urlscan.io logo urlscan.io
SecurityTrails logo

www.cool18.com Open in urlscan Pro
135.148.209.1  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.cool18.com/parks.php
Submission: On July 25 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 47 HTTP transactions. The main IP is 135.148.209.1, located in United States and belongs to OVH, FR. The main domain is www.cool18.com. The Cisco Umbrella rank of the primary domain is 506491.
TLS certificate: Issued by Thawte TLS RSA CA G1 on June 7th 2023. Valid for: a year.
This is the only time www.cool18.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 135.148.209.1 16276 (OVH)
1 51.81.2.58 16276 (OVH)
6 57.128.64.234 16276 (OVH)
1 11 2606:4700:311... 13335 (CLOUDFLAR...)
1 2606:4700:311... 13335 (CLOUDFLAR...)
2 2606:4700:311... 13335 (CLOUDFLAR...)
1 2606:4700:311... 13335 (CLOUDFLAR...)
2 8.252.162.249 3356 (LEVEL3)
8 8.252.238.249 3356 (LEVEL3)
7 8.252.161.121 3356 (LEVEL3)
47 11
7    135.148.209.1 (United States)

ASN16276 (OVH, FR)
PTR: ip1.ip-135-148-209.us
www.cool18.com
1    51.81.2.58 (United States)

ASN16276 (OVH, FR)
PTR: ip58.ip-51-81-2.us
www.6park.com
6    57.128.64.234 (France)

ASN16276 (OVH, FR)
PTR: ns3095953.ip-57-128-64.eu
img.86uk.com
11    2606:4700:3110::6812:3b96 (United States)

ASN13335 (CLOUDFLARENET, US)
go.xlviiirdr.com
creative.xlviiirdr.com
1    2606:4700:3110::6812:3eeb (United States)

ASN13335 (CLOUDFLARENET, US)
video.ktkjmp.com
2    2606:4700:311f::6812:3f7c (United States)

ASN13335 (CLOUDFLARENET, US)
img.strpst.com
1    2606:4700:311f::6812:3f82 (United States)

ASN13335 (CLOUDFLARENET, US)
superchat.live
2    8.252.162.249 (United States)

ASN3356 (LEVEL3, US)
edge-hls.doppiocdn.org
8    8.252.238.249 (United States)

ASN3356 (LEVEL3, US)
b-hls-24.doppiocdn.org
7    8.252.161.121 (United States)

ASN3356 (LEVEL3, US)
b-hls-09.doppiocdn.org
Apex Domain
Subdomains		 Transfer
17 doppiocdn.org
edge-hls.doppiocdn.org — Cisco Umbrella Rank: 27095
b-hls-24.doppiocdn.org — Cisco Umbrella Rank: 194595
b-hls-09.doppiocdn.org — Cisco Umbrella Rank: 177947
2 MB
11 xlviiirdr.com
go.xlviiirdr.com — Cisco Umbrella Rank: 66121
creative.xlviiirdr.com — Cisco Umbrella Rank: 137246
140 KB
7 cool18.com
www.cool18.com — Cisco Umbrella Rank: 506491
107 KB
6 86uk.com
img.86uk.com — Cisco Umbrella Rank: 210925
492 KB
2 strpst.com
img.strpst.com — Cisco Umbrella Rank: 10009
30 KB
1 superchat.live
superchat.live — Cisco Umbrella Rank: 45065
488 B
1 ktkjmp.com
video.ktkjmp.com — Cisco Umbrella Rank: 14497
668 B
1 6park.com
www.6park.com — Cisco Umbrella Rank: 208808
2 KB
47 8
Domain Requested by
8 b-hls-24.doppiocdn.org creative.xlviiirdr.com
7 b-hls-09.doppiocdn.org creative.xlviiirdr.com
7 www.cool18.com www.cool18.com
6 creative.xlviiirdr.com www.cool18.com
creative.xlviiirdr.com
6 img.86uk.com www.cool18.com
img.86uk.com
5 go.xlviiirdr.com 1 redirects creative.xlviiirdr.com
2 edge-hls.doppiocdn.org creative.xlviiirdr.com
2 img.strpst.com www.cool18.com
1 superchat.live creative.xlviiirdr.com
1 video.ktkjmp.com creative.xlviiirdr.com
1 www.6park.com www.cool18.com
47 11
Subject Issuer Validity Valid
*.cool18.com
Thawte TLS RSA CA G1		 2023-06-07 -
2024-06-09		 a year crt.sh
*.6park.com
GeoTrust TLS RSA CA G1		 2023-06-09 -
2024-06-11		 a year crt.sh
img.86uk.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-24 -
2023-12-24		 a year crt.sh
xlviiirdr.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-01		 a year crt.sh
video.ktkjmp.com
Cloudflare Inc ECC CA-3		 2023-07-02 -
2024-07-01		 a year crt.sh
img.strpst.com
Cloudflare Inc ECC CA-3		 2023-04-03 -
2024-04-02		 a year crt.sh
superchat.live
Cloudflare Inc ECC CA-3		 2022-09-23 -
2023-09-22		 a year crt.sh
*.doppiocdn.org
Sectigo RSA Domain Validation Secure Server CA		 2022-08-18 -
2023-09-18		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.cool18.com/parks.php
Frame ID: 1589329D326F74A21F99D0020CECE35C
Requests: 8 HTTP requests in this frame

