urlscan.io logo urlscan.io
SecurityTrails logo

www.cool18.com Open in urlscan Pro
135.148.209.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cool18.com/
Effective URL: https://www.cool18.com/parks.php
Submission Tags: @phish_report
Submission: On September 21 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 49 HTTP transactions. The main IP is 135.148.209.1, located in United States and belongs to OVH, FR. The main domain is www.cool18.com. The Cisco Umbrella rank of the primary domain is 304516.
TLS certificate: Issued by Thawte TLS RSA CA G1 on June 7th 2023. Valid for: a year.
This is the only time www.cool18.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 135.148.209.1 16276 (OVH)
1 51.81.2.58 16276 (OVH)
6 57.128.64.234 16276 (OVH)
11 2606:4700:311... 13335 (CLOUDFLAR...)
1 2606:4700:311... 13335 (CLOUDFLAR...)
2 2606:4700:311... 13335 (CLOUDFLAR...)
1 2606:4700:311... 13335 (CLOUDFLAR...)
4 2606:4700:311... 13335 (CLOUDFLAR...)
14 2606:4700:311... 13335 (CLOUDFLAR...)
49 10
9    135.148.209.1 (United States)

ASN16276 (OVH, FR)
PTR: ip1.ip-135-148-209.us
cool18.com
www.cool18.com
1    51.81.2.58 (United States)

ASN16276 (OVH, FR)
PTR: ip58.ip-51-81-2.us
www.6park.com
6    57.128.64.234 (France)

ASN16276 (OVH, FR)
PTR: ns3095953.ip-57-128-64.eu
img.86uk.com
11    2606:4700:3110::6812:3b96 (United States)

ASN13335 (CLOUDFLARENET, US)
creative.xlirdr.com
go.xlirdr.com
1    2606:4700:3110::6812:3015 (United States)

ASN13335 (CLOUDFLARENET, US)
video.ktkjmp.com
2    2606:4700:311f::6812:3f7c (United States)

ASN13335 (CLOUDFLARENET, US)
img.strpst.com
1    2606:4700:311f::6812:3f7e (United States)

ASN13335 (CLOUDFLARENET, US)
strp.chat
4    2606:4700:311f::6812:3f7a (United States)

ASN13335 (CLOUDFLARENET, US)
edge-hls.doppiocdn.com
b-hls-04.doppiocdn.com
b-hls-13.doppiocdn.com
14    2606:4700:311f::6812:3f86 (United States)

ASN13335 (CLOUDFLARENET, US)
b-hls-04.doppiocdn.com
edge-hls.doppiocdn.com
b-hls-13.doppiocdn.com
Apex Domain
Subdomains		 Transfer
18 doppiocdn.com
edge-hls.doppiocdn.com — Cisco Umbrella Rank: 13155
b-hls-04.doppiocdn.com — Cisco Umbrella Rank: 68215
b-hls-13.doppiocdn.com — Cisco Umbrella Rank: 65494
3 MB
11 xlirdr.com
creative.xlirdr.com — Cisco Umbrella Rank: 15065
go.xlirdr.com — Cisco Umbrella Rank: 12487
141 KB
9 cool18.com
cool18.com — Cisco Umbrella Rank: 284333
www.cool18.com — Cisco Umbrella Rank: 304516
107 KB
6 86uk.com
img.86uk.com — Cisco Umbrella Rank: 209849
329 KB
2 strpst.com
img.strpst.com — Cisco Umbrella Rank: 5680
31 KB
1 strp.chat
strp.chat — Cisco Umbrella Rank: 44638
286 B
1 ktkjmp.com
video.ktkjmp.com — Cisco Umbrella Rank: 8592
671 B
1 6park.com
www.6park.com — Cisco Umbrella Rank: 210479
2 KB
49 8
Domain Requested by
9 b-hls-04.doppiocdn.com creative.xlirdr.com
8 www.cool18.com 1 redirects www.cool18.com
7 b-hls-13.doppiocdn.com creative.xlirdr.com
6 creative.xlirdr.com www.cool18.com
creative.xlirdr.com
6 img.86uk.com www.cool18.com
img.86uk.com
5 go.xlirdr.com creative.xlirdr.com
2 edge-hls.doppiocdn.com creative.xlirdr.com
2 img.strpst.com
1 strp.chat creative.xlirdr.com
1 video.ktkjmp.com creative.xlirdr.com
1 www.6park.com www.cool18.com
1 cool18.com 1 redirects
49 12
Subject Issuer Validity Valid
*.cool18.com
Thawte TLS RSA CA G1		 2023-06-07 -
2024-06-09		 a year crt.sh
*.6park.com
GeoTrust TLS RSA CA G1		 2023-06-09 -
2024-06-11		 a year crt.sh
img.86uk.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-24 -
2023-12-24		 a year crt.sh
xlirdr.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-01		 a year crt.sh
video.ktkjmp.com
Cloudflare Inc ECC CA-3		 2023-07-02 -
2024-07-01		 a year crt.sh
img.strpst.com
Cloudflare Inc ECC CA-3		 2023-04-03 -
2024-04-02		 a year crt.sh
strp.chat
Cloudflare Inc RSA CA-2		 2022-11-23 -
2023-11-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-21 -
2024-01-21		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.cool18.com/parks.php
Frame ID: 413E02704B89BC2D8A4A88F9C747A936
Requests: 8 HTTP requests in this frame

