urlscan.io logo urlscan.io
SecurityTrails logo

www.cool18.com Open in urlscan Pro
135.148.209.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cool18.com/
Effective URL: https://www.cool18.com/parks.php
Submission: On October 18 via manual from KR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 44 HTTP transactions. The main IP is 135.148.209.1, located in United States and belongs to OVH, FR. The main domain is www.cool18.com. The Cisco Umbrella rank of the primary domain is 511400.
TLS certificate: Issued by Thawte RSA CA 2018 on June 8th 2022. Valid for: a year.
This is the only time www.cool18.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 135.148.209.1 16276 (OVH)
6 51.77.125.91 16276 (OVH)
1 51.81.2.58 16276 (OVH)
1 7 2606:4700:311... 13335 (CLOUDFLAR...)
1 51.89.133.215 16276 (OVH)
5 2606:4700:311... 13335 (CLOUDFLAR...)
2 2606:4700:311... 13335 (CLOUDFLAR...)
3 2606:4700:311... 13335 (CLOUDFLAR...)
12 2606:4700:311... 13335 (CLOUDFLAR...)
44 10
8    135.148.209.1 (United States)

ASN16276 (OVH, FR)
PTR: ip1.ip-135-148-209.us
cool18.com
www.cool18.com
6    51.77.125.91 (France)

ASN16276 (OVH, FR)
PTR: ip91.ip-51-77-125.eu
adm.beimg.com
1    51.81.2.58 (United States)

ASN16276 (OVH, FR)
PTR: ip58.ip-51-81-2.us
www.6park.com
7    2606:4700:3110::6812:3b96 (United States)

ASN13335 (CLOUDFLARENET, US)
go.xlviiirdr.com
creative.xlviiirdr.com
video.ktkjmp.com
1    51.89.133.215 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip215.ip-51-89-133.eu
img.86uk.com
5    2606:4700:3110::6812:336a (United States)

ASN13335 (CLOUDFLARENET, US)
creative.xlviiirdr.com
go.xlviiirdr.com
2    2606:4700:311f::6812:3f7c (United States)

ASN13335 (CLOUDFLARENET, US)
img.strpst.com
3    2606:4700:3110::6812:3724 (United States)

ASN13335 (CLOUDFLARENET, US)
b-hls-11.doppiocdn.com
b-hls-18.doppiocdn.com
b-hls-03.doppiocdn.com
12    2606:4700:3110::6812:37dc (United States)

ASN13335 (CLOUDFLARENET, US)
b-hls-18.doppiocdn.com
Apex Domain
Subdomains		 Transfer
15 doppiocdn.com
b-hls-11.doppiocdn.com — Cisco Umbrella Rank: 47826
b-hls-18.doppiocdn.com — Cisco Umbrella Rank: 50491
b-hls-03.doppiocdn.com — Cisco Umbrella Rank: 48404
2 MB
11 xlviiirdr.com
go.xlviiirdr.com — Cisco Umbrella Rank: 49562
creative.xlviiirdr.com — Cisco Umbrella Rank: 128060
140 KB
8 cool18.com
cool18.com — Cisco Umbrella Rank: 476974
www.cool18.com — Cisco Umbrella Rank: 511400
104 KB
6 beimg.com
adm.beimg.com — Cisco Umbrella Rank: 215815
226 KB
2 strpst.com
img.strpst.com — Cisco Umbrella Rank: 11966
199 KB
1 ktkjmp.com
video.ktkjmp.com — Cisco Umbrella Rank: 17708
688 B
1 86uk.com
img.86uk.com — Cisco Umbrella Rank: 196067
1 KB
1 6park.com
www.6park.com — Cisco Umbrella Rank: 174371
2 KB
44 8
Domain Requested by
13 b-hls-18.doppiocdn.com creative.xlviiirdr.com
7 creative.xlviiirdr.com www.cool18.com
creative.xlviiirdr.com
7 www.cool18.com 1 redirects www.cool18.com
6 adm.beimg.com www.cool18.com
img.86uk.com
adm.beimg.com
4 go.xlviiirdr.com 1 redirects creative.xlviiirdr.com
2 img.strpst.com www.cool18.com
1 b-hls-03.doppiocdn.com creative.xlviiirdr.com
1 b-hls-11.doppiocdn.com creative.xlviiirdr.com
1 video.ktkjmp.com creative.xlviiirdr.com
1 img.86uk.com www.cool18.com
1 www.6park.com www.cool18.com
1 cool18.com 1 redirects
44 12
Subject Issuer Validity Valid
*.cool18.com
Thawte RSA CA 2018		 2022-06-08 -
2023-06-09		 a year crt.sh
adm.beimg.com
R3		 2022-09-11 -
2022-12-10		 3 months crt.sh
*.6park.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-06-08 -
2023-06-11		 a year crt.sh
xlviiirdr.com
Cloudflare Inc ECC CA-3		 2022-01-03 -
2023-01-02		 a year crt.sh
img.86uk.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-22 -
2022-12-23		 a year crt.sh
video.ktkjmp.com
Cloudflare Inc ECC CA-3		 2022-08-01 -
2023-08-01		 a year crt.sh
img.strpst.com
Cloudflare Inc ECC CA-3		 2022-05-03 -
2023-05-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-02-16 -
2023-02-15		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.cool18.com/parks.php
Frame ID: A7F93552E51177C9A5E94EFB116512E1
Requests: 9 HTTP requests in this frame