Frame: https://img.86uk.com/iframe.php?id=cool18index46860l
Frame ID: 788CB95FB6E06739BE9C2A19569A8680
Requests: 2 HTTP requests in this frame

Frame: https://img.86uk.com/iframe.php?id=cool18index46860r
Frame ID: DAF2325F4D43E15F0A85BD1DDE852132
Requests: 2 HTTP requests in this frame

Frame: https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
Frame ID: A895605D8CBAED721973824DAD7392EE
Requests: 33 HTTP requests in this frame

Frame: https://img.86uk.com/iframe.php?id=ch98090&k=%e6%80%a7%e8%b6%a3%e8%b4%b4%e5%9b%be%2c%e7%a7%81%e6%88%bf%e8%87%aa%e6%8b%8d%2c%e6%83%85%e8%89%b2%e9%9d%93%e5%bd%b1%2c%e6%88%90%e4%ba%ba%e5%bd%b1%e8%a7%86%2c%e7%a6%81%e5%bf%8c%e4%b9%a6%e5%b1%8b%2c%e6%80%a7%e8%b6%a3%e8%ae%ba%e5%9d%9b
Frame ID: 03C575BCA6179D6FC755FF8E50DF3D67
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

酷18 cool18.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

96 %
HTTPS

40 %
IPv6

8
Domains

11
Subdomains

11
IPs

2
Countries

3215 kB
Transfer

3678 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://go.xlviiirdr.com/i?campaignId=&creativeId=&modelsCountry=&modelsLanguage=&sourceId=&tag=girls%2Fchinese&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&liveBadgeColor=&showButton=0&showModelName=1&showTitle=0&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=0&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62&landing=WidgetV4Universal&autoplay=all&autoplayForce=1&thumbsMargin= HTTP 302
  • https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request parks.php
www.cool18.com/ 		28 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 / PHP/7.4.24
Resource Hash
ca821eeadb401c45fdc94b2986b9a23fe58363114552653ee156188f42e8f333

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 25 Jul 2023 12:33:04 GMT
Server
nginx/1.21.3
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.24
jquery-1.11.1.min.js
www.cool18.com/pub/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/pub/jquery-1.11.1.min.js
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.cool18.com/parks.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 12:33:04 GMT
Last-Modified
Fri, 11 Sep 2020 02:12:51 GMT
Server
nginx/1.21.3
ETag
"5f5add23-1762e"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95790
prompt.css
www.cool18.com/pub/ 		1 KB
800 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/pub/prompt.css
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 /
Resource Hash
a73608ccf909815edca9aabed031784cdc36cd37c6448530346b7c376a8ec8f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.cool18.com/parks.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 12:33:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Sep 2020 02:12:51 GMT
Server
nginx/1.21.3
ETag
W/"5f5add23-483"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
gdpr.js
www.cool18.com/pub/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/pub/gdpr.js
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 /
Resource Hash
e2482d68f0192b468c48898124437dbec07d656158ff0a79c5da30a876cf7f85

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.cool18.com/parks.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 12:33:04 GMT
Last-Modified
Fri, 11 Sep 2020 02:12:51 GMT
Server
nginx/1.21.3
ETag
"5f5add23-d12"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3346
aimain.php
www.6park.com/pub/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.6park.com/pub/aimain.php?act=sitemap
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.81.2.58 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip58.ip-51-81-2.us
Software
nginx/1.21.3 / PHP/7.4.25
Resource Hash
64d9681fe7465a0a450cdb37dac81cadda84f34b85d0eae46ba0d7f4316dba71

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.cool18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 12:33:04 GMT
Cache
1
Server
nginx/1.21.3
Connection
keep-alive
X-Powered-By
PHP/7.4.25
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
diybbslist.php
www.cool18.com/site/ 		649 B
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/site/diybbslist.php
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 / PHP/7.4.24
Resource Hash
cae4dd11f8a102396b3e4aa5a207dbf3189f6903b16de43f5ff532ce1182d32f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.cool18.com/parks.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 12:33:04 GMT
Server
nginx/1.21.3
Connection
keep-alive
X-Powered-By
PHP/7.4.24
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
iframe.php
img.86uk.com/ Frame 788C 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.86uk.com/iframe.php?id=cool18index46860l
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
57.128.64.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3095953.ip-57-128-64.eu
Software
nginx/1.14.1 / PHP/7.2.24
Resource Hash
24565fba243c1f943891126af6007d428e71a6c35ffab84d7cade149bfd7e333