Frame: https://img.86uk.com/iframe.php?id=cool18index46860l
Frame ID: D44C867F90292A1F246409983BCF35A3
Requests: 2 HTTP requests in this frame

Frame: https://img.86uk.com/iframe.php?id=cool18index46860r
Frame ID: 65DFC2F6D74799F54A440DC8DFBEA7B9
Requests: 2 HTTP requests in this frame

Frame: https://creative.xlirdr.com/widgets/v4/Universal?campaignId=newSlider&tag=girls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62&forceClient=0&autoplay=all&autoplayForce=1
Frame ID: 4CC7528CBD95CB0EC9028C4C9F7C0113
Requests: 35 HTTP requests in this frame

Frame: https://img.86uk.com/iframe.php?id=ch98090&k=%e6%80%a7%e8%b6%a3%e8%b4%b4%e5%9b%be%2c%e7%a7%81%e6%88%bf%e8%87%aa%e6%8b%8d%2c%e6%83%85%e8%89%b2%e9%9d%93%e5%bd%b1%2c%e6%88%90%e4%ba%ba%e5%bd%b1%e8%a7%86%2c%e7%a6%81%e5%bf%8c%e4%b9%a6%e5%b1%8b%2c%e6%80%a7%e8%b6%a3%e8%ae%ba%e5%9d%9b
Frame ID: 988BE2760E331DAD0E346C2D3983DE45
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

酷18 cool18.com

Page URL History Show full URLs

  1. http://cool18.com/ HTTP 302
    https://www.cool18.com/ HTTP 302
    https://www.cool18.com/parks.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

96 %
HTTPS

67 %
IPv6

8
Domains

12
Subdomains

10
IPs

2
Countries

3437 kB
Transfer

3906 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cool18.com/ HTTP 302
    https://www.cool18.com/ HTTP 302
    https://www.cool18.com/parks.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request parks.php
www.cool18.com/
Redirect Chain
  • http://cool18.com/
  • https://www.cool18.com/
  • https://www.cool18.com/parks.php
28 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 / PHP/7.4.24
Resource Hash
a438943eff5147dc0c1d71836672cdd68b8b3c095ddb561f092b10cbac091c5b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 21:16:17 GMT
Server
nginx/1.21.3
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.24

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 21:16:17 GMT
Location
https://www.cool18.com/parks.php
Server
nginx/1.21.3
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.24
jquery-1.11.1.min.js
www.cool18.com/pub/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/pub/jquery-1.11.1.min.js
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.cool18.com/parks.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 21:16:18 GMT
Last-Modified
Fri, 11 Sep 2020 02:12:51 GMT
Server
nginx/1.21.3
ETag
"5f5add23-1762e"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95790
prompt.css
www.cool18.com/pub/ 		1 KB
800 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/pub/prompt.css
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 /
Resource Hash
a73608ccf909815edca9aabed031784cdc36cd37c6448530346b7c376a8ec8f3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.cool18.com/parks.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 21:16:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Sep 2020 02:12:51 GMT
Server
nginx/1.21.3
ETag
W/"5f5add23-483"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
gdpr.js
www.cool18.com/pub/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/pub/gdpr.js
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 /
Resource Hash
e2482d68f0192b468c48898124437dbec07d656158ff0a79c5da30a876cf7f85

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.cool18.com/parks.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 21:16:18 GMT
Last-Modified
Fri, 11 Sep 2020 02:12:51 GMT
Server
nginx/1.21.3
ETag
"5f5add23-d12"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3346
aimain.php
www.6park.com/pub/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.6park.com/pub/aimain.php?act=sitemap
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.81.2.58 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip58.ip-51-81-2.us
Software
nginx/1.21.3 / PHP/7.4.25
Resource Hash
408d3244aefc43d887b6e38c2f4ddf27eb5fd3f9afb124d22a444add154ab494

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.cool18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 21:16:18 GMT
Server
nginx/1.21.3
Connection
keep-alive
X-Powered-By
PHP/7.4.25
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
diybbslist.php
www.cool18.com/site/ 		649 B
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/site/diybbslist.php
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 / PHP/7.4.24
Resource Hash
7c8c1ca66d04c50e0aa89d509c1be62b4d928a5cc3089492488950f56bb612d4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.cool18.com/parks.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 21:16:18 GMT
Server
nginx/1.21.3
Connection
keep-alive
X-Powered-By
PHP/7.4.24
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
iframe.php
img.86uk.com/ Frame D44C 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.86uk.com/iframe.php?id=cool18index46860l
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
57.128.64.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3095953.ip-57-128-64.eu
Software
nginx/1.14.1 / PHP/7.2.24
Resource Hash
d0f029303ca0816690a63833e2777a8c7ce5d2aae2af8dba96457ad21c1a05ee

Request headers

Referer
https://www.cool18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Sep 2023 21:16:18 GMT
Server
nginx/1.14.1
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.24
iframe.php
img.86uk.com/ Frame 65DF 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.86uk.com/iframe.php?id=cool18index46860r
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
57.128.64.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3095953.ip-57-128-64.eu
Software
nginx/1.14.1 / PHP/7.2.24
Resource Hash
fc99538f9b380def1526134787bccf6c4f935845703a5f5ff00b5f1aca28b623

