recv_bytes=16636&delivery_rate=9723254&cwnd=462839&unsent_bytes=0&cid=b5ed03cedbe5fb7c&ts=582&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 08 Dec 2024 06:08:21 GMT
content-type
application/json
last-modified
Tue, 20 Jul 2021 10:52:52 GMT
server
cloudflare
priority
u=1,i
girls.mp4
m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/ 		17 KB
18 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/girls.mp4
Requested by
Host: m.bingdone.com
URL: https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae37b9104f55818579b918e3aaad0c682fc49494888d551f935799a3e7e5eb52

Request headers

Referer
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=1441792-

Response headers

cf-cache-status
HIT
etag
"60f6ab03-1644b8"
age
1102
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N0BQyo8J4P6%2BVfYUPUcHdT1Iin4RtyWPCiESshGXTDAgfmmBJQHCOePrBoip7wFQXkcMETWZEZyxxsNLFaOHVSSAeJzIbgM86y13glAqLC9LT9MH7HUIvtZvboIGj9aJ5w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48058&min_rtt=46348&rtt_var=182&sent=1228&recv=155&lost=16&retrans=0&sent_bytes=1438297&recv_bytes=16636&delivery_rate=9723254&cwnd=462839&unsent_bytes=0&cid=b5ed03cedbe5fb7c&ts=584&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 08 Dec 2024 06:08:21 GMT
content-type
video/mp4
last-modified
Tue, 20 Jul 2021 10:52:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 1441792-1459383/1459384
cf-ray
8eea9496cb0c3bcd-WAW
Content-Length
17592
server
cloudflare
girls.mp4
m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://m.bingdone.com/landers/ru_en_it_es_pt_de_pl_photovideobackground_girl2_motion_1step_erotic_web_mob_integrated_oleg/girls.mp4
Requested by
Host: m.bingdone.com
URL: https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=32768-

Response headers

cf-cache-status
HIT
etag
"60f6ab03-1644b8"
age
1102
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N0BQyo8J4P6%2BVfYUPUcHdT1Iin4RtyWPCiESshGXTDAgfmmBJQHCOePrBoip7wFQXkcMETWZEZyxxsNLFaOHVSSAeJzIbgM86y13glAqLC9LT9MH7HUIvtZvboIGj9aJ5w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48058&min_rtt=46348&rtt_var=182&sent=1228&recv=155&lost=16&retrans=0&sent_bytes=1438297&recv_bytes=16636&delivery_rate=9723254&cwnd=462839&unsent_bytes=0&cid=b5ed03cedbe5fb7c&ts=584&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 08 Dec 2024 06:08:21 GMT
content-type
video/mp4
last-modified
Tue, 20 Jul 2021 10:52:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 32768-1459383/1459384
cf-ray
8eea9496cb0c3bcd-WAW
Content-Length
1426616
server
cloudflare
favicon.ico
m.bingdone.com/ 		555 B
813 B 		Other
General
Check archive.org
Download Go to
Full URL
https://m.bingdone.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MNPWzj3YMIilHrRefhLbys0dWh7mJI49KCTx1sCEuW7urbJP3jXb72z09u3x7X3tvVpQj7x8Ryh80MhdP3rbcS3oVGdpXbnQHIB1J60RJ0wfas2Aub9UZflGHJUJ00ifXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eea94979bad3bcd-WAW
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47103&min_rtt=46348&rtt_var=359&sent=2185&recv=285&lost=146&retrans=125&sent_bytes=2572442&recv_bytes=27845&delivery_rate=5001138&cwnd=326867&unsent_bytes=0&cid=b5ed03cedbe5fb7c&ts=761&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 08 Dec 2024 06:08:21 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
micro.tag.min.js
beevakum.net/pfe/current/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/pfe/current/micro.tag.min.js?z=6199255&sw=/sw-check-permissions-b9b9f.js
Requested by
Host: m.bingdone.com
URL: https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
b68c0cf3999943cb526261177710deb123aaa648e26bac3d231bcefc19bd7437