Frame: https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
Frame ID: 80780CA44C976797B3E367C18D274B04
Requests: 30 HTTP requests in this frame

Frame: https://img.86uk.com/iframe.php?id=ch98090&k=%e6%80%a7%e8%b6%a3%e8%b4%b4%e5%9b%be%2c%e7%a7%81%e6%88%bf%e8%87%aa%e6%8b%8d%2c%e6%83%85%e8%89%b2%e9%9d%93%e5%bd%b1%2c%e6%88%90%e4%ba%ba%e5%bd%b1%e8%a7%86%2c%e7%a6%81%e5%bf%8c%e4%b9%a6%e5%b1%8b%2c%e6%80%a7%e8%b6%a3%e8%ae%ba%e5%9d%9b
Frame ID: 90CA30F39448B970F35E3BA687BA6078
Requests: 1 HTTP requests in this frame

Frame: https://adm.beimg.com/get_ad.php?position=precision_980x270&keywords=%E6%80%A7%E8%B6%A3%E8%B4%B4%E5%9B%BE,%E7%A7%81%E6%88%BF%E8%87%AA%E6%8B%8D,%E6%83%85%E8%89%B2%E9%9D%93%E5%BD%B1,%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86,%E7%A6%81%E5%BF%8C%E4%B9%A6%E5%B1%8B,%E6%80%A7%E8%B6%A3%E8%AE%BA%E5%9D%9B
Frame ID: E4295566E9F5843EC80ACD2EA27AB469
Requests: 2 HTTP requests in this frame

Frame: https://adm.beimg.com/get_ad.php?position=precision_980x91&keywords=%E6%80%A7%E8%B6%A3%E8%B4%B4%E5%9B%BE,%E7%A7%81%E6%88%BF%E8%87%AA%E6%8B%8D,%E6%83%85%E8%89%B2%E9%9D%93%E5%BD%B1,%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86,%E7%A6%81%E5%BF%8C%E4%B9%A6%E5%B1%8B,%E6%80%A7%E8%B6%A3%E8%AE%BA%E5%9D%9B
Frame ID: 1A4FC5EE252AB9F0DD93B085A81455B1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

酷18 cool18.com

Page URL History Show full URLs

  1. http://cool18.com/ HTTP 302
    https://www.cool18.com/ HTTP 302
    https://www.cool18.com/parks.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

95 %
HTTPS

56 %
IPv6

8
Domains

12
Subdomains

10
IPs

3
Countries

3134 kB
Transfer

3588 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cool18.com/ HTTP 302
    https://www.cool18.com/ HTTP 302
    https://www.cool18.com/parks.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://go.xlviiirdr.com/i?campaignId=&creativeId=&modelsCountry=&modelsLanguage=&sourceId=&tag=girls%2Fchinese&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&liveBadgeColor=&showButton=0&showModelName=1&showTitle=0&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=0&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62&landing=WidgetV4Universal&autoplay=all&autoplayForce=1&thumbsMargin= HTTP 302
  • https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request parks.php
www.cool18.com/
Redirect Chain
  • http://cool18.com/
  • https://www.cool18.com/
  • https://www.cool18.com/parks.php
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 / PHP/7.4.24
Resource Hash
876ad109975ac21bd321087c75ee1cd7302ee4cb3cb6b224d1fd71d42d11d8ae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 18 Oct 2022 14:10:28 GMT
Server
nginx/1.21.3
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.24