Request headers

Referer
https://www.cool18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Sep 2023 21:16:18 GMT
Server
nginx/1.14.1
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.24
Universal
creative.xlirdr.com/widgets/v4/ Frame 4CC7 		811 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/v4/Universal?campaignId=newSlider&tag=girls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62&forceClient=0&autoplay=all&autoplayForce=1
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd23f41debfe695da41958a7f2d1832f6fe2d6857645bb0f6cd8d6b31b2949a2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.cool18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
age
3
alt-svc
h3=":443"; ma=86400
cache-control
max-age=10
cf-cache-status
HIT
cf-ray
80a554152fbbd97b-HEL
content-encoding
br
content-type
text/html
date
Thu, 21 Sep 2023 21:16:18 GMT
expires
Thu, 21 Sep 2023 21:16:16 GMT
last-modified
Thu, 14 Sep 2023 12:16:52 GMT
pragma
public
report-to
{ "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
server
cloudflare
strict-transport-security
max-age=15768000
vary
Accept-Encoding
iframe.php
img.86uk.com/ Frame 988B 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.86uk.com/iframe.php?id=ch98090&k=%e6%80%a7%e8%b6%a3%e8%b4%b4%e5%9b%be%2c%e7%a7%81%e6%88%bf%e8%87%aa%e6%8b%8d%2c%e6%83%85%e8%89%b2%e9%9d%93%e5%bd%b1%2c%e6%88%90%e4%ba%ba%e5%bd%b1%e8%a7%86%2c%e7%a6%81%e5%bf%8c%e4%b9%a6%e5%b1%8b%2c%e6%80%a7%e8%b6%a3%e8%ae%ba%e5%9d%9b
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
57.128.64.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3095953.ip-57-128-64.eu
Software
nginx/1.14.1 / PHP/7.2.24
Resource Hash
db2dc7ce797a8fafb36dc556affd061bd1d0b90bdedda999e70dc2f2c3174712

Request headers

Referer
https://www.cool18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Sep 2023 21:16:18 GMT
Server
nginx/1.14.1
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.24
2.gif
www.cool18.com/img/ 		10 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cool18.com/img/2.gif
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.cool18.com/parks.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 21:16:18 GMT
Last-Modified
Fri, 11 Sep 2020 02:12:48 GMT
Server
nginx/1.21.3
ETag
"5f5add20-a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10
main.db756385c0227d15048c.css
creative.xlirdr.com/widgets/v4/Universal/ Frame 4CC7 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/v4/Universal/main.db756385c0227d15048c.css
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal?campaignId=newSlider&tag=girls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62&forceClient=0&autoplay=all&autoplayForce=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4d09f6a50b6d96e7f22ab12f406dcf44be0d815105018cc5c7f1105fbf597f7

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/widgets/v4/Universal?campaignId=newSlider&tag=girls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62&forceClient=0&autoplay=all&autoplayForce=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
public
date
Thu, 21 Sep 2023 21:16:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 14 Sep 2023 12:18:22 GMT
server
cloudflare
age
3
etag
W/"6502fa0e-3454"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10
cf-ray
80a55415885fd97b-HEL
alt-svc
h3=":443"; ma=86400
expires
Thu, 21 Sep 2023 21:16:21 GMT
main.db756385c0227d15048c.js
creative.xlirdr.com/widgets/v4/Universal/ Frame 4CC7 		275 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/v4/Universal/main.db756385c0227d15048c.js
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal?campaignId=newSlider&tag=girls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62&forceClient=0&autoplay=all&autoplayForce=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
666e3947ae0dcce038aaaa66e84f279b3de1d89fda0cb88fcbf6fa34cc84c0a4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/widgets/v4/Universal?campaignId=newSlider&tag=girls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62&forceClient=0&autoplay=all&autoplayForce=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
public
date
Thu, 21 Sep 2023 21:16:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 14 Sep 2023 12:18:22 GMT
server
cloudflare
age
9
etag
W/"6502fa0e-44c22"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=10
cf-ray
80a554159863d97b-HEL
alt-svc
h3=":443"; ma=86400
expires
Thu, 21 Sep 2023 21:16:11 GMT
46860.gif
img.86uk.com/banners/xiaowuguilai/ Frame D44C 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.86uk.com/banners/xiaowuguilai/46860.gif
Requested by
Host: img.86uk.com
URL: https://img.86uk.com/iframe.php?id=cool18index46860l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
57.128.64.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3095953.ip-57-128-64.eu
Software
nginx/1.14.1 /
Resource Hash
df67ce3ac517f74c3ab142bd98884f128d4576bb2126f79a6a7b9a72c7347a0a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://img.86uk.com/iframe.php?id=cool18index46860l
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 21:16:18 GMT
Last-Modified
Wed, 07 Jun 2023 14:40:36 GMT
Server
nginx/1.14.1
ETag
"648096e4-bac0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47808
98090.gif
img.86uk.com/banners/mojoon/ Frame 65DF 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.86uk.com/banners/mojoon/98090.gif
Requested by
Host: img.86uk.com
URL: https://img.86uk.com/iframe.php?id=cool18index46860r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
57.128.64.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3095953.ip-57-128-64.eu
Software
nginx/1.14.1 /
Resource Hash
2a670649dfe1cc7349845ca81d3499d026525b7b2bcac99fb05923d7df56c354

