urlscan.io logo urlscan.io
SecurityTrails logo

begtd.check-tl-ver-54-3.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://news-xdojoru.cc/tds?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Effective URL: https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee...
Submission: On May 10 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 24 HTTP transactions. The main IP is 188.114.96.3, located in and belongs to . The main domain is begtd.check-tl-ver-54-3.com.
TLS certificate: Issued by GTS CA 1P5 on April 6th 2024. Valid for: 3 months.
This is the only time begtd.check-tl-ver-54-3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.158.56.201 63023 (AS-GLOBAL...)
6 193.108.118.16 63023 (AS-GLOBAL...)
1 7 23.158.56.123 63023 (AS-GLOBAL...)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
10 188.114.96.3 ()
2 2a00:1450:400... ()
24 4
1    23.158.56.201 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 201-56-158-23.clients.gthost.com
news-xdojoru.cc
6    193.108.118.16 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 16-118-108-193.clients.gthost.com
362057edfa.news-xwefera.cc
7    23.158.56.123 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 123-56-158-23.clients.gthost.com
efc115d9b7.news-rolehi.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
begtd.antaresarcturus.top
10    188.114.96.3 (None, )

ASN- ()
begtd.check-tl-ver-54-3.com
cdnstatic.check-tl-ver-54-3.com
2    2a00:1450:4001:80e::2003 (None, )

ASN- ()
www.gstatic.com
Domain Requested by
8 begtd.check-tl-ver-54-3.com efc115d9b7.news-rolehi.com
begtd.check-tl-ver-54-3.com
7 efc115d9b7.news-rolehi.com 1 redirects 362057edfa.news-xwefera.cc
efc115d9b7.news-rolehi.com
6 362057edfa.news-xwefera.cc 362057edfa.news-xwefera.cc
2 www.gstatic.com cdnstatic.check-tl-ver-54-3.com
2 cdnstatic.check-tl-ver-54-3.com begtd.check-tl-ver-54-3.com
cdnstatic.check-tl-ver-54-3.com
1 begtd.antaresarcturus.top 1 redirects
1 news-xdojoru.cc 1 redirects
24 7

This site contains no links.

Subject Issuer Validity Valid
*.news-xwefera.cc
R3		 2024-05-09 -
2024-08-07		 3 months crt.sh
*.news-rolehi.com
R3		 2024-05-01 -
2024-07-30		 3 months crt.sh
check-tl-ver-54-3.com
GTS CA 1P5		 2024-04-06 -
2024-07-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409
Frame ID: 38EA3A2B6ADA2B092919572EB5536EE3
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://news-xdojoru.cc/tds?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4 HTTP 302
    https://362057edfa.news-xwefera.cc/?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4 Page URL
  2. https://efc115d9b7.news-rolehi.com/?i=1&id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4 Page URL
  3. https://efc115d9b7.news-rolehi.com/tb?id=1224273973&land=24&monetization=user&p1=&p2=&p3=&p4=&type=reject HTTP 302
    https://begtd.antaresarcturus.top/?pl=b_ecqz9rt0OT2l68f7-uWA HTTP 302
    https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Page Statistics

24
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

7
Subdomains

4
IPs

2
Countries

528 kB
Transfer

660 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://news-xdojoru.cc/tds?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4 HTTP 302
    https://362057edfa.news-xwefera.cc/?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4 Page URL
  2. https://efc115d9b7.news-rolehi.com/?i=1&id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4 Page URL
  3. https://efc115d9b7.news-rolehi.com/tb?id=1224273973&land=24&monetization=user&p1=&p2=&p3=&p4=&type=reject HTTP 302
    https://begtd.antaresarcturus.top/?pl=b_ecqz9rt0OT2l68f7-uWA HTTP 302
    https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://news-xdojoru.cc/tds?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4 HTTP 302
  • https://362057edfa.news-xwefera.cc/?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
362057edfa.news-xwefera.cc/
Redirect Chain
  • https://news-xdojoru.cc/tds?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
  • https://362057edfa.news-xwefera.cc/?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://362057edfa.news-xwefera.cc/?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
1612441aab64828693c31ca4bde175ddb0ef3c465081fb1388240e499912d375
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 10 May 2024 20:15:05 GMT
server
nginx
vary
Origin
x-frame-options
DENY