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 18 Oct 2022 14:10:28 GMT
Location
https://www.cool18.com/parks.php
Server
nginx/1.21.3
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.24
1663229367_98090.gif
adm.beimg.com/uploads/us/top_980x90/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adm.beimg.com/uploads/us/top_980x90/1663229367_98090.gif
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.125.91 , France, ASN16276 (OVH, FR),
Reverse DNS
ip91.ip-51-77-125.eu
Software
nginx/1.19.6 /
Resource Hash
2a60f92f29d0c8f211cf662730bae024f912e4ec299d5c626612a4bf270f7b93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cool18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 14:10:28 GMT
Last-Modified
Thu, 15 Sep 2022 08:09:43 GMT
Server
nginx/1.19.6
ETag
"6322ddc7-11f5b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73563
1661964430_999.jpg
adm.beimg.com/uploads/us/precision_980x91/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adm.beimg.com/uploads/us/precision_980x91/1661964430_999.jpg
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.125.91 , France, ASN16276 (OVH, FR),
Reverse DNS
ip91.ip-51-77-125.eu
Software
nginx/1.19.6 /
Resource Hash
3513fb280061afad641204f4ae8c55fe538935031164ba336768e280703b9596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cool18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 14:10:28 GMT
Last-Modified
Wed, 31 Aug 2022 16:47:28 GMT
Server
nginx/1.19.6
ETag
"630f90a0-a407"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41991
jquery-1.11.1.min.js
www.cool18.com/pub/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/pub/jquery-1.11.1.min.js
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cool18.com/parks.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 14:10:28 GMT
Last-Modified
Fri, 11 Sep 2020 02:12:51 GMT
Server
nginx/1.21.3
ETag
"5f5add23-1762e"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95790
prompt.css
www.cool18.com/pub/ 		1 KB
800 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/pub/prompt.css
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 /
Resource Hash
a73608ccf909815edca9aabed031784cdc36cd37c6448530346b7c376a8ec8f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cool18.com/parks.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 14:10:29 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Sep 2020 02:12:51 GMT
Server
nginx/1.21.3
ETag
W/"5f5add23-483"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
gdpr.js
www.cool18.com/pub/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/pub/gdpr.js
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 /
Resource Hash
e2482d68f0192b468c48898124437dbec07d656158ff0a79c5da30a876cf7f85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cool18.com/parks.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 14:10:29 GMT
Last-Modified
Fri, 11 Sep 2020 02:12:51 GMT
Server
nginx/1.21.3
ETag
"5f5add23-d12"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3346
aimain.php
www.6park.com/pub/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.6park.com/pub/aimain.php?act=sitemap
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.81.2.58 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip58.ip-51-81-2.us
Software
nginx/1.21.3 / PHP/7.4.25
Resource Hash
ba94a8b6b882d87de0b71728da739a8ddf7c6bcedb337878382cce6af3a1995c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cool18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 14:10:29 GMT
Server
nginx/1.21.3
Connection
keep-alive
X-Powered-By
PHP/7.4.25
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
2.gif
www.cool18.com/img/ 		10 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cool18.com/img/2.gif
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cool18.com/parks.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 14:10:29 GMT
Last-Modified
Fri, 11 Sep 2020 02:12:48 GMT
Server
nginx/1.21.3
ETag
"5f5add20-a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10
/
creative.xlviiirdr.com/widgets/v4/Universal/ Frame 8078
Redirect Chain
  • https://go.xlviiirdr.com/i?campaignId=&creativeId=&modelsCountry=&modelsLanguage=&sourceId=&tag=girls%2Fchinese&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&liveBa...
  • https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideMod...
852 B
576 B 		Document
General
Check archive.org
Download Go to
Full URL
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
000fe7f9fbba7908363a55d0fa802c5ca734e8a99c2e157ae941b5a4ca894202
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.cool18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=10
cf-cache-status
HIT
cf-ray
75c1db92be4e9150-FRA
content-encoding
br
content-type
text/html
date
Tue, 18 Oct 2022 14:10:28 GMT
expires
Tue, 18 Oct 2022 14:10:13 GMT
last-modified
Tue, 18 Oct 2022 11:05:47 GMT
pragma
public
report-to
{ "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
server
cloudflare
strict-transport-security
max-age=15768000
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75c1db926dbe9150-FRA
content-length
0
date
Tue, 18 Oct 2022 14:10:28 GMT
location
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
server
cloudflare
iframe.php
img.86uk.com/ Frame 90CA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.86uk.com/iframe.php?id=ch98090&k=%e6%80%a7%e8%b6%a3%e8%b4%b4%e5%9b%be%2c%e7%a7%81%e6%88%bf%e8%87%aa%e6%8b%8d%2c%e6%83%85%e8%89%b2%e9%9d%93%e5%bd%b1%2c%e6%88%90%e4%ba%ba%e5%bd%b1%e8%a7%86%2c%e7%a6%81%e5%bf%8c%e4%b9%a6%e5%b1%8b%2c%e6%80%a7%e8%b6%a3%e8%ae%ba%e5%9d%9b
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.133.215 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip215.ip-51-89-133.eu
Software
nginx/1.19.6 / PHP/5.6.40
Resource Hash
ae15b9c3964fa6a6fea3df4e46809a8ee86aa117776bc455a110fc8d58622b36

Request headers

Referer
https://www.cool18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 18 Oct 2022 14:10:28 GMT
Server
nginx/1.19.6
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40
get_ad.php
adm.beimg.com/ Frame E429 		913 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adm.beimg.com/get_ad.php?position=precision_980x270&keywords=%E6%80%A7%E8%B6%A3%E8%B4%B4%E5%9B%BE,%E7%A7%81%E6%88%BF%E8%87%AA%E6%8B%8D,%E6%83%85%E8%89%B2%E9%9D%93%E5%BD%B1,%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86,%E7%A6%81%E5%BF%8C%E4%B9%A6%E5%B1%8B,%E6%80%A7%E8%B6%A3%E8%AE%BA%E5%9D%9B
Requested by
Host: img.86uk.com
URL: https://img.86uk.com/iframe.php?id=ch98090&k=%e6%80%a7%e8%b6%a3%e8%b4%b4%e5%9b%be%2c%e7%a7%81%e6%88%bf%e8%87%aa%e6%8b%8d%2c%e6%83%85%e8%89%b2%e9%9d%93%e5%bd%b1%2c%e6%88%90%e4%ba%ba%e5%bd%b1%e8%a7%86%2c%e7%a6%81%e5%bf%8c%e4%b9%a6%e5%b1%8b%2c%e6%80%a7%e8%b6%a3%e8%ae%ba%e5%9d%9b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.125.91 , France, ASN16276 (OVH, FR),
Reverse DNS
ip91.ip-51-77-125.eu
Software
nginx/1.19.6 / PHP/5.6.40
Resource Hash
f998ffad603c47bb311e96e546667a0c83c2d20fcd53ee5875e3354ba18a0dae