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://img.86uk.com/iframe.php?id=cool18index46860r
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 21:16:18 GMT
Last-Modified
Sun, 14 May 2023 09:25:32 GMT
Server
nginx/1.14.1
ETag
"6460a90c-120b7"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73911
en.json
creative.xlirdr.com/widgets/v4/Universal/lang/ Frame 4CC7 		172 B
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/v4/Universal/lang/en.json
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/main.db756385c0227d15048c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/widgets/v4/Universal?campaignId=newSlider&tag=girls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62&forceClient=0&autoplay=all&autoplayForce=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
public
date
Thu, 21 Sep 2023 21:16:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 14 Sep 2023 12:16:52 GMT
server
cloudflare
age
0
etag
W/"6502f9b4-ac"
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=10
cf-ray
80a55416bff24e12-HEL
alt-svc
h3=":443"; ma=86400
expires
Thu, 21 Sep 2023 21:16:23 GMT
config
go.xlirdr.com/ Frame 4CC7 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fv4%2FUniversal%3FcampaignId%3DnewSlider%26tag%3Dgirls%252Fchinese%252Cgirls%252Fjapanese%26thumbsMargin%3D5%26hideButton%3D1%26hideTitle%3D1%26userId%3Dcf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62%26forceClient%3D0%26autoplay%3Dall%26autoplayForce%3D1
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/main.db756385c0227d15048c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cedfc0954b22d827d5c66ad5dbf7d547079afe69904172aa1ebc2e9fc74d8284

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:18 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 21 Sep 2023 19:27:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://creative.xlirdr.com
cf-ray
80a554172d19d947-HEL
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
video.ktkjmp.com/ Frame 4CC7 		16 B
671 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video.ktkjmp.com/adsbygoogle.js
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/main.db756385c0227d15048c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:18 GMT
x-amz-version-id
eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
cf-cache-status
HIT
x-amz-request-id
D5A8E55T31XXGFXD
age
1396
alt-svc
h3=":443"; ma=86400
content-length
16
x-amz-id-2
ccK/1i16xiC8HLAl5zLM+yAY4aWmKqMNWAdX2n7+BFQsk9F+LBkUFE7lx6JfPKs+IQRMkU8fG64=
last-modified
Thu, 10 Mar 2022 13:52:07 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
etag
"3d7f7a60216d40dea48e495fef6903c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://creative.xlirdr.com
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
80a554173d39d95b-HEL
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires
Fri, 22 Sep 2023 01:16:18 GMT
980270.jpg
img.86uk.com/banners/ukbanyou/ Frame 988B 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.86uk.com/banners/ukbanyou/980270.jpg
Requested by
Host: img.86uk.com
URL: https://img.86uk.com/iframe.php?id=ch98090&k=%e6%80%a7%e8%b6%a3%e8%b4%b4%e5%9b%be%2c%e7%a7%81%e6%88%bf%e8%87%aa%e6%8b%8d%2c%e6%83%85%e8%89%b2%e9%9d%93%e5%bd%b1%2c%e6%88%90%e4%ba%ba%e5%bd%b1%e8%a7%86%2c%e7%a6%81%e5%bf%8c%e4%b9%a6%e5%b1%8b%2c%e6%80%a7%e8%b6%a3%e8%ae%ba%e5%9d%9b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
57.128.64.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3095953.ip-57-128-64.eu
Software
nginx/1.14.1 /
Resource Hash
80a3a82064421f5213982d5034b4b092bf1c8bb20483880f8067e0bbb1a90643

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://img.86uk.com/iframe.php?id=ch98090&k=%e6%80%a7%e8%b6%a3%e8%b4%b4%e5%9b%be%2c%e7%a7%81%e6%88%bf%e8%87%aa%e6%8b%8d%2c%e6%83%85%e8%89%b2%e9%9d%93%e5%bd%b1%2c%e6%88%90%e4%ba%ba%e5%bd%b1%e8%a7%86%2c%e7%a6%81%e5%bf%8c%e4%b9%a6%e5%b1%8b%2c%e6%80%a7%e8%b6%a3%e8%ae%ba%e5%9d%9b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 21:16:18 GMT
Last-Modified
Mon, 10 Jul 2023 21:15:34 GMT
Server
nginx/1.14.1
ETag
"64ac74f6-32b23"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
207651
gdpr_area.php
www.cool18.com/pub/ 		22 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/pub/gdpr_area.php?act=get&news_tmp_name=null=&scode=null
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/pub/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 / PHP/7.4.24
Resource Hash
a8309f2660574663ac2c0840ed70a7def033f373ab5c94791b2acf3a2042cec9

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.cool18.com/parks.php
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 21:16:18 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
showuid
X-Powered-By
PHP/7.4.24
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
models
go.xlirdr.com/api/ Frame 4CC7 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlirdr.com/api/models?tag=girls%2Fchinese%2Cgirls%2Fjapanese&forceClient=0&stripcashR=0&limit=2&usePreroll&webp=1
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/main.db756385c0227d15048c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d20dce0dd4a97b68c94bf637096fbabfaccbf685295265704097c20ae83d465

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 Sep 2023 21:16:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://creative.xlirdr.com
access-control-allow-credentials
true
cf-ray
80a55417d9924e12-HEL
alt-svc
h3=":443"; ma=86400
104754461_webp
img.strpst.com/thumbs/1695330930/ Frame 4CC7 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.strpst.com/thumbs/1695330930/104754461_webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7da2200ec2a5215230c787473e6c3d5f46c99e25e417a3d4a0cee3fc43db802