Redirect headers

content-length
0
date
Fri, 10 May 2024 20:15:05 GMT
location
https://362057edfa.news-xwefera.cc/?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
server
nginx
vary
Origin
x-frame-options
DENY
revopush.js
362057edfa.news-xwefera.cc/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://362057edfa.news-xwefera.cc/revopush.js
Requested by
Host: 362057edfa.news-xwefera.cc
URL: https://362057edfa.news-xwefera.cc/?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://362057edfa.news-xwefera.cc/?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:05 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
etag
"6633aa22-1fae"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
8110
style.css
362057edfa.news-xwefera.cc/lands/24/ 		39 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://362057edfa.news-xwefera.cc/lands/24/style.css
Requested by
Host: 362057edfa.news-xwefera.cc
URL: https://362057edfa.news-xwefera.cc/?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
109e531d3aa0964bf9568bfad9eb123cbdf638d8c681bc9bd116308739d6aaf5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://362057edfa.news-xwefera.cc/?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:05 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
etag
"6633aa22-63e3"
content-type
text/css
accept-ranges
bytes
content-length
25571
bg-desktop2.jpg
362057edfa.news-xwefera.cc/lands/24/ 		205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://362057edfa.news-xwefera.cc/lands/24/bg-desktop2.jpg
Requested by
Host: 362057edfa.news-xwefera.cc
URL: https://362057edfa.news-xwefera.cc/lands/24/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
b2bc42b6d14cc33dcec12bf847aab16d82a8f764df36dfddb4e1a05e0fcb3353

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://362057edfa.news-xwefera.cc/lands/24/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:05 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-3327a"
content-length
209530
content-type
image/jpeg
v_F.ico
362057edfa.news-xwefera.cc/lands/24/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://362057edfa.news-xwefera.cc/lands/24/v_F.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://362057edfa.news-xwefera.cc/?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:05 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
etag
W/"6633aa22-47e"
content-type
image/x-icon
reject
362057edfa.news-xwefera.cc/ 		5 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://362057edfa.news-xwefera.cc/reject
Requested by
Host: 362057edfa.news-xwefera.cc
URL: https://362057edfa.news-xwefera.cc/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://362057edfa.news-xwefera.cc/?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 10 May 2024 20:15:07 GMT
server
nginx
content-length
5
vary
Origin
content-type
application/json; charset=UTF-8
/
efc115d9b7.news-rolehi.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://efc115d9b7.news-rolehi.com/?i=1&id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Requested by
Host: 362057edfa.news-xwefera.cc
URL: https://362057edfa.news-xwefera.cc/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
56430b5386cd863a4824c9d62f729eec2629b195718c131cf5b3c32a09e93e5b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://362057edfa.news-xwefera.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 10 May 2024 20:15:07 GMT
server
nginx
vary
Origin
x-frame-options
DENY
revopush.js
efc115d9b7.news-rolehi.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://efc115d9b7.news-rolehi.com/revopush.js
Requested by
Host: efc115d9b7.news-rolehi.com
URL: https://efc115d9b7.news-rolehi.com/?i=1&id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://efc115d9b7.news-rolehi.com/?i=1&id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:07 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
etag
"6633aa22-1fae"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
8110
style.css
efc115d9b7.news-rolehi.com/lands/24/ 		39 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://efc115d9b7.news-rolehi.com/lands/24/style.css
Requested by
Host: efc115d9b7.news-rolehi.com
URL: https://efc115d9b7.news-rolehi.com/?i=1&id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
109e531d3aa0964bf9568bfad9eb123cbdf638d8c681bc9bd116308739d6aaf5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://efc115d9b7.news-rolehi.com/?i=1&id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:07 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
etag
"6633aa22-63e3"
content-type
text/css
accept-ranges
bytes
content-length
25571
bg-desktop2.jpg
efc115d9b7.news-rolehi.com/lands/24/ 		205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://efc115d9b7.news-rolehi.com/lands/24/bg-desktop2.jpg
Requested by
Host: efc115d9b7.news-rolehi.com
URL: https://efc115d9b7.news-rolehi.com/lands/24/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
b2bc42b6d14cc33dcec12bf847aab16d82a8f764df36dfddb4e1a05e0fcb3353