Request headers

Referer
https://www.cool18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Tue, 25 Jul 2023 12:33:05 GMT
Server
nginx/1.14.1
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.24
iframe.php
img.86uk.com/ Frame DAF2 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.86uk.com/iframe.php?id=cool18index46860r
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
57.128.64.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3095953.ip-57-128-64.eu
Software
nginx/1.14.1 / PHP/7.2.24
Resource Hash
fc99538f9b380def1526134787bccf6c4f935845703a5f5ff00b5f1aca28b623

Request headers

Referer
https://www.cool18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Tue, 25 Jul 2023 12:33:05 GMT
Server
nginx/1.14.1
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.24
/
creative.xlviiirdr.com/widgets/v4/Universal/ Frame A895
Redirect Chain
  • https://go.xlviiirdr.com/i?campaignId=&creativeId=&modelsCountry=&modelsLanguage=&sourceId=&tag=girls%2Fchinese&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&liveBa...
  • https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideMod...
852 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
082f209297958ddbd7436129397fd654b302c5db346245d30dd9b6c4f2bd4f0f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.cool18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
6
alt-svc
h3=":443"; ma=86400
cache-control
max-age=10
cf-cache-status
HIT
cf-ray
7ec46de5d8f14bbf-YUL
content-encoding
br
content-type
text/html
date
Tue, 25 Jul 2023 12:33:04 GMT
expires
Tue, 25 Jul 2023 12:33:00 GMT
last-modified
Tue, 11 Jul 2023 07:23:00 GMT
pragma
public
report-to
{ "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
server
cloudflare
strict-transport-security
max-age=15768000
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ec46de518144bbf-YUL
content-length
0
date
Tue, 25 Jul 2023 12:33:04 GMT
location
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
server
cloudflare
iframe.php
img.86uk.com/ Frame 03C5 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.86uk.com/iframe.php?id=ch98090&k=%e6%80%a7%e8%b6%a3%e8%b4%b4%e5%9b%be%2c%e7%a7%81%e6%88%bf%e8%87%aa%e6%8b%8d%2c%e6%83%85%e8%89%b2%e9%9d%93%e5%bd%b1%2c%e6%88%90%e4%ba%ba%e5%bd%b1%e8%a7%86%2c%e7%a6%81%e5%bf%8c%e4%b9%a6%e5%b1%8b%2c%e6%80%a7%e8%b6%a3%e8%ae%ba%e5%9d%9b
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
57.128.64.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3095953.ip-57-128-64.eu
Software
nginx/1.14.1 / PHP/7.2.24
Resource Hash
c0ee5c31d3d43958c8a17525b0deae53e34dcce2bfa7b2b9457fbf20528f57db

Request headers

Referer
https://www.cool18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Tue, 25 Jul 2023 12:33:05 GMT
Server
nginx/1.14.1
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.24
2.gif
www.cool18.com/img/ 		10 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cool18.com/img/2.gif
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.cool18.com/parks.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 12:33:04 GMT
Last-Modified
Fri, 11 Sep 2020 02:12:48 GMT
Server
nginx/1.21.3
ETag
"5f5add20-a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10
gdpr_area.php
www.cool18.com/pub/ 		22 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/pub/gdpr_area.php?act=get&news_tmp_name=null=&scode=null
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/pub/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 / PHP/7.4.24
Resource Hash
5d048bbebe041b125fb9db770ef31a23df069c2dd493f11a007d872c751971d0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.cool18.com/parks.php
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 12:33:04 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
showuid
X-Powered-By
PHP/7.4.24
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
main.59f2cd55788c7e432eca.css
creative.xlviiirdr.com/widgets/v4/Universal/ Frame A895 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creative.xlviiirdr.com/widgets/v4/Universal/main.59f2cd55788c7e432eca.css
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4d09f6a50b6d96e7f22ab12f406dcf44be0d815105018cc5c7f1105fbf597f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 12:33:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 07:24:25 GMT
server
cloudflare
age
5
etag
W/"64ad03a9-3454"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10
cf-ray
7ec46de619344bbf-YUL
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jul 2023 12:33:05 GMT
main.59f2cd55788c7e432eca.js
creative.xlviiirdr.com/widgets/v4/Universal/ Frame A895 		270 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.xlviiirdr.com/widgets/v4/Universal/main.59f2cd55788c7e432eca.js
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c87993fd60ffd4954a5db8905b76c761972998ce8ebef65b81caedf82cab0adb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 12:33:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 07:24:25 GMT
server
cloudflare
age
5
etag
W/"64ad03a9-43856"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=10
cf-ray
7ec46de619374bbf-YUL
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jul 2023 12:33:03 GMT
en.json
creative.xlviiirdr.com/widgets/v4/Universal/lang/ Frame A895 		172 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://creative.xlviiirdr.com/widgets/v4/Universal/lang/en.json
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.59f2cd55788c7e432eca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 12:33:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 07:23:00 GMT
server
cloudflare
age
6
etag
W/"64ad0354-ac"
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=10
cf-ray
7ec46de6ad977151-YUL
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jul 2023 12:33:02 GMT
config
go.xlviiirdr.com/ Frame A895 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlviiirdr.com/config?url=https%3A%2F%2Fcreative.xlviiirdr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26autoplay%3Dall%26autoplayForce%3D1%26buttonColor%3D%26campaignId%3D%26creativeId%3D%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D0%26hideModelNameOnSmallSpots%3D0%26hideTitleOnSmallSpots%3D0%26isXhDesign%3D0%26liveBadgeColor%3D%26modelsCountry%3D%26modelsLanguage%3D%26showButton%3D0%26showLiveBadge%3D1%26showModelName%3D1%26showTitle%3D0%26sound%3Doff%26sourceId%3D%26tag%3Dgirls%252Fchinese%26targetDomain%3D%26thumbSizeKey%3Dbig%26thumbsMargin%3D%26trackOff%3D1%26userId%3Dcf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.59f2cd55788c7e432eca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7bd9136b784c3cd33cbb3ec0e94c6f1330c3001d5c7bde2a38becb019025578