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:18 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:15:02 GMT
server
cloudflare
age
25
etag
"0a6f7a491b9d630be788507d3ff10cde"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1800, s-maxage=1800
accept-ranges
bytes
cf-ray
80a55418f8eadf68-HEL
alt-svc
h3=":443"; ma=86400
content-length
10526
74768272_webp
img.strpst.com/thumbs/1695330930/ Frame 4CC7 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.strpst.com/thumbs/1695330930/74768272_webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8f79974dc76d2f30757ed4f2b3f36ad680919668961687d8a9a9398c547c5aa

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:18 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:14:42 GMT
server
cloudflare
age
25
etag
"cf9a49292f02cd0072e1cfdfa1d207e6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1800, s-maxage=1800
accept-ranges
bytes
cf-ray
80a55418f8ecdf68-HEL
alt-svc
h3=":443"; ma=86400
content-length
20664
abc.gif
go.xlirdr.com/ Frame 4CC7 		103 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.xlirdr.com/abc.gif?campaignId=newSlider&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62&modelsLimit=2&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&language=en&thumbFit=cover&quality=original&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=2&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fwww.cool18.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A355.79999923706055%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A146.10000228881836%2C%22duration%22%3A44.5%2C%22transferSize%22%3A4541%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A146.60000228881836%2C%22duration%22%3A86.0999984741211%2C%22transferSize%22%3A80404%7D%5D&mh=1843272798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:18 GMT
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server
cloudflare
content-type
image/gif
cf-ray
80a554187a814e12-HEL
alt-svc
h3=":443"; ma=86400
content-length
103
view
go.xlirdr.com/thumbs/ Frame 4CC7 		285 B
339 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlirdr.com/thumbs/view
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/main.db756385c0227d15048c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80a7cbb94e8ba48fc1d44eb70577fd01662be031fd40a776e7bed496b0c53a73

Request headers

Referer
https://creative.xlirdr.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 21 Sep 2023 21:16:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server
cloudflare
content-type
application/json
access-control-allow-origin
https://creative.xlirdr.com
cf-ray
80a554193fb5d947-HEL
alt-svc
h3=":443"; ma=86400
checkUrl
strp.chat/ Frame 4CC7 		15 B
286 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://strp.chat/checkUrl
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/main.db756385c0227d15048c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:311f::6812:3f7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5

Request headers

Accept-Language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://creative.xlirdr.com
cf-ray
80a5541a2ed44c79-HEL
alt-svc
h3=":443"; ma=86400
content-length
15
vendors~hls.13f01a3a9d7e36c14415.js
creative.xlirdr.com/widgets/v4/Universal/ Frame 4CC7 		174 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/main.db756385c0227d15048c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b83266dde6fa2870ddc1cc812233d8baa03727cd4d65733ed5ee7a4fbb4490

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/widgets/v4/Universal?campaignId=newSlider&tag=girls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62&forceClient=0&autoplay=all&autoplayForce=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
public
date
Thu, 21 Sep 2023 21:16:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 14 Sep 2023 12:18:22 GMT
server
cloudflare
age
5
etag
W/"6502fa0e-2b6c9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=10
cf-ray
80a5541a5cbc4e12-HEL
alt-svc
h3=":443"; ma=86400
expires
Thu, 21 Sep 2023 21:16:15 GMT
hls.4cfa5b780bfed20a8b26.js
creative.xlirdr.com/widgets/v4/Universal/ Frame 4CC7 		61 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/main.db756385c0227d15048c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/widgets/v4/Universal?campaignId=newSlider&tag=girls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62&forceClient=0&autoplay=all&autoplayForce=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
public
date
Thu, 21 Sep 2023 21:16:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 14 Sep 2023 12:18:22 GMT
server
cloudflare
age
5
etag
W/"6502fa0e-3d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=10
cf-ray
80a5541a5cbd4e12-HEL
alt-svc
h3=":443"; ma=86400
expires
Thu, 21 Sep 2023 21:16:14 GMT
checkDomainResult
go.xlirdr.com/ Frame 4CC7 		0
383 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlirdr.com/checkDomainResult
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/main.db756385c0227d15048c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://creative.xlirdr.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://creative.xlirdr.com
date
Thu, 21 Sep 2023 21:16:19 GMT
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server
cloudflare
cf-ray
80a5541abe02d933-HEL
alt-svc
h3=":443"; ma=86400
104754461_480p.m3u8
edge-hls.doppiocdn.com/hls/104754461/master/ Frame 4CC7 		227 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge-hls.doppiocdn.com/hls/104754461/master/104754461_480p.m3u8
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:311f::6812:3f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e41296bfd302014ba5da016bd6d9dde22c5d47fdbae01be14fa54c1c82fe0dda

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
public, max-age=3, s-maxage=3
timing-allow-origin
*
cf-ray
80a5541bc9653767-HEL
alt-svc
h3=":443"; ma=86400
x-proxy-cache
MISS
104754461_480p.m3u8
b-hls-04.doppiocdn.com/hls/104754461/ Frame 4CC7 		730 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-04.doppiocdn.com/hls/104754461/104754461_480p.m3u8
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:311f::6812:3f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
629acc99977cb0db372e240e7b84166b64620aae27707f37d50bc7edfa87a221