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://efc115d9b7.news-rolehi.com/lands/24/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:07 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-3327a"
content-length
209530
content-type
image/jpeg
v_F.ico
efc115d9b7.news-rolehi.com/lands/24/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://efc115d9b7.news-rolehi.com/lands/24/v_F.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://efc115d9b7.news-rolehi.com/?i=1&id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:07 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-47e"
content-length
1150
content-type
image/x-icon
reject
efc115d9b7.news-rolehi.com/ 		5 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://efc115d9b7.news-rolehi.com/reject
Requested by
Host: efc115d9b7.news-rolehi.com
URL: https://efc115d9b7.news-rolehi.com/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://efc115d9b7.news-rolehi.com/?i=1&id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 10 May 2024 20:15:08 GMT
server
nginx
content-length
5
vary
Origin
content-type
application/json; charset=UTF-8
Primary Request /
begtd.check-tl-ver-54-3.com/my-adult-video/
Redirect Chain
  • https://efc115d9b7.news-rolehi.com/tb?id=1224273973&land=24&monetization=user&p1=&p2=&p3=&p4=&type=reject
  • https://begtd.antaresarcturus.top/?pl=b_ecqz9rt0OT2l68f7-uWA
  • https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409
Requested by
Host: efc115d9b7.news-rolehi.com
URL: https://efc115d9b7.news-rolehi.com/revopush.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
454d5994ac1133edef352953b15bca1fd1f1266ed7175e36c0b570fbca38de84

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://efc115d9b7.news-rolehi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
881c99858b6490d7-FRA
content-encoding
br
content-type
text/html
date
Fri, 10 May 2024 20:15:09 GMT
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V4ickls50bZBxag5ifMLR%2FHIENvPr2U1tMCn%2FWtnC7XpIicJpg81kXIGz6beTwZAlpRnPpCcFeYqWBXnsWRLqPaNW9kZaL7KcD%2BoaLjev8pGyNGYd4QKZY3Y9nl0k33DbVPn0AgO6VYzBTfCx6s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
881c9982cb833730-FRA
content-length
0
date
Fri, 10 May 2024 20:15:09 GMT
location
https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KEx%2BhFAcm%2Bz%2B3jzhjmdFZJkOd%2BsLT1D4YVMFgzMEhKHQimfK5ownBAs5%2FxvouTxj0nf%2F9tE%2BtnfC87gDXKDYXs4MY0Qb0nVmB9gtGTt2bWz40Os1mi5uGB6IbQSNJSVfQzKwGDjeccCkUwV%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style.css
begtd.check-tl-ver-54-3.com/my-adult-video/assets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://begtd.check-tl-ver-54-3.com/my-adult-video/assets/style.css
Requested by
Host: begtd.check-tl-ver-54-3.com
URL: https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4e433dc2c901899f15de3584c44f268be403d5b26cd0d2f58582c17af080aa69