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jul 2023 12:26:58 GMT
server
cloudflare
age
33
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
7ec46de6b93becee-YUL
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
video.ktkjmp.com/ Frame A895 		16 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video.ktkjmp.com/adsbygoogle.js
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.59f2cd55788c7e432eca.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:05 GMT
x-amz-version-id
eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
cf-cache-status
HIT
x-amz-request-id
3YWDQMM09WD97GA7
age
513
alt-svc
h3=":443"; ma=86400
content-length
16
x-amz-id-2
mF4b64FCntdG8P0cwcO9w/lXTNS55DDfrmhZW4LzMnWHucQN51ecRdTYOZ7zVlC95Oj0d1VIs+8=
last-modified
Thu, 10 Mar 2022 13:52:07 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
etag
"3d7f7a60216d40dea48e495fef6903c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://creative.xlviiirdr.com
cache-control
public, max-age=7200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ec46de6cf1833ef-YUL
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires
Tue, 25 Jul 2023 14:33:05 GMT
98090.gif
img.86uk.com/banners/mojoon/ Frame DAF2 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.86uk.com/banners/mojoon/98090.gif
Requested by
Host: img.86uk.com
URL: https://img.86uk.com/iframe.php?id=cool18index46860r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
57.128.64.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3095953.ip-57-128-64.eu
Software
nginx/1.14.1 /
Resource Hash
2a670649dfe1cc7349845ca81d3499d026525b7b2bcac99fb05923d7df56c354

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.86uk.com/iframe.php?id=cool18index46860r
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 12:33:05 GMT
Last-Modified
Sun, 14 May 2023 09:25:32 GMT
Server
nginx/1.14.1
ETag
"6460a90c-120b7"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73911
46860.gif
img.86uk.com/banners/xiaowuguilai/ Frame 788C 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.86uk.com/banners/xiaowuguilai/46860.gif
Requested by
Host: img.86uk.com
URL: https://img.86uk.com/iframe.php?id=cool18index46860l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
57.128.64.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3095953.ip-57-128-64.eu
Software
nginx/1.14.1 /
Resource Hash
df67ce3ac517f74c3ab142bd98884f128d4576bb2126f79a6a7b9a72c7347a0a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.86uk.com/iframe.php?id=cool18index46860l
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 12:33:05 GMT
Last-Modified
Wed, 07 Jun 2023 14:40:36 GMT
Server
nginx/1.14.1
ETag
"648096e4-bac0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47808
980270.jpg
img.86uk.com/banners/gg168/ Frame 03C5 		365 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.86uk.com/banners/gg168/980270.jpg
Requested by
Host: img.86uk.com
URL: https://img.86uk.com/iframe.php?id=ch98090&k=%e6%80%a7%e8%b6%a3%e8%b4%b4%e5%9b%be%2c%e7%a7%81%e6%88%bf%e8%87%aa%e6%8b%8d%2c%e6%83%85%e8%89%b2%e9%9d%93%e5%bd%b1%2c%e6%88%90%e4%ba%ba%e5%bd%b1%e8%a7%86%2c%e7%a6%81%e5%bf%8c%e4%b9%a6%e5%b1%8b%2c%e6%80%a7%e8%b6%a3%e8%ae%ba%e5%9d%9b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
57.128.64.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3095953.ip-57-128-64.eu
Software
nginx/1.14.1 /
Resource Hash
c03c4bbd0a71831edea23c29558e407f5a455d2b33d6f08b27ed2e90fa7708b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.86uk.com/iframe.php?id=ch98090&k=%e6%80%a7%e8%b6%a3%e8%b4%b4%e5%9b%be%2c%e7%a7%81%e6%88%bf%e8%87%aa%e6%8b%8d%2c%e6%83%85%e8%89%b2%e9%9d%93%e5%bd%b1%2c%e6%88%90%e4%ba%ba%e5%bd%b1%e8%a7%86%2c%e7%a6%81%e5%bf%8c%e4%b9%a6%e5%b1%8b%2c%e6%80%a7%e8%b6%a3%e8%ae%ba%e5%9d%9b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 12:33:05 GMT
Last-Modified
Thu, 06 Jul 2023 19:38:08 GMT
Server
nginx/1.14.1
ETag
"64a71820-5b571"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
374129
models
go.xlviiirdr.com/api/ Frame A895 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlviiirdr.com/api/models?tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=2&usePreroll&webp=1
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.59f2cd55788c7e432eca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
284f61f02644133b4cbd48d16671660856ae403b6833f90a63b48bfb285579c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jul 2023 12:32:56 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://creative.xlviiirdr.com
access-control-allow-credentials
true
cf-ray
7ec46de70e097151-YUL
alt-svc
h3=":443"; ma=86400
78140364_webp
img.strpst.com/thumbs/1690288320/ Frame A895 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.strpst.com/thumbs/1690288320/78140364_webp
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58eeb5d80e6496575676b44b761cf5448591de599327169f57aba10258a93248