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:18 GMT
server
cloudflare
age
0
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1
timing-allow-origin
*
cf-ray
80a5541c59ed3767-HEL
alt-svc
h3=":443"; ma=86400
x-proxy-cache
MISS
104754461_480p_init_i8r8gJbSkArODEhh.mp4
b-hls-04.doppiocdn.com/hls/104754461/ Frame 4CC7 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-04.doppiocdn.com/hls/104754461/104754461_480p_init_i8r8gJbSkArODEhh.mp4
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:311f::6812:3f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2cfa5c14c07db233340728a645402e0344fc9b5dd47623bc2a0bbc2e0b03a7

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:19 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 20:45:55 GMT
server
cloudflare
age
25
etag
"650cab83-4c2"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80a5541caa2e3767-HEL
content-length
1218
alt-svc
h3=":443"; ma=86400
c9a0508e-d45b-405b-9420-4c3a2f1afca3
https://creative.xlirdr.com/ Frame 4CC7 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://creative.xlirdr.com/c9a0508e-d45b-405b-9420-4c3a2f1afca3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71870acd3c5fc3a95fd0c510a21e2fa7ad38ef00ca91613fb76f13df486137f3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length
62321
Content-Type
text/javascript
104754461_480p_908_O0nA82IJVaNaOE7F_1695330971.mp4
b-hls-04.doppiocdn.com/hls/104754461/ Frame 4CC7 		312 KB
313 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-04.doppiocdn.com/hls/104754461/104754461_480p_908_O0nA82IJVaNaOE7F_1695330971.mp4
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:311f::6812:3f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe1d7a6f7d605279ab1ced0f24b0ec047700c96228401963b8085af0e8da620c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:19 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:13 GMT
server
cloudflare
age
4
etag
"650cb29d-4e144"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80a5541cfa7bd91e-HEL
content-length
319812
alt-svc
h3=":443"; ma=86400
104754461_480p_909_Kbh70Xz0NBeAtsuh_1695330973.mp4
b-hls-04.doppiocdn.com/hls/104754461/ Frame 4CC7 		303 KB
303 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-04.doppiocdn.com/hls/104754461/104754461_480p_909_Kbh70Xz0NBeAtsuh_1695330973.mp4
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:311f::6812:3f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92c7cd83bae62f118f235526dc36fd57d4253db175ba94d9f8bb86e249b1efe6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:19 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:15 GMT
server
cloudflare
age
2
etag
"650cb29f-4ba48"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80a5541e6c83d91e-HEL
content-length
309832
alt-svc
h3=":443"; ma=86400
74768272_480p.m3u8
edge-hls.doppiocdn.com/hls/74768272/master/ Frame 4CC7 		225 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge-hls.doppiocdn.com/hls/74768272/master/74768272_480p.m3u8
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:311f::6812:3f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80bb77667fc5a4dd8899236c61fb83957e50f7c836cac33c4bf0f7f138edb802

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
public, max-age=3, s-maxage=3
timing-allow-origin
*
cf-ray
80a5541e7c8ad91e-HEL
alt-svc
h3=":443"; ma=86400
x-proxy-cache
MISS
104754461_480p_910_Hdw6Z70yfxhe5tOV_1695330975.mp4
b-hls-04.doppiocdn.com/hls/104754461/ Frame 4CC7 		319 KB
319 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-04.doppiocdn.com/hls/104754461/104754461_480p_910_Hdw6Z70yfxhe5tOV_1695330975.mp4
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:311f::6812:3f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5d7dca089ef235f19604ada6d6a7ddc4545815c4646bbad4851491ed8488b86

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:19 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:17 GMT
server
cloudflare
age
0
etag
"650cb2a1-4fbc2"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80a5541eed2ad91e-HEL
content-length
326594
alt-svc
h3=":443"; ma=86400
74768272_480p.m3u8
b-hls-13.doppiocdn.com/hls/74768272/ Frame 4CC7 		722 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-13.doppiocdn.com/hls/74768272/74768272_480p.m3u8
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:311f::6812:3f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a8d3d57ea87b0c1d3e808f1eba322e1e7d004e3da3bc9e118c683f9a456fa84

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:17 GMT
server
cloudflare
age
0
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1
timing-allow-origin
*
cf-ray
80a5541efc543767-HEL
alt-svc
h3=":443"; ma=86400
x-proxy-cache
MISS
74768272_480p_init_hf2k5NbpyJptU0Ri.mp4
b-hls-13.doppiocdn.com/hls/74768272/ Frame 4CC7 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-13.doppiocdn.com/hls/74768272/74768272_480p_init_hf2k5NbpyJptU0Ri.mp4
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:311f::6812:3f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5aeda6883991e46d812c1ffc23796c3dd3dbd2e05791ec83f26b31a36182536

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:19 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:10:20 GMT
server
cloudflare
age
6
etag
"650cb13c-4c1"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80a5541f4da3d91e-HEL
content-length
1217
alt-svc
h3=":443"; ma=86400
d92bb1ca-5a2e-400b-b07d-4c31790cfbb7
https://creative.xlirdr.com/ Frame 4CC7 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://creative.xlirdr.com/d92bb1ca-5a2e-400b-b07d-4c31790cfbb7
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71870acd3c5fc3a95fd0c510a21e2fa7ad38ef00ca91613fb76f13df486137f3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length
62321
Content-Type
text/javascript
74768272_480p_180_hOiVZ5yawbOho7aa_1695330970.mp4
b-hls-13.doppiocdn.com/hls/74768272/ Frame 4CC7 		317 KB
318 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-13.doppiocdn.com/hls/74768272/74768272_480p_180_hOiVZ5yawbOho7aa_1695330970.mp4
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:311f::6812:3f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c36ca2778925a9d0821a78e4212bfef00c8804715ecf7691a5c2794821cea00