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:09 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6627c958-196b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vpdafoto8%2FqfbmiaU9ncdZ2BiNzgur18eYu1caA8wejp1h2Jx66P7rCqznxh4q0Hrjm%2B3H28ZUDIS9l1AExr%2B3J2pIekruyuaGc9CDrlnft5X4mzFx%2FxWbxaRWe8hlj%2BYfApTRUU9jc2gZ9hIRM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
881c9985fc2190d7-FRA
alt-svc
h3=":443"; ma=86400
trls.js
begtd.check-tl-ver-54-3.com/my-adult-video/assets/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://begtd.check-tl-ver-54-3.com/my-adult-video/assets/trls.js
Requested by
Host: begtd.check-tl-ver-54-3.com
URL: https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a621a1b8fc50b3820c4887448246b1576456301cc7310b64f9ef896e0175a45f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:09 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6627c958-1420"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2FTNughs%2FMZo8gc4FieYDGBV343E2%2FYYyCN2hPc7oml3ZWgluUYWqgxDCnjxwV4whraNkvD13Pot4mFLBTCZifeUl7Yd5KsOiSdYga6mNFrz2XvxXFHmn8qaOjxF9NgdR3%2F3cejm0HzZp3d5tVU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
881c99865c7290d7-FRA
alt-svc
h3=":443"; ma=86400
spinning-circles2.svg
begtd.check-tl-ver-54-3.com/my-adult-video/assets/ 		503 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://begtd.check-tl-ver-54-3.com/my-adult-video/assets/spinning-circles2.svg
Requested by
Host: begtd.check-tl-ver-54-3.com
URL: https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:09 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6627c958-1f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vx8Zq%2F3qJjz1XuN7%2FDLaujuiZd3oawpbXB9FkirluVkrFQGHiVwn7bsv4wLts8YQWgRtmE%2BUbYJkHhadgpNWh7Ci0wuaUBjjpUB9itpdKYtSbTASrTT1DiRMZipRU%2BEmI1RGe1VqLzI6MyuV0gA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
881c99867c9e90d7-FRA
alt-svc
h3=":443"; ma=86400
static-pl.js
begtd.check-tl-ver-54-3.com/shared-js/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://begtd.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2
Requested by
Host: begtd.check-tl-ver-54-3.com
URL: https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:09 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6627c958-dee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u6W3g6Ueew4rtMgmiwxDDHJcL%2F7BF%2FQM3iv82LHATUVmkNi92XR4jpuY6byCfcimetZbRJ1CkvGWQxAqgkrNI17%2BZRt8ED97CqpsXbxqXFSEsXKw8DYFTpbbGb14kTSuKvGHO0%2FzFu3kz1562J8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
881c99867ca290d7-FRA
alt-svc
h3=":443"; ma=86400
arrow.svg
begtd.check-tl-ver-54-3.com/my-adult-video/assets/ 		226 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://begtd.check-tl-ver-54-3.com/my-adult-video/assets/arrow.svg
Requested by
Host: begtd.check-tl-ver-54-3.com
URL: https://begtd.check-tl-ver-54-3.com/my-adult-video/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
92d47bde923c80d50c91bcab12630a19608daad90447846a19749d07f8dd07cf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-54-3.com/my-adult-video/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:09 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6627c958-e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CcWahpV3WSve4si9C5NrbCT8fPWQJbnhPQAgEHipt3fcm5QYwv69wkEnMm1ipbnDG5ego%2BG0dPRv8D8s2taWqeXpHyEzJZOoMLO02O0hvn2Y9W24B9CUU73u7M4BasJN4JTQM6jWTa7v2fysozg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
881c9986acd490d7-FRA
alt-svc
h3=":443"; ma=86400
ps.js
cdnstatic.check-tl-ver-54-3.com/ps/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.check-tl-ver-54-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-54-3.com&timeout=30&tb=true&nrid=b76d6d5133a541debdcb4b1d0959aee3
Requested by
Host: begtd.check-tl-ver-54-3.com
URL: https://begtd.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
70683f73f2c5ad6fe8b10c79f7e6344a831ee257f7cd5211a967e9dea912c070

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-54-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:09 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DE%2FwT7sPyCV2QU2aKPUx4slhIqBeVCmY35IKgN1IrsHawUI4PR33GGr3v83pup24519DGnD01KlMmyJXXrbTOx1UIFNvt4GiGgKmelP48SLkUgMyRkyIpw57kwoqMBV1yMs0MZvFbcM5VD4lv%2FTz5m5G"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
881c9986ed0190d7-FRA
alt-svc
h3=":443"; ma=86400
config.js
cdnstatic.check-tl-ver-54-3.com/ps/ 		360 B
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.check-tl-ver-54-3.com/ps/config.js?id=b_ecqz9rt0OT2l68f7-uWA
Requested by
Host: cdnstatic.check-tl-ver-54-3.com
URL: https://cdnstatic.check-tl-ver-54-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-54-3.com&timeout=30&tb=true&nrid=b76d6d5133a541debdcb4b1d0959aee3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7e85c285fd983223d07a014d1a96804ba1c8f65fb43238a4fad204350e896958