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://m.bingdone.com/

Response headers

cache-control
no-cache
content-encoding
gzip
etag
W/"6749c655-b108"
pragma
no-cache
access-control-allow-credentials
true
date
Sun, 08 Dec 2024 06:08:22 GMT
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 13:49:09 GMT
server
nginx
sw-check-permissions-b9b9f.js
m.bingdone.com/ 		0
988 B 		Other
General
Check archive.org
Download Go to
Full URL
https://m.bingdone.com/sw-check-permissions-b9b9f.js?zoneId=6199255
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6199255&sw=/sw-check-permissions-b9b9f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"64d0ee2d-236"
age
6138
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YGWVPt92iVmTHPCBni3l%2BZeIrsYIIyRkSYVJjqskC8IxIqZdy2F8fkouixMYqfoHr0PndyWqCBoHhwW%2Fkx%2BgKkkDlDSHww8JPcP6dfcGfDbOlxfB4BNuxleeV%2FmysYq67A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47132&min_rtt=46348&rtt_var=328&sent=2587&recv=356&lost=146&retrans=125&sent_bytes=3046498&recv_bytes=31642&delivery_rate=3254511&cwnd=330467&unsent_bytes=0&cid=b5ed03cedbe5fb7c&ts=1950&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 08 Dec 2024 06:08:22 GMT
content-type
application/javascript
last-modified
Mon, 07 Aug 2023 13:14:21 GMT
vary
Accept-Encoding
priority
u=4,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eea949f49263bcd-WAW
server
cloudflare
zone
beevakum.net/ 		0
334 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/zone?pub=0&zone_id=6199255&is_mobile=false&domain=m.bingdone.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.574&trace_id=24006588-2034-4d9d-a0db-db9404d3b3e7&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=&drf=https://2di-rect.com/
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6199255&sw=/sw-check-permissions-b9b9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://m.bingdone.com/

Response headers

strict-transport-security
max-age=1
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://m.bingdone.com
content-length
0
date
Sun, 08 Dec 2024 06:08:22 GMT
server
nginx
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6199255&sw=/sw-check-permissions-b9b9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://m.bingdone.com/

Response headers
gid.js
my.rtmark.net/ 		65 B
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=6199255&checkDuplicate=true&ymid=&var=&source=pusher
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6199255&sw=/sw-check-permissions-b9b9f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c6ea9704dd8e1e2d4023641a646e255f604719ce2773dd4751355513bd34aa
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://m.bingdone.com/

Response headers

access-control-expose-headers
Authorization
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5w6ZhCyKHp65wQnld8Og3P5XoHHH9cKfKbVF9rv5UvJsK%2F9fMNoaxFCV2XDWHXd2SoI8Sy9a42VXqgtk0cTK4WMZ80RK07886hJ8OE%2Fge3tkoeJnG5M%2B2qAck%2FtybeGH"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46607&min_rtt=46579&rtt_var=17487&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4113&recv_bytes=4329&delivery_rate=67433&cwnd=12000&unsent_bytes=0&cid=d572d104a631040e&ts=84&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 08 Dec 2024 06:08:23 GMT
content-type
application/json; charset=utf-8
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8eea949fabe9357b-WAW
access-control-allow-origin
https://m.bingdone.com
server
cloudflare
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6199255&sw=/sw-check-permissions-b9b9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://m.bingdone.com/

Response headers
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6199255&sw=/sw-check-permissions-b9b9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://m.bingdone.com/

Response headers
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6199255&sw=/sw-check-permissions-b9b9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://m.bingdone.com/

Response headers
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6199255&sw=/sw-check-permissions-b9b9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://m.bingdone.com/

Response headers
zone
beevakum.net/ 		503 B
872 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/zone?pub=0&zone_id=6199255&is_mobile=false&domain=m.bingdone.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.574&trace_id=24006588-2034-4d9d-a0db-db9404d3b3e7&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6199255&sw=/sw-check-permissions-b9b9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
d7d69ac85e06dc96ff4061a4b613ab14395eb2ee5651fef3fedea4f4b044e7fb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://m.bingdone.com/

Response headers

strict-transport-security
max-age=1
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://m.bingdone.com
content-length
503
date
Sun, 08 Dec 2024 06:08:22 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6199255&sw=/sw-check-permissions-b9b9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://m.bingdone.com/

Response headers
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6199255&sw=/sw-check-permissions-b9b9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://m.bingdone.com/