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:19 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:12 GMT
server
cloudflare
age
3
etag
"650cb29c-4f5d2"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80a5541f8debd91e-HEL
content-length
325074
alt-svc
h3=":443"; ma=86400
74768272_480p_181_fGNi6HwEugCMNXOR_1695330972.mp4
b-hls-13.doppiocdn.com/hls/74768272/ Frame 4CC7 		312 KB
312 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-13.doppiocdn.com/hls/74768272/74768272_480p_181_fGNi6HwEugCMNXOR_1695330972.mp4
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:311f::6812:3f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e02267ce2a4511973601a33841f922218c3270066ddd6a756ce8d80c8aa9f98

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:19 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:14 GMT
server
cloudflare
age
1
etag
"650cb29e-4e087"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80a554202f08d91e-HEL
content-length
319623
alt-svc
h3=":443"; ma=86400
74768272_480p_182_5J24Fp7WUNM3OG8R_1695330974.mp4
b-hls-13.doppiocdn.com/hls/74768272/ Frame 4CC7 		284 KB
284 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-13.doppiocdn.com/hls/74768272/74768272_480p_182_5J24Fp7WUNM3OG8R_1695330974.mp4
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:311f::6812:3f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c6cf477567ceda2b100379064c2ebeefe460e37c47cf934e20295b2730bb33c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:19 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:16 GMT
server
cloudflare
age
0
etag
"650cb2a0-46ea1"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80a55420af90d91e-HEL
content-length
290465
alt-svc
h3=":443"; ma=86400
104754461_480p.m3u8
b-hls-04.doppiocdn.com/hls/104754461/ Frame 4CC7 		730 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-04.doppiocdn.com/hls/104754461/104754461_480p.m3u8
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:311f::6812:3f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96a0291cb9115e55ae20de456d4b1eccfaac4294936de05822624eac57466dfa

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:20 GMT
server
cloudflare
age
0
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1
timing-allow-origin
*
cf-ray
80a55428cad7d91e-HEL
alt-svc
h3=":443"; ma=86400
x-proxy-cache
MISS
104754461_480p_911_pHC3l2wvLRxOZ39c_1695330977.mp4
b-hls-04.doppiocdn.com/hls/104754461/ Frame 4CC7 		361 KB
362 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-04.doppiocdn.com/hls/104754461/104754461_480p_911_pHC3l2wvLRxOZ39c_1695330977.mp4
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:311f::6812:3f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aacf2c7902368b30e909a4b823ee9a63c982180dd44abea5f28eaab7efca6c48

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:21 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:19 GMT
server
cloudflare
age
0
etag
"650cb2a3-5a5ad"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80a554290b21d91e-HEL
content-length
370093
alt-svc
h3=":443"; ma=86400
74768272_480p.m3u8
b-hls-13.doppiocdn.com/hls/74768272/ Frame 4CC7 		722 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-13.doppiocdn.com/hls/74768272/74768272_480p.m3u8
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:311f::6812:3f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b618bd95c4e73f08c9fbbacfef8eb04a655e9a983bf72e15cf6ca1c2fa67b58c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:19 GMT
server
cloudflare
age
0
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1
timing-allow-origin
*
cf-ray
80a5542b7e20d91e-HEL
alt-svc
h3=":443"; ma=86400
x-proxy-cache
MISS
74768272_480p_183_RP7OWEb5BdERfWB9_1695330976.mp4
b-hls-13.doppiocdn.com/hls/74768272/ Frame 4CC7 		326 KB
326 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-13.doppiocdn.com/hls/74768272/74768272_480p_183_RP7OWEb5BdERfWB9_1695330976.mp4
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:311f::6812:3f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08080acb50ce42f75c8b6f434d09c8cddc1b95fb51bfd1ecfcf5cbaa37430336

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:21 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:18 GMT
server
cloudflare
age
0
etag
"650cb2a2-5162d"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80a5542bbe67d91e-HEL
content-length
333357
alt-svc
h3=":443"; ma=86400
104754461_480p.m3u8
b-hls-04.doppiocdn.com/hls/104754461/ Frame 4CC7 		730 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-04.doppiocdn.com/hls/104754461/104754461_480p.m3u8
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:311f::6812:3f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
867981efab6a16a91024040980140e4e682e327424ff296b7cebd65082a9d8cf

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:22 GMT
server
cloudflare
age
0
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1
timing-allow-origin
*
cf-ray
80a554354ac9d91e-HEL
alt-svc
h3=":443"; ma=86400
x-proxy-cache
MISS
104754461_480p_912_6IaHjcUVsDdtBxgK_1695330979.mp4
b-hls-04.doppiocdn.com/hls/104754461/ Frame 4CC7 		285 KB
285 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-04.doppiocdn.com/hls/104754461/104754461_480p_912_6IaHjcUVsDdtBxgK_1695330979.mp4
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:311f::6812:3f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a42cf3dea728c6284ff84f4d5761570e9db64f5a37f263c32f5665f4610926ad