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:05 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Jul 2023 12:31:45 GMT
server
cloudflare
age
55
etag
"9205ad8b553620f13e8ba59d04304080"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1800, s-maxage=1800
accept-ranges
bytes
cf-ray
7ec46de7fd664bd6-YUL
alt-svc
h3=":443"; ma=86400
content-length
5144
117376122_webp
img.strpst.com/thumbs/1690288320/ Frame A895 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.strpst.com/thumbs/1690288320/117376122_webp
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1dc8df3bce333043ce16dfc610bd124040b05b2bd05b73512443efd7e688330

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:05 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Jul 2023 12:31:38 GMT
server
cloudflare
age
55
etag
"0948af56e45b2f84ec1eac93338a17ac"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1800, s-maxage=1800
accept-ranges
bytes
cf-ray
7ec46de7fd684bd6-YUL
alt-svc
h3=":443"; ma=86400
content-length
25118
view
go.xlviiirdr.com/thumbs/ Frame A895 		289 B
388 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlviiirdr.com/thumbs/view
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.59f2cd55788c7e432eca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949fdfd8b5a86ca4addad781b12a78fa307bc56bfdc325ce81cea0123e12ab23

Request headers

Referer
https://creative.xlviiirdr.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 25 Jul 2023 12:33:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
*
cf-ray
7ec46de88b33ecee-YUL
alt-svc
h3=":443"; ma=86400
checkUrl
superchat.live/ Frame A895 		15 B
488 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superchat.live/checkUrl
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.59f2cd55788c7e432eca.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:311f::6812:3f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://creative.xlviiirdr.com
cf-ray
7ec46de99cf87150-YUL
alt-svc
h3=":443"; ma=86400
content-length
15
vendors~hls.9ec633be3d1b9138b261.js
creative.xlviiirdr.com/widgets/v4/Universal/ Frame A895 		174 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.59f2cd55788c7e432eca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29a025b7ae7794c89d85c8299963c7b2aef9f1d0bfc4bf5692c5c7a9276512ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 12:33:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 07:24:25 GMT
server
cloudflare
etag
W/"64ad03a9-2b6c9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=10
cf-ray
7ec46de9a9697151-YUL
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jul 2023 12:33:10 GMT
hls.4cfa5b780bfed20a8b26.js
creative.xlviiirdr.com/widgets/v4/Universal/ Frame A895 		61 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.xlviiirdr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.59f2cd55788c7e432eca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 12:33:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 07:24:25 GMT
server
cloudflare
etag
W/"64ad03a9-3d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=10
cf-ray
7ec46de9a96b7151-YUL
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jul 2023 12:33:08 GMT
checkDomainResult
go.xlviiirdr.com/ Frame A895 		0
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlviiirdr.com/checkDomainResult
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.59f2cd55788c7e432eca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://creative.xlviiirdr.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 25 Jul 2023 12:33:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ec46dea5cfaecee-YUL
alt-svc
h3=":443"; ma=86400
78140364_480p.m3u8
edge-hls.doppiocdn.org/hls/78140364/master/ Frame A895 		225 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge-hls.doppiocdn.org/hls/78140364/master/78140364_480p.m3u8
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.162.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
91ad2b792a8eea321d4c2654eebf66a8d40fcfe1ba9f10be2d47b92246a5b077