Request headers

Referer
https://img.86uk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Tue, 18 Oct 2022 14:10:28 GMT
Server
nginx/1.19.6
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40
get_ad.php
adm.beimg.com/ Frame 1A4F 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adm.beimg.com/get_ad.php?position=precision_980x91&keywords=%E6%80%A7%E8%B6%A3%E8%B4%B4%E5%9B%BE,%E7%A7%81%E6%88%BF%E8%87%AA%E6%8B%8D,%E6%83%85%E8%89%B2%E9%9D%93%E5%BD%B1,%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86,%E7%A6%81%E5%BF%8C%E4%B9%A6%E5%B1%8B,%E6%80%A7%E8%B6%A3%E8%AE%BA%E5%9D%9B
Requested by
Host: img.86uk.com
URL: https://img.86uk.com/iframe.php?id=ch98090&k=%e6%80%a7%e8%b6%a3%e8%b4%b4%e5%9b%be%2c%e7%a7%81%e6%88%bf%e8%87%aa%e6%8b%8d%2c%e6%83%85%e8%89%b2%e9%9d%93%e5%bd%b1%2c%e6%88%90%e4%ba%ba%e5%bd%b1%e8%a7%86%2c%e7%a6%81%e5%bf%8c%e4%b9%a6%e5%b1%8b%2c%e6%80%a7%e8%b6%a3%e8%ae%ba%e5%9d%9b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.125.91 , France, ASN16276 (OVH, FR),
Reverse DNS
ip91.ip-51-77-125.eu
Software
nginx/1.19.6 / PHP/5.6.40
Resource Hash
520dcb98bdc5c1314e09293ec51924338ca35115192ef860d80f940a72b3d4a7