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:16:23 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 21:16:21 GMT
server
cloudflare
age
0
etag
"650cb2a5-473c1"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=60
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80a554359b5ed91e-HEL
content-length
291777
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture function| $ function| jQuery function| setCookieGDPR function| getCookieGDPR function| addPrompt

2 Cookies

Domain/Path Name / Value
go.xlirdr.com/ Name: __cflb
Value: 0H28upDCGznfDm9XVDQoiPUVymMcUWiVpj1G3Qd2GAQ
www.cool18.com/ Name: showgdpr
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-hls-04.doppiocdn.com
b-hls-13.doppiocdn.com
cool18.com
creative.xlirdr.com
edge-hls.doppiocdn.com
go.xlirdr.com
img.86uk.com
img.strpst.com
strp.chat
video.ktkjmp.com
www.6park.com
www.cool18.com
135.148.209.1
2606:4700:3110::6812:3015
2606:4700:3110::6812:3b96
2606:4700:311f::6812:3f7a
2606:4700:311f::6812:3f7c
2606:4700:311f::6812:3f7e
2606:4700:311f::6812:3f86
51.81.2.58
57.128.64.234
08080acb50ce42f75c8b6f434d09c8cddc1b95fb51bfd1ecfcf5cbaa37430336
0a8d3d57ea87b0c1d3e808f1eba322e1e7d004e3da3bc9e118c683f9a456fa84
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750
0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3
2a670649dfe1cc7349845ca81d3499d026525b7b2bcac99fb05923d7df56c354
408d3244aefc43d887b6e38c2f4ddf27eb5fd3f9afb124d22a444add154ab494
629acc99977cb0db372e240e7b84166b64620aae27707f37d50bc7edfa87a221
666e3947ae0dcce038aaaa66e84f279b3de1d89fda0cb88fcbf6fa34cc84c0a4
6a2cfa5c14c07db233340728a645402e0344fc9b5dd47623bc2a0bbc2e0b03a7
6c6cf477567ceda2b100379064c2ebeefe460e37c47cf934e20295b2730bb33c
71870acd3c5fc3a95fd0c510a21e2fa7ad38ef00ca91613fb76f13df486137f3
7c8c1ca66d04c50e0aa89d509c1be62b4d928a5cc3089492488950f56bb612d4
7d20dce0dd4a97b68c94bf637096fbabfaccbf685295265704097c20ae83d465
80a3a82064421f5213982d5034b4b092bf1c8bb20483880f8067e0bbb1a90643
80a7cbb94e8ba48fc1d44eb70577fd01662be031fd40a776e7bed496b0c53a73
80bb77667fc5a4dd8899236c61fb83957e50f7c836cac33c4bf0f7f138edb802
867981efab6a16a91024040980140e4e682e327424ff296b7cebd65082a9d8cf
8e02267ce2a4511973601a33841f922218c3270066ddd6a756ce8d80c8aa9f98
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
92c7cd83bae62f118f235526dc36fd57d4253db175ba94d9f8bb86e249b1efe6
96a0291cb9115e55ae20de456d4b1eccfaac4294936de05822624eac57466dfa
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
9c36ca2778925a9d0821a78e4212bfef00c8804715ecf7691a5c2794821cea00
a42cf3dea728c6284ff84f4d5761570e9db64f5a37f263c32f5665f4610926ad
a438943eff5147dc0c1d71836672cdd68b8b3c095ddb561f092b10cbac091c5b
a4d09f6a50b6d96e7f22ab12f406dcf44be0d815105018cc5c7f1105fbf597f7
a5d7dca089ef235f19604ada6d6a7ddc4545815c4646bbad4851491ed8488b86
a73608ccf909815edca9aabed031784cdc36cd37c6448530346b7c376a8ec8f3
a8309f2660574663ac2c0840ed70a7def033f373ab5c94791b2acf3a2042cec9
aacf2c7902368b30e909a4b823ee9a63c982180dd44abea5f28eaab7efca6c48
b3b83266dde6fa2870ddc1cc812233d8baa03727cd4d65733ed5ee7a4fbb4490
b618bd95c4e73f08c9fbbacfef8eb04a655e9a983bf72e15cf6ca1c2fa67b58c
cd23f41debfe695da41958a7f2d1832f6fe2d6857645bb0f6cd8d6b31b2949a2
cedfc0954b22d827d5c66ad5dbf7d547079afe69904172aa1ebc2e9fc74d8284
d0f029303ca0816690a63833e2777a8c7ce5d2aae2af8dba96457ad21c1a05ee
d8f79974dc76d2f30757ed4f2b3f36ad680919668961687d8a9a9398c547c5aa
db2dc7ce797a8fafb36dc556affd061bd1d0b90bdedda999e70dc2f2c3174712
df67ce3ac517f74c3ab142bd98884f128d4576bb2126f79a6a7b9a72c7347a0a
e2482d68f0192b468c48898124437dbec07d656158ff0a79c5da30a876cf7f85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41296bfd302014ba5da016bd6d9dde22c5d47fdbae01be14fa54c1c82fe0dda
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5
f5aeda6883991e46d812c1ffc23796c3dd3dbd2e05791ec83f26b31a36182536
f7da2200ec2a5215230c787473e6c3d5f46c99e25e417a3d4a0cee3fc43db802
fc99538f9b380def1526134787bccf6c4f935845703a5f5ff00b5f1aca28b623
fe1d7a6f7d605279ab1ced0f24b0ec047700c96228401963b8085af0e8da620c