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:05 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 12:33:05 GMT
server
nginx
age
0
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
public, max-age=3, s-maxage=3
accept-ranges
bytes
timing-allow-origin
*
content-length
208
x-proxy-cache
HIT
78140364_480p.m3u8
b-hls-24.doppiocdn.org/hls/78140364/ Frame A895 		726 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-24.doppiocdn.org/hls/78140364/78140364_480p.m3u8
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.238.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
d0d978101b60f67a4550d769196344cc53a0b573f79d638ed16daf28dc183fe2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:05 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 12:33:05 GMT
server
nginx
age
0
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1
accept-ranges
bytes
timing-allow-origin
*
content-length
326
x-proxy-cache
HIT
78140364_480p_init_kGNvU1WEmmplye9u.mp4
b-hls-24.doppiocdn.org/hls/78140364/ Frame A895 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-24.doppiocdn.org/hls/78140364/78140364_480p_init_kGNvU1WEmmplye9u.mp4
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.238.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
4288be15407cf1badc349403be14ff86ad1075fa6830034bfec2363a9a3efc6a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:05 GMT
last-modified
Tue, 25 Jul 2023 11:42:54 GMT
server
nginx
age
4
etag
"64bfb53e-4c1"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
content-length
1217
06ce9b58-1846-4502-822c-901f16d5dfe0
https://creative.xlviiirdr.com/ Frame A895 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://creative.xlviiirdr.com/06ce9b58-1846-4502-822c-901f16d5dfe0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71870acd3c5fc3a95fd0c510a21e2fa7ad38ef00ca91613fb76f13df486137f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Length
62321
Content-Type
text/javascript
78140364_480p_1502_dvF6OC4nOxW0lRj7_1690288378.mp4
b-hls-24.doppiocdn.org/hls/78140364/ Frame A895 		312 KB
313 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-24.doppiocdn.org/hls/78140364/78140364_480p_1502_dvF6OC4nOxW0lRj7_1690288378.mp4
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.238.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
8b0e09d3f92b6b12b2573ac4b345f23b2a38f25f9040ff3d00fb1d11e9a20bc0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:05 GMT
last-modified
Tue, 25 Jul 2023 12:33:00 GMT
server
nginx
age
4
etag
"64bfc0fc-4e18c"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
content-length
319884
78140364_480p_1503_5fa0s3WTj4dpBTJh_1690288380.mp4
b-hls-24.doppiocdn.org/hls/78140364/ Frame A895 		314 KB
314 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-24.doppiocdn.org/hls/78140364/78140364_480p_1503_5fa0s3WTj4dpBTJh_1690288380.mp4
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.238.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
75dbfdd8e4db04ba71e2cffc418918283c86f2bb67d2861d3a26c20b70add455

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:05 GMT
last-modified
Tue, 25 Jul 2023 12:33:02 GMT
server
nginx
age
2
etag
"64bfc0fe-4e78f"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
content-length
321423
117376122_480p.m3u8
edge-hls.doppiocdn.org/hls/117376122/master/ Frame A895 		227 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge-hls.doppiocdn.org/hls/117376122/master/117376122_480p.m3u8
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.162.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
39ff9e646b4bf3638f2576a37f037e8055c4679d4773cc9594d095a6757055cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:05 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 12:33:05 GMT
server
nginx
age
0
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
public, max-age=3, s-maxage=3
accept-ranges
bytes
timing-allow-origin
*
content-length
212
x-proxy-cache
MISS
117376122_480p.m3u8
b-hls-09.doppiocdn.org/hls/117376122/ Frame A895 		734 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-09.doppiocdn.org/hls/117376122/117376122_480p.m3u8
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.161.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
df7354ac61d5562e4a90c3bd6faa78b51e1d823360dbce697d8d76a853c59442

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:06 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 12:33:06 GMT
server
nginx
age
0
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1
accept-ranges
bytes
timing-allow-origin
*
content-length
329
x-proxy-cache
HIT
78140364_480p_1504_QI1iFcGtDGDW9sqe_1690288382.mp4
b-hls-24.doppiocdn.org/hls/78140364/ Frame A895 		303 KB
304 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-24.doppiocdn.org/hls/78140364/78140364_480p_1504_QI1iFcGtDGDW9sqe_1690288382.mp4
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.238.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
76a353ab3730d181fb8a3cfb06f827f923efc8f440fd6aef310bae062758d13e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:05 GMT
last-modified
Tue, 25 Jul 2023 12:33:04 GMT
server
nginx
age
0
etag
"64bfc100-4bdad"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
content-length
310701
117376122_480p_init_jY3eb7ksyv5pM51V.mp4
b-hls-09.doppiocdn.org/hls/117376122/ Frame A895 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-09.doppiocdn.org/hls/117376122/117376122_480p_init_jY3eb7ksyv5pM51V.mp4
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.161.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
6a2cfa5c14c07db233340728a645402e0344fc9b5dd47623bc2a0bbc2e0b03a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:06 GMT
last-modified
Tue, 25 Jul 2023 11:20:34 GMT
server
nginx
age
108
etag
"64bfb002-4c2"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
content-length
1218
5d8a72e3-577d-43a8-9cf0-3b5e473de09c
https://creative.xlviiirdr.com/ Frame A895 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://creative.xlviiirdr.com/5d8a72e3-577d-43a8-9cf0-3b5e473de09c
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71870acd3c5fc3a95fd0c510a21e2fa7ad38ef00ca91613fb76f13df486137f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Length
62321
Content-Type
text/javascript
117376122_480p_2172_BnhcDTxvKcgiZf1p_1690288378.mp4
b-hls-09.doppiocdn.org/hls/117376122/ Frame A895 		274 KB
275 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-09.doppiocdn.org/hls/117376122/117376122_480p_2172_BnhcDTxvKcgiZf1p_1690288378.mp4
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.161.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
b1a15e944814c0a44e9bea831f1c007db5b61ed915edc98c7aa3f74265a4d569