Request headers

Referer
https://img.86uk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Tue, 18 Oct 2022 14:10:28 GMT
Server
nginx/1.19.6
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40
main.472cfe03682923a44833.css
creative.xlviiirdr.com/widgets/v4/Universal/ Frame 8078 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creative.xlviiirdr.com/widgets/v4/Universal/main.472cfe03682923a44833.css
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ec4684ec9818d68b90f8bbdad62d7d1303f3cc6a93f24abe1238671c416fd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
public
date
Tue, 18 Oct 2022 14:10:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 11:10:13 GMT
server
cloudflare
age
6
etag
W/"634e8995-3407"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10
cf-ray
75c1db92deb19150-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 18 Oct 2022 14:10:29 GMT
main.472cfe03682923a44833.js
creative.xlviiirdr.com/widgets/v4/Universal/ Frame 8078 		264 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.xlviiirdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb35797431f0e49d3c0ed064e0937265dba901fffabb1cce46fda19ce57267c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
public
date
Tue, 18 Oct 2022 14:10:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 11:10:13 GMT
server
cloudflare
age
6
etag
W/"634e8995-41fc1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=10
cf-ray
75c1db92deb59150-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 18 Oct 2022 14:10:24 GMT
1614936713_980270.jpg
adm.beimg.com/uploads/main/precision_980x270/ Frame E429 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adm.beimg.com/uploads/main/precision_980x270/1614936713_980270.jpg
Requested by
Host: adm.beimg.com
URL: https://adm.beimg.com/get_ad.php?position=precision_980x270&keywords=%E6%80%A7%E8%B6%A3%E8%B4%B4%E5%9B%BE,%E7%A7%81%E6%88%BF%E8%87%AA%E6%8B%8D,%E6%83%85%E8%89%B2%E9%9D%93%E5%BD%B1,%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86,%E7%A6%81%E5%BF%8C%E4%B9%A6%E5%B1%8B,%E6%80%A7%E8%B6%A3%E8%AE%BA%E5%9D%9B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.125.91 , France, ASN16276 (OVH, FR),
Reverse DNS
ip91.ip-51-77-125.eu
Software
nginx/1.19.6 /
Resource Hash
09776a70293f8fca116e4e9f198f7d546758a10239c5165b857e246f78eadc7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adm.beimg.com/get_ad.php?position=precision_980x270&keywords=%E6%80%A7%E8%B6%A3%E8%B4%B4%E5%9B%BE,%E7%A7%81%E6%88%BF%E8%87%AA%E6%8B%8D,%E6%83%85%E8%89%B2%E9%9D%93%E5%BD%B1,%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86,%E7%A6%81%E5%BF%8C%E4%B9%A6%E5%B1%8B,%E6%80%A7%E8%B6%A3%E8%AE%BA%E5%9D%9B
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 14:10:28 GMT
Last-Modified
Fri, 05 Mar 2021 09:32:00 GMT
Server
nginx/1.19.6
ETag
"6041fa90-96b3"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38579
1663229367_98090.gif
adm.beimg.com/uploads/us/top_980x90/ Frame 1A4F 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adm.beimg.com/uploads/us/top_980x90/1663229367_98090.gif
Requested by
Host: adm.beimg.com
URL: https://adm.beimg.com/get_ad.php?position=precision_980x91&keywords=%E6%80%A7%E8%B6%A3%E8%B4%B4%E5%9B%BE,%E7%A7%81%E6%88%BF%E8%87%AA%E6%8B%8D,%E6%83%85%E8%89%B2%E9%9D%93%E5%BD%B1,%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86,%E7%A6%81%E5%BF%8C%E4%B9%A6%E5%B1%8B,%E6%80%A7%E8%B6%A3%E8%AE%BA%E5%9D%9B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.125.91 , France, ASN16276 (OVH, FR),
Reverse DNS
ip91.ip-51-77-125.eu
Software
nginx/1.19.6 /
Resource Hash
2a60f92f29d0c8f211cf662730bae024f912e4ec299d5c626612a4bf270f7b93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adm.beimg.com/get_ad.php?position=precision_980x91&keywords=%E6%80%A7%E8%B6%A3%E8%B4%B4%E5%9B%BE,%E7%A7%81%E6%88%BF%E8%87%AA%E6%8B%8D,%E6%83%85%E8%89%B2%E9%9D%93%E5%BD%B1,%E6%88%90%E4%BA%BA%E5%BD%B1%E8%A7%86,%E7%A6%81%E5%BF%8C%E4%B9%A6%E5%B1%8B,%E6%80%A7%E8%B6%A3%E8%AE%BA%E5%9D%9B
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 14:10:28 GMT
Last-Modified
Thu, 15 Sep 2022 08:09:43 GMT
Server
nginx/1.19.6
ETag
"6322ddc7-11f5b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73563
en.json
creative.xlviiirdr.com/widgets/v4/Universal/lang/ Frame 8078 		172 B
359 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://creative.xlviiirdr.com/widgets/v4/Universal/lang/en.json
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
public
date
Tue, 18 Oct 2022 14:10:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 11:05:47 GMT
server
cloudflare
age
9
etag
W/"634e888b-ac"
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=10
cf-ray
75c1db933c79694c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 18 Oct 2022 14:10:26 GMT
config
go.xlviiirdr.com/ Frame 8078 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlviiirdr.com/config?url=https%3A%2F%2Fcreative.xlviiirdr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26autoplay%3Dall%26autoplayForce%3D1%26buttonColor%3D%26campaignId%3D%26creativeId%3D%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D0%26hideModelNameOnSmallSpots%3D0%26hideTitleOnSmallSpots%3D0%26isXhDesign%3D0%26liveBadgeColor%3D%26modelsCountry%3D%26modelsLanguage%3D%26showButton%3D0%26showLiveBadge%3D1%26showModelName%3D1%26showTitle%3D0%26sound%3Doff%26sourceId%3D%26tag%3Dgirls%252Fchinese%26targetDomain%3D%26thumbSizeKey%3Dbig%26thumbsMargin%3D%26trackOff%3D1%26userId%3Dcf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c79c61dae107d361e58122e308f84bdd9c2d422331637e3e95c1506e388a64c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:07:15 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
75c1db935e5d6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adsbygoogle.js
video.ktkjmp.com/ Frame 8078 		16 B
688 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video.ktkjmp.com/adsbygoogle.js
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:29 GMT
x-amz-version-id
eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
cf-cache-status
HIT
x-amz-request-id
3YWDQMM09WD97GA7
age
4602
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16
x-amz-id-2
mF4b64FCntdG8P0cwcO9w/lXTNS55DDfrmhZW4LzMnWHucQN51ecRdTYOZ7zVlC95Oj0d1VIs+8=
last-modified
Thu, 10 Mar 2022 13:52:07 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
etag
"3d7f7a60216d40dea48e495fef6903c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://creative.xlviiirdr.com
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
75c1db9389699b51-FRA
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires
Tue, 18 Oct 2022 18:10:29 GMT
core.34b30cde2ed8622605f0.js
creative.xlviiirdr.com/widgets/v4/Universal/ Frame 8078 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.xlviiirdr.com/widgets/v4/Universal/core.34b30cde2ed8622605f0.js
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56d31838cb90e196f86dc55b17e8297a5c36436fab92741ddd2f28df889cd91a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
public
date
Tue, 18 Oct 2022 14:10:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 11:10:13 GMT
server
cloudflare
age
6
etag
W/"634e8995-aa6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=10
cf-ray
75c1db93cda8694c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 18 Oct 2022 14:10:26 GMT
models
go.xlviiirdr.com/api/ Frame 8078 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlviiirdr.com/api/models?tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=2
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e58d267a8835b80847cd4def641c9839559a5f95ff889841751efb87624257b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:29 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 18 Oct 2022 14:10:12 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://creative.xlviiirdr.com
access-control-allow-credentials
true
cf-ray
75c1db93cdb2694c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
83976815
img.strpst.com/thumbs/1666101639/ Frame 8078 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.strpst.com/thumbs/1666101639/83976815
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed88e3d475c021abb29974dc4ce1cae306cbc880861e6b9c61735db671812bd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:29 GMT
cf-cache-status
HIT
age
535
cf-polished
origSize=93553, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
90937
cf-bgj
imgq:100,h2pri
last-modified
Tue, 18 Oct 2022 14:00:34 GMT
server
cloudflare
etag
"8fb23cfcc668cda76d1ea1a378e3c5f4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=300
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
75c1db94acd4901c-FRA
expires
Tue, 18 Oct 2022 14:15:29 GMT
89416093
img.strpst.com/thumbs/1666101654/ Frame 8078 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.strpst.com/thumbs/1666101654/89416093
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/parks.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5e0d479f55939ec4c40cbef0118b464733bea591b19cd7245bbfe33ab828120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:29 GMT
cf-cache-status
HIT
age
493
cf-polished
origSize=115266, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
112452
cf-bgj
imgq:100,h2pri
last-modified
Tue, 18 Oct 2022 14:01:02 GMT
server
cloudflare
etag
"e4a4f08f35867b9901a07f42163d72ae"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=300
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
75c1db94acd9901c-FRA
expires
Tue, 18 Oct 2022 14:15:29 GMT
gdpr_area.php
www.cool18.com/pub/ 		22 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cool18.com/pub/gdpr_area.php?act=get&news_tmp_name=null=&scode=null
Requested by
Host: www.cool18.com
URL: https://www.cool18.com/pub/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.148.209.1 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip1.ip-135-148-209.us
Software
nginx/1.21.3 / PHP/7.4.24
Resource Hash
a8309f2660574663ac2c0840ed70a7def033f373ab5c94791b2acf3a2042cec9