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-54-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:10 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UT38Ppo%2BnyxcocscB3WsXbfGuN5l%2BOylDPSw3JHXe19Kd9GFxuAlU1VHEG4L8yRPeGrsBxsi596LwsxOWCCsUMTrA3dDcUQb%2FuUtD1m4KkVP%2FjnP7O%2Bzjnd7RBceCrkrLBkjG3fySXtC95FteE%2BN8Qv9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
881c99876d9e90d7-FRA
alt-svc
h3=":443"; ma=86400
firebase-app-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
Requested by
Host: cdnstatic.check-tl-ver-54-3.com
URL: https://cdnstatic.check-tl-ver-54-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-54-3.com&timeout=30&tb=true&nrid=b76d6d5133a541debdcb4b1d0959aee3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-54-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 13:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9308
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:38 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 05 May 2025 13:50:47 GMT
firebase-messaging-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
Requested by
Host: cdnstatic.check-tl-ver-54-3.com
URL: https://cdnstatic.check-tl-ver-54-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-54-3.com&timeout=30&tb=true&nrid=b76d6d5133a541debdcb4b1d0959aee3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-54-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 20:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9934
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 May 2025 20:31:48 GMT
v_F.ico
begtd.check-tl-ver-54-3.com/my-adult-video/assets/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://begtd.check-tl-ver-54-3.com/my-adult-video/assets/v_F.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:10 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6627c958-47e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jJ2OCgFi5LpTuzjKWjH4JydhqCTi5hUar0Dn5U7Ks7B25te%2BBL8Bzaii3fBVFKPBdxVwK6thipE%2B87xSCUUt3X8Kf3p6mmFnQjuRNMBlEAfNaPml7C3IDSoC93BLwkFYV0s7hWgwt3uNMJrPuiQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
881c99889f1490d7-FRA
alt-svc
h3=":443"; ma=86400
v_F.ico
begtd.check-tl-ver-54-3.com/my-adult-video/assets/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://begtd.check-tl-ver-54-3.com/my-adult-video/assets/v_F.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-54-3.com/my-adult-video/?pl=b_ecqz9rt0OT2l68f7-uWA&sm=my-adult-video&nrid=b76d6d5133a541debdcb4b1d0959aee3&hash=oE1yAiVXtdVDQF6nMks_Og&exp=1715372409
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 20:15:10 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6627c958-47e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jJ2OCgFi5LpTuzjKWjH4JydhqCTi5hUar0Dn5U7Ks7B25te%2BBL8Bzaii3fBVFKPBdxVwK6thipE%2B87xSCUUt3X8Kf3p6mmFnQjuRNMBlEAfNaPml7C3IDSoC93BLwkFYV0s7hWgwt3uNMJrPuiQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
881c99889f1490d7-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
begtd.antaresarcturus.top/ Name: b_ecqz9rt0OT2l68f7-uWA
Value: 25
begtd.antaresarcturus.top/ Name: __pl
Value: a0c30f44-819b-41d1-bac7-22374b72ac26
begtd.antaresarcturus.top/ Name: __cap
Value: 1

2 Console Messages

Source Level URL
Text
other error URL: https://362057edfa.news-xwefera.cc/?id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other error URL: https://efc115d9b7.news-rolehi.com/?i=1&id=1224273973&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

362057edfa.news-xwefera.cc
begtd.antaresarcturus.top
begtd.check-tl-ver-54-3.com
cdnstatic.check-tl-ver-54-3.com
efc115d9b7.news-rolehi.com
news-xdojoru.cc
www.gstatic.com
188.114.96.3
188.114.97.3
193.108.118.16
23.158.56.123
23.158.56.201
2a00:1450:4001:80e::2003
109e531d3aa0964bf9568bfad9eb123cbdf638d8c681bc9bd116308739d6aaf5
1612441aab64828693c31ca4bde175ddb0ef3c465081fb1388240e499912d375
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed
454d5994ac1133edef352953b15bca1fd1f1266ed7175e36c0b570fbca38de84
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f
4e433dc2c901899f15de3584c44f268be403d5b26cd0d2f58582c17af080aa69
56430b5386cd863a4824c9d62f729eec2629b195718c131cf5b3c32a09e93e5b
70683f73f2c5ad6fe8b10c79f7e6344a831ee257f7cd5211a967e9dea912c070
7e85c285fd983223d07a014d1a96804ba1c8f65fb43238a4fad204350e896958
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
92d47bde923c80d50c91bcab12630a19608daad90447846a19749d07f8dd07cf
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
a621a1b8fc50b3820c4887448246b1576456301cc7310b64f9ef896e0175a45f
b2bc42b6d14cc33dcec12bf847aab16d82a8f764df36dfddb4e1a05e0fcb3353
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e