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:06 GMT
last-modified
Tue, 25 Jul 2023 12:33:00 GMT
server
nginx
age
4
etag
"64bfc0fc-44956"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
content-length
280918
117376122_480p_2173_wWOzo2VssnPxFJha_1690288380.mp4
b-hls-09.doppiocdn.org/hls/117376122/ Frame A895 		305 KB
305 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-09.doppiocdn.org/hls/117376122/117376122_480p_2173_wWOzo2VssnPxFJha_1690288380.mp4
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.161.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
87ccbe33361d89de49959be77488f3f06be1f25f407bb0014bcf81d36f5763f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:06 GMT
last-modified
Tue, 25 Jul 2023 12:33:02 GMT
server
nginx
age
2
etag
"64bfc0fe-4c350"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
content-length
312144
117376122_480p_2174_E8INoCPOWAs6Gwcc_1690288382.mp4
b-hls-09.doppiocdn.org/hls/117376122/ Frame A895 		315 KB
316 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-09.doppiocdn.org/hls/117376122/117376122_480p_2174_E8INoCPOWAs6Gwcc_1690288382.mp4
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.161.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
d119793f49f7164ee67ec147e68abb2a2fe5aaa6fa6efa75e1d7cfa4cae6475b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:06 GMT
last-modified
Tue, 25 Jul 2023 12:33:04 GMT
server
nginx
age
1
etag
"64bfc100-4ecc6"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
content-length
322758
78140364_480p.m3u8
b-hls-24.doppiocdn.org/hls/78140364/ Frame A895 		726 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-24.doppiocdn.org/hls/78140364/78140364_480p.m3u8
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.238.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
dcf779755db7293f33e769043118a59a5dbb57925a408cd294f64fa8896a6d77

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:07 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 12:33:07 GMT
server
nginx
age
0
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1
accept-ranges
bytes
timing-allow-origin
*
content-length
323
x-proxy-cache
EXPIRED
78140364_480p_1505_DaUlTsDZfwcRyTW6_1690288384.mp4
b-hls-24.doppiocdn.org/hls/78140364/ Frame A895 		310 KB
310 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-24.doppiocdn.org/hls/78140364/78140364_480p_1505_DaUlTsDZfwcRyTW6_1690288384.mp4
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.238.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
ba857546c2a59d6f2a598f00e0212bd6b735b98921f734afe23c5ac4ec93fa2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:07 GMT
last-modified
Tue, 25 Jul 2023 12:33:06 GMT
server
nginx
age
0
etag
"64bfc102-4d72d"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
content-length
317229
117376122_480p.m3u8
b-hls-09.doppiocdn.org/hls/117376122/ Frame A895 		734 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-09.doppiocdn.org/hls/117376122/117376122_480p.m3u8
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.161.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
8dc44da87fe5be4fe558d5fea1edc711c4a0cc1404510fa6f242e5dd9cdc9ee7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:07 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 12:33:07 GMT
server
nginx
age
0
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1
accept-ranges
bytes
timing-allow-origin
*
content-length
326
x-proxy-cache
HIT
117376122_480p_2175_dAWS6k7qBkq7Z5BO_1690288384.mp4
b-hls-09.doppiocdn.org/hls/117376122/ Frame A895 		300 KB
300 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-09.doppiocdn.org/hls/117376122/117376122_480p_2175_dAWS6k7qBkq7Z5BO_1690288384.mp4
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.161.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
2f3ec843003a337870a6acc45f125a5eb1e01c4f6c4743830c4862ff2edf6cb0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:07 GMT
last-modified
Tue, 25 Jul 2023 12:33:06 GMT
server
nginx
age
0
etag
"64bfc102-4af7c"
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
content-length
307068
78140364_480p.m3u8
b-hls-24.doppiocdn.org/hls/78140364/ Frame A895 		726 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-24.doppiocdn.org/hls/78140364/78140364_480p.m3u8
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.9ec633be3d1b9138b261.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.238.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
dcf779755db7293f33e769043118a59a5dbb57925a408cd294f64fa8896a6d77

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 12:33:09 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 12:33:09 GMT
server
nginx
age
0
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1
accept-ranges
bytes
timing-allow-origin
*
content-length
323
x-proxy-cache
HIT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery function| setCookieGDPR function| getCookieGDPR function| addPrompt