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.cool18.com/parks.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 14:10:29 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
showuid
X-Powered-By
PHP/7.4.24
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
view
go.xlviiirdr.com/thumbs/ Frame 8078 		152 B
318 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlviiirdr.com/thumbs/view
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ba5825fe9b8b015d9b7a98c11a64376a6c7b6cfb2a3c4fab972f1906b11d0d4

Request headers

Referer
https://creative.xlviiirdr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 18 Oct 2022 14:10:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
*
cf-ray
75c1db94e9cf6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vendors~hls.1607c4ce624b3d74b257.js
creative.xlviiirdr.com/widgets/v4/Universal/ Frame 8078 		174 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8670e0365a11c2951da60262f1389a48f7e124a2b135efc90193efc3ffc737e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
public
date
Tue, 18 Oct 2022 14:10:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 11:10:13 GMT
server
cloudflare
age
5
etag
W/"634e8995-2b969"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=10
cf-ray
75c1db960a58694c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 18 Oct 2022 14:10:28 GMT
hls.af383202db4cb5b7b12d.js
creative.xlviiirdr.com/widgets/v4/Universal/ Frame 8078 		61 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.xlviiirdr.com/widgets/v4/Universal/hls.af383202db4cb5b7b12d.js
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68d5bef571c6a9e14d8a182bc2ed9cbe64d353a86dcba0387440760cbeed8f53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=&creativeId=&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&liveBadgeColor=&modelsCountry=&modelsLanguage=&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=&tag=girls%2Fchinese&targetDomain=&thumbSizeKey=big&thumbsMargin=&trackOff=1&userId=cf144468670e5cd2f4341ea74d0b07b34f9c82fc9b077574a315922c8db0af62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
public
date
Tue, 18 Oct 2022 14:10:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 11:10:13 GMT
server
cloudflare
age
5
etag
W/"634e8995-3d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=10
cf-ray
75c1db960a5b694c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 18 Oct 2022 14:10:30 GMT
83976815_480p.m3u8
b-hls-11.doppiocdn.com/hls/83976815_480p/master/ Frame 8078 		153 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-11.doppiocdn.com/hls/83976815_480p/master/83976815_480p.m3u8
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7bad8401a68f1e181972fa3437a132094714c999c44a8ac7dbfb20826f8f4bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:29 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray
75c1db9849b49113-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
83976815_480p.m3u8
b-hls-18.doppiocdn.com/hls/83976815/ Frame 8078 		589 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-18.doppiocdn.com/hls/83976815/83976815_480p.m3u8
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680dfb50bd957ba489d1b0174631008b700bf713aef5622a140884996aa97890