Response headers
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6199255&sw=/sw-check-permissions-b9b9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://m.bingdone.com/

Response headers
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6199255&sw=/sw-check-permissions-b9b9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://m.bingdone.com/

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9R803BRQ9Q&gtm=45je4c40v9123073336za200&_p=1733638100741&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&ul=fi-fi&sr=1600x1200&cid=1462320022.1733638101&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2F2di-rect.com%2Fp%2Fh52n%2F6fUW%2F6VL9&dt=Adult%20Dating%20-%20Smartlink%20VI&sid=1733638101&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1038

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| app function| initializePushSubscription object| zfgformats

10 Cookies

Domain/Path Name / Value
2di-rect.com/ Name: a11f5da7336cfe2e2fd950a3d968fdb0
Value: a11f5da7336cfe2e2fd950a3d968fdb0
.2di-rect.com/ Name: _ga
Value: GA1.2.1462320022.1733638101
.2di-rect.com/ Name: _gid
Value: GA1.2.1656447177.1733638101
.2di-rect.com/ Name: _gat
Value: 1
www1.afego.life/ Name: afclick
Value: 675537d45fee270001a0eb9a
www1.afego.life/ Name: afoffers
Value: {"25":1733638100}
.2di-rect.com/ Name: _ga_9R803BRQ9Q
Value: GS1.2.1733638101.1.0.1733638101.0.0.0
m.bingdone.com/ Name: uclick
Value: my2trn3vdz
m.bingdone.com/ Name: uclickhash
Value: my2trn3vdz-my2trn3vdz-1z-e80-sluq-g5k2fe-g5gh6o-8b86ae
my.rtmark.net/ Name: ID
Value: 01812c92a6cd415ef019d33ac1998b22

3 Console Messages

Source Level URL
Text
network error URL: https://2di-rect.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://m.bingdone.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://m.bingdone.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=675537d45fee270001a0eb9a&affpid=62301&action_id=FIdesktop&referrer=https%3A%2F%2F2di-rect.com%2F&sub1=mlClick-tlZb24Ra&sub2=1110446&sub3=&sub4=&sub5=&sub6=
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0604D07AC1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2di-rect.com
beevakum.net
m.bingdone.com
my.rtmark.net
www.google-analytics.com
www.googletagmanager.com
www1.afego.life
www.google-analytics.com
139.45.197.250
172.67.157.69
172.67.159.28
188.114.96.3
188.114.97.3
2001:4860:4802:38::178
2a00:1450:4001:830::2008
0c3e71f27703728db49129370b65b639a1dd8f23060e9f326ea65d2417f48076
181a5adabd30faa8366d3fc6f1265826d665fa045b490cf69408f8d5c6ef0bf2
367dacef3f3650058439ad17f01b2b82c9de869cd470ccc068c380d71cae7a06
4d99c18018fde2d6060269d70d24f6ffc2435d83367c7e66b9b4f731ea551351
581f4e23900b88c2bfe488fa5bf091832fe21c62ef1fcabda19d8a9e6bfa61ae
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973
a2360f05aaa5110f0891046d08ab93ee8bfd6249debd8d8c1d173eac2dd5e172
ae37b9104f55818579b918e3aaad0c682fc49494888d551f935799a3e7e5eb52
b53100f5197f2df519b4dea2b69928887f319a598404d15cf078ff6e1dc47009
b68c0cf3999943cb526261177710deb123aaa648e26bac3d231bcefc19bd7437
bb3cabac6789463e823980a0c86fe12341a8a0b36a4e3bc1cfdcf3268affb20a
cac135cdd56f989b951575b57e8cef7dc364e29d57de2d4afb6ccb48cce44c17
d2ed28357b0489fe5b615883a6f30b1f9527167c678be19b33c6f46d00c6e64c
d7d69ac85e06dc96ff4061a4b613ab14395eb2ee5651fef3fedea4f4b044e7fb
d8c6ea9704dd8e1e2d4023641a646e255f604719ce2773dd4751355513bd34aa
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4c63e2a50f95200d4de0cb961d2b8be481f169cb0258fae07713f796133853b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbab597ae18ef8748b75b1f705bef3df84fa7d8520fc51a92f4843b0a28fab25