2 Cookies

Domain/Path Name / Value
go.xlviiirdr.com/ Name: __cflb
Value: 02DiuDFRFiBZBvMSLtrtWS5dSf3dTPfP7C1kjHSkwSMX2
creative.xlviiirdr.com/ Name: __cflb
Value: 02DiuDFRFiBZBvMSLtrsEK7fDqK6EwaD7Lf33RtqwVpyz

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-hls-09.doppiocdn.org
b-hls-24.doppiocdn.org
creative.xlviiirdr.com
edge-hls.doppiocdn.org
go.xlviiirdr.com
img.86uk.com
img.strpst.com
superchat.live
video.ktkjmp.com
www.6park.com
www.cool18.com
135.148.209.1
2606:4700:3110::6812:3b96
2606:4700:3110::6812:3eeb
2606:4700:311f::6812:3f7c
2606:4700:311f::6812:3f82
51.81.2.58
57.128.64.234
8.252.161.121
8.252.162.249
8.252.238.249
082f209297958ddbd7436129397fd654b302c5db346245d30dd9b6c4f2bd4f0f
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750
0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3
24565fba243c1f943891126af6007d428e71a6c35ffab84d7cade149bfd7e333
284f61f02644133b4cbd48d16671660856ae403b6833f90a63b48bfb285579c8
29a025b7ae7794c89d85c8299963c7b2aef9f1d0bfc4bf5692c5c7a9276512ff
2a670649dfe1cc7349845ca81d3499d026525b7b2bcac99fb05923d7df56c354
2f3ec843003a337870a6acc45f125a5eb1e01c4f6c4743830c4862ff2edf6cb0
39ff9e646b4bf3638f2576a37f037e8055c4679d4773cc9594d095a6757055cc
4288be15407cf1badc349403be14ff86ad1075fa6830034bfec2363a9a3efc6a
58eeb5d80e6496575676b44b761cf5448591de599327169f57aba10258a93248
5d048bbebe041b125fb9db770ef31a23df069c2dd493f11a007d872c751971d0
64d9681fe7465a0a450cdb37dac81cadda84f34b85d0eae46ba0d7f4316dba71
6a2cfa5c14c07db233340728a645402e0344fc9b5dd47623bc2a0bbc2e0b03a7
71870acd3c5fc3a95fd0c510a21e2fa7ad38ef00ca91613fb76f13df486137f3
75dbfdd8e4db04ba71e2cffc418918283c86f2bb67d2861d3a26c20b70add455
76a353ab3730d181fb8a3cfb06f827f923efc8f440fd6aef310bae062758d13e
87ccbe33361d89de49959be77488f3f06be1f25f407bb0014bcf81d36f5763f9
8b0e09d3f92b6b12b2573ac4b345f23b2a38f25f9040ff3d00fb1d11e9a20bc0
8dc44da87fe5be4fe558d5fea1edc711c4a0cc1404510fa6f242e5dd9cdc9ee7
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
91ad2b792a8eea321d4c2654eebf66a8d40fcfe1ba9f10be2d47b92246a5b077
949fdfd8b5a86ca4addad781b12a78fa307bc56bfdc325ce81cea0123e12ab23
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
a4d09f6a50b6d96e7f22ab12f406dcf44be0d815105018cc5c7f1105fbf597f7
a73608ccf909815edca9aabed031784cdc36cd37c6448530346b7c376a8ec8f3
a7bd9136b784c3cd33cbb3ec0e94c6f1330c3001d5c7bde2a38becb019025578
b1a15e944814c0a44e9bea831f1c007db5b61ed915edc98c7aa3f74265a4d569
ba857546c2a59d6f2a598f00e0212bd6b735b98921f734afe23c5ac4ec93fa2e
c03c4bbd0a71831edea23c29558e407f5a455d2b33d6f08b27ed2e90fa7708b8
c0ee5c31d3d43958c8a17525b0deae53e34dcce2bfa7b2b9457fbf20528f57db
c1dc8df3bce333043ce16dfc610bd124040b05b2bd05b73512443efd7e688330
c87993fd60ffd4954a5db8905b76c761972998ce8ebef65b81caedf82cab0adb
ca821eeadb401c45fdc94b2986b9a23fe58363114552653ee156188f42e8f333
cae4dd11f8a102396b3e4aa5a207dbf3189f6903b16de43f5ff532ce1182d32f
d0d978101b60f67a4550d769196344cc53a0b573f79d638ed16daf28dc183fe2
d119793f49f7164ee67ec147e68abb2a2fe5aaa6fa6efa75e1d7cfa4cae6475b
dcf779755db7293f33e769043118a59a5dbb57925a408cd294f64fa8896a6d77
df67ce3ac517f74c3ab142bd98884f128d4576bb2126f79a6a7b9a72c7347a0a
df7354ac61d5562e4a90c3bd6faa78b51e1d823360dbce697d8d76a853c59442
e2482d68f0192b468c48898124437dbec07d656158ff0a79c5da30a876cf7f85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5
fc99538f9b380def1526134787bccf6c4f935845703a5f5ff00b5f1aca28b623