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:29 GMT
server
cloudflare
age
0
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray
75c1db98bacb9113-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
83976815_480p_1544_xvZoJMW8FS7Fnmnx.ts
b-hls-18.doppiocdn.com/hls/83976815/ Frame 8078 		300 KB
301 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-18.doppiocdn.com/hls/83976815/83976815_480p_1544_xvZoJMW8FS7Fnmnx.ts
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f94d97028774bb4ea151757601785ff2f237db470673a154df9aa533e3b5090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:30 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:24 GMT
server
cloudflare
age
4
etag
"634eb3d0-4b170"
vary
Accept-Encoding
content-type
video/mp2t
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges
bytes
cf-ray
75c1db99e8c09290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
307568
80d5df28-add8-454e-9d84-da60c68ea14a
https://creative.xlviiirdr.com/ Frame 8078 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://creative.xlviiirdr.com/80d5df28-add8-454e-9d84-da60c68ea14a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e02b58688ab9781c6b83463d1ea9fd197e79a54e6110f4654f90e08982ba8f88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
62322
Content-Type
text/javascript
83976815_480p_1545_wjS7LnfzhJLd9C78.ts
b-hls-18.doppiocdn.com/hls/83976815/ Frame 8078 		306 KB
307 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-18.doppiocdn.com/hls/83976815/83976815_480p_1545_wjS7LnfzhJLd9C78.ts
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7452fb8f62087a70d23707078c8dcd8612b6f3cb88e2a8f42ed33424bdf81f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:30 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:26 GMT
server
cloudflare
age
2
etag
"634eb3d2-4c9ac"
vary
Accept-Encoding
content-type
video/mp2t
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges
bytes
cf-ray
75c1db9aba1d9290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
313772
89416093_480p.m3u8
b-hls-03.doppiocdn.com/hls/89416093_480p/master/ Frame 8078 		153 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-03.doppiocdn.com/hls/89416093_480p/master/89416093_480p.m3u8
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ae31ee9b2e9018d4bfe1391e9de68194ccc731c82aa1213cb33d61e45286bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray
75c1db9acf129113-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
83976815_480p_1546_D8nl5gIuk3gc1S4J.ts
b-hls-18.doppiocdn.com/hls/83976815/ Frame 8078 		295 KB
296 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-18.doppiocdn.com/hls/83976815/83976815_480p_1546_D8nl5gIuk3gc1S4J.ts
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb662fe84215d8e0d3d9564e2ae309ebf122b9871d6b23bffb474af0dddcc101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:30 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:28 GMT
server
cloudflare
etag
"634eb3d4-49ce0"
vary
Accept-Encoding
content-type
video/mp2t
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges
bytes
cf-ray
75c1db9b1ab69290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
302304
89416093_480p.m3u8
b-hls-18.doppiocdn.com/hls/89416093/ Frame 8078 		589 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-18.doppiocdn.com/hls/89416093/89416093_480p.m3u8
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a515ba6c1b6e58fb4457874a944a5324ed11c95e37c9479b8ca59caa0b0951c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:30 GMT
server
cloudflare
age
0
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray
75c1db9b1abd9290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
89416093_480p_1342_suUZbBTqhYoAk9cv.ts
b-hls-18.doppiocdn.com/hls/89416093/ Frame 8078 		327 KB
327 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-18.doppiocdn.com/hls/89416093/89416093_480p_1342_suUZbBTqhYoAk9cv.ts
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ce39e0a34bfd15c693f217c5b8832da66cf54c6206c60a935fa5484f6f6f280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:30 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:25 GMT
server
cloudflare
age
2
etag
"634eb3d1-51bec"
vary
Accept-Encoding
content-type
video/mp2t
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges
bytes
cf-ray
75c1db9b4b0a9290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
334828
276011f3-8080-44bc-80c1-004d6ae2bd99
https://creative.xlviiirdr.com/ Frame 8078 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://creative.xlviiirdr.com/276011f3-8080-44bc-80c1-004d6ae2bd99
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e02b58688ab9781c6b83463d1ea9fd197e79a54e6110f4654f90e08982ba8f88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
62322
Content-Type
text/javascript
89416093_480p_1343_qah0hLUp6ICOoKwI.ts
b-hls-18.doppiocdn.com/hls/89416093/ Frame 8078 		319 KB
319 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-18.doppiocdn.com/hls/89416093/89416093_480p_1343_qah0hLUp6ICOoKwI.ts
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
083792e11372f89474d0b4cfe2d2e447ec43efc307fa0ef34c571f760d02b99f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:30 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:27 GMT
server
cloudflare
age
2
etag
"634eb3d3-4fa24"
vary
Accept-Encoding
content-type
video/mp2t
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges
bytes
cf-ray
75c1db9d8ee89290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
326180
89416093_480p_1344_aBt3ilaTFuuhhoEH.ts
b-hls-18.doppiocdn.com/hls/89416093/ Frame 8078 		304 KB
304 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-18.doppiocdn.com/hls/89416093/89416093_480p_1344_aBt3ilaTFuuhhoEH.ts
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56fb37398db69974b1e26fb28c6cace3b67556c85f0e1a49bb3e17698b2103f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:30 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:29 GMT
server
cloudflare
age
0
etag
"634eb3d5-4bea8"
vary
Accept-Encoding
content-type
video/mp2t
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges
bytes
cf-ray
75c1db9e1fe09290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
310952
83976815_480p.m3u8
b-hls-18.doppiocdn.com/hls/83976815/ Frame 8078 		589 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-18.doppiocdn.com/hls/83976815/83976815_480p.m3u8
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680dfb50bd957ba489d1b0174631008b700bf713aef5622a140884996aa97890

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:29 GMT
server
cloudflare
age
1
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray
75c1dba52d8c9290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
89416093_480p.m3u8
b-hls-18.doppiocdn.com/hls/89416093/ Frame 8078 		589 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-18.doppiocdn.com/hls/89416093/89416093_480p.m3u8
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3391457cee5d20fffc25f0d2ceba5951ed58f758f361419a1eb15233bb66a65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:32 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray
75c1dba7aa3c9290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
89416093_480p_1345_rc9OlXgMNy8TD6Hg.ts
b-hls-18.doppiocdn.com/hls/89416093/ Frame 8078 		317 KB
317 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-18.doppiocdn.com/hls/89416093/89416093_480p_1345_rc9OlXgMNy8TD6Hg.ts
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a58c97ccc35e969e789094f4e263227fb36f50c9b587be685275625ead51a562

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:32 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:31 GMT
server
cloudflare
etag
"634eb3d7-4f210"
vary
Accept-Encoding
content-type
video/mp2t
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges
bytes
cf-ray
75c1dba7fad29290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
324112
83976815_480p.m3u8
b-hls-18.doppiocdn.com/hls/83976815/ Frame 8078 		589 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-18.doppiocdn.com/hls/83976815/83976815_480p.m3u8
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a872eea149b6b4e6ffa100b36cf79144d19ad54ca261471957ca8ecf3fb2d869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:31 GMT
server
cloudflare
age
0
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray
75c1dbaba9fe9290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
83976815_480p_1547_9LVDFeGDZAD5mw3x.ts
b-hls-18.doppiocdn.com/hls/83976815/ Frame 8078 		289 KB
290 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b-hls-18.doppiocdn.com/hls/83976815/83976815_480p_1547_9LVDFeGDZAD5mw3x.ts
Requested by
Host: creative.xlviiirdr.com
URL: https://creative.xlviiirdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf5c264039071a1eaeec5a13af0eae9b99b947170c10d3c50e1fc79fd2eab3d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creative.xlviiirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:10:33 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:10:30 GMT
server
cloudflare
etag
"634eb3d6-48560"
vary
Accept-Encoding
content-type
video/mp2t
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges
bytes
cf-ray
75c1dbabda5b9290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
296288

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| setCookieGDPR function| getCookieGDPR function| addPrompt

2 Cookies

Domain/Path Name / Value
go.xlviiirdr.com/ Name: __cflb
Value: 02DiuDfsBaY2bRYJiCg3Rc4wrBy1LXpo8gf5UVFzCWGjE
www.cool18.com/ Name: showgdpr
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adm.beimg.com
b-hls-03.doppiocdn.com
b-hls-11.doppiocdn.com
b-hls-18.doppiocdn.com
cool18.com
creative.xlviiirdr.com
go.xlviiirdr.com
img.86uk.com
img.strpst.com
video.ktkjmp.com
www.6park.com
www.cool18.com
135.148.209.1
2606:4700:3110::6812:336a
2606:4700:3110::6812:3724
2606:4700:3110::6812:37dc
2606:4700:3110::6812:3b96
2606:4700:311f::6812:3f7c
51.77.125.91
51.81.2.58
51.89.133.215
000fe7f9fbba7908363a55d0fa802c5ca734e8a99c2e157ae941b5a4ca894202
083792e11372f89474d0b4cfe2d2e447ec43efc307fa0ef34c571f760d02b99f
09776a70293f8fca116e4e9f198f7d546758a10239c5165b857e246f78eadc7c
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750
13ec4684ec9818d68b90f8bbdad62d7d1303f3cc6a93f24abe1238671c416fd3
1c79c61dae107d361e58122e308f84bdd9c2d422331637e3e95c1506e388a64c
2a60f92f29d0c8f211cf662730bae024f912e4ec299d5c626612a4bf270f7b93
3513fb280061afad641204f4ae8c55fe538935031164ba336768e280703b9596
4ce39e0a34bfd15c693f217c5b8832da66cf54c6206c60a935fa5484f6f6f280
520dcb98bdc5c1314e09293ec51924338ca35115192ef860d80f940a72b3d4a7
56d31838cb90e196f86dc55b17e8297a5c36436fab92741ddd2f28df889cd91a
56fb37398db69974b1e26fb28c6cace3b67556c85f0e1a49bb3e17698b2103f2
5a515ba6c1b6e58fb4457874a944a5324ed11c95e37c9479b8ca59caa0b0951c
680dfb50bd957ba489d1b0174631008b700bf713aef5622a140884996aa97890
68d5bef571c6a9e14d8a182bc2ed9cbe64d353a86dcba0387440760cbeed8f53
6ba5825fe9b8b015d9b7a98c11a64376a6c7b6cfb2a3c4fab972f1906b11d0d4
8670e0365a11c2951da60262f1389a48f7e124a2b135efc90193efc3ffc737e7
876ad109975ac21bd321087c75ee1cd7302ee4cb3cb6b224d1fd71d42d11d8ae
8f94d97028774bb4ea151757601785ff2f237db470673a154df9aa533e3b5090
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
a58c97ccc35e969e789094f4e263227fb36f50c9b587be685275625ead51a562
a73608ccf909815edca9aabed031784cdc36cd37c6448530346b7c376a8ec8f3
a8309f2660574663ac2c0840ed70a7def033f373ab5c94791b2acf3a2042cec9
a872eea149b6b4e6ffa100b36cf79144d19ad54ca261471957ca8ecf3fb2d869
ae15b9c3964fa6a6fea3df4e46809a8ee86aa117776bc455a110fc8d58622b36
ba94a8b6b882d87de0b71728da739a8ddf7c6bcedb337878382cce6af3a1995c
c6ae31ee9b2e9018d4bfe1391e9de68194ccc731c82aa1213cb33d61e45286bd
c7452fb8f62087a70d23707078c8dcd8612b6f3cb88e2a8f42ed33424bdf81f2
cf5c264039071a1eaeec5a13af0eae9b99b947170c10d3c50e1fc79fd2eab3d1
d7bad8401a68f1e181972fa3437a132094714c999c44a8ac7dbfb20826f8f4bb
e02b58688ab9781c6b83463d1ea9fd197e79a54e6110f4654f90e08982ba8f88
e2482d68f0192b468c48898124437dbec07d656158ff0a79c5da30a876cf7f85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58d267a8835b80847cd4def641c9839559a5f95ff889841751efb87624257b0
eb35797431f0e49d3c0ed064e0937265dba901fffabb1cce46fda19ce57267c7
ed88e3d475c021abb29974dc4ce1cae306cbc880861e6b9c61735db671812bd6
f3391457cee5d20fffc25f0d2ceba5951ed58f758f361419a1eb15233bb66a65
f5e0d479f55939ec4c40cbef0118b464733bea591b19cd7245bbfe33ab828120
f998ffad603c47bb311e96e546667a0c83c2d20fcd53ee5875e3354ba18a0dae
fb662fe84215d8e0d3d9564e2ae309ebf122b9871d6b23bffb474af0dddcc101