Report - www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361182995962658825&website=15494-7ce6e2d6&placement=15494&eyeg=1

Report Overview

Submitted URL
www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361182995962658825&website=15494-7ce6e2d6&placement=15494&eyeg=1
IP
51.68.82.147
ASN
#16276 OVH SAS
Submitted
2024-04-23 21:50:24
Access
public
Website Title
Looking for sex tonight in your area?
Final URL
myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
54

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.trimbuilder.foundation	unknown	2024-04-08	2024-04-08	2024-04-22	595 B	223 B	51.68.85.158
jelzup.com	unknown	2024-04-15	2024-04-15	2024-04-18	629 B	14 kB	172.67.217.73
grix.ningutengo.com	unknown	2019-07-27	2022-12-17	2024-04-18	528 B	7.3 kB	188.114.96.1
myenjoydating.life	unknown	2023-07-21	2023-07-21	2024-04-16	12 kB	1.3 MB	185.155.186.20
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-22	512 B	1.2 kB	35.244.181.201
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-23	481 B	10 kB	142.250.74.106
mdakky.com	unknown	2023-10-12	2023-10-13	2024-04-22	1.1 kB	368 B	185.162.85.19
0c44a5.click	unknown	2024-03-31	2024-04-04	2024-04-18	716 B	9.6 kB	185.66.201.8
pfuatk.com	unknown	2024-04-08	2024-04-08	2024-04-18	1.8 kB	89 kB	185.162.87.220
tratbc.com	630821	2021-01-16	2021-01-20	2024-04-17	636 B	379 B	138.68.123.185
track.wbdpnz.com	unknown	2022-05-27	2022-06-01	2024-04-18	660 B	976 B	143.204.55.92
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-22	1.0 kB	66 kB	216.58.207.227
cdn.addlnk.com	246074	2014-11-21	2017-05-11	2024-04-20	419 B	6.6 kB	104.21.19.98

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-23	medium	pfuatk.com	Sinkholed
2024-04-23	medium	pfuatk.com	Sinkholed
2024-04-23	medium	pfuatk.com	Sinkholed
2024-04-23	medium	tratbc.com	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed
2024-04-23	medium	myenjoydating.life	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	myenjoydating.life/media/bb.js	639 B	2023-03-07	2024-05-04
Pretty URL myenjoydating.life/media/bb.js IP 185.155.186.20 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-04 00:35:00 Times Seen13758 Hash 0d553e4bac91c74bfee2dbabba61e99e 5af71e2377c9c012a7826a695f2724901941b19b 1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68 Loading...

	myenjoydating.life/media/dating/sinder2adult/js/touchswipe.min.js	11 kB	2023-03-07	2024-05-03
Pretty URL myenjoydating.life/media/dating/sinder2adult/js/touchswipe.min.js IP 185.155.186.20 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:23 Last Seen2024-05-03 00:37:58 Times Seen1993 Hash e18a1319eeff8fcb4b6374b3fdda08d8 6b3670f59186923576e343e6b8b8daa645d14dbc 0ab340987711378e8cb5582b1f97f6938037712213396d8e7c7f8fa7b1ab4e5a Loading...

	myenjoydating.life/media/dating/sinder2adult/js/timer.js	621 B	2023-03-07	2024-05-04
Pretty URL myenjoydating.life/media/dating/sinder2adult/js/timer.js IP 185.155.186.20 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-04 00:35:00 Times Seen7383 Hash 40fe503eb84093a37b15e39365ffc587 911128043c901314d283fe478477d26e2b3d821a 60b0f0de4c72c1ce9c05b36ba776f12538b1d9b80858b7099068a3e7e0415bc1 Loading...

	myenjoydating.life/media/dating/sinder2adult/js/jquery.js	93 kB	2023-03-07	2024-05-03
Pretty URL myenjoydating.life/media/dating/sinder2adult/js/jquery.js IP 185.155.186.20 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-03 20:20:07 Times Seen10396 Hash 628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Loading...

	myenjoydating.life/media/dating/sinder2adult/js/vegas.js	22 kB	2023-03-07	2024-05-03
Pretty URL myenjoydating.life/media/dating/sinder2adult/js/vegas.js IP 185.155.186.20 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-03 00:37:58 Times Seen1957 Hash 1a419deb38ff5a22cb817101bbf1adce 1fda0a3eb1b871a16a900d1132538112dc36a200 d20665d11b6b7b0df9119eb8100bc0623c52f1e719b7673b6c740a99d989bdfd Loading...

	myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca	667 B	2024-04-23	2024-04-23
Pretty URL myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca IP 185.155.186.20 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-23 23:50:25 Last Seen2024-04-23 23:50:25 Times Seen1 Hash 699f98333784490c4fb17d64c95ce9bc 40818eccef36a7b5e43937ae1d0496ee758203aa 168655a6ad03eb0a36a24dffd23f6d85024442be712fc37105e8ae8deece6307 Loading...

	myenjoydating.life/util/utils.js	7.5 kB	2023-03-07	2024-05-04
Pretty URL myenjoydating.life/util/utils.js IP 185.155.186.20 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-04 00:35:00 Times Seen20894 Hash 01816d15ca03032751161a746e2fb7c3 dcc72ea5fa1356490ba473288159df9786b4a3c3 8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea Loading...

	myenjoydating.life/media/dating/sinder2adult/js/wow.min.js	7.1 kB	2023-03-07	2024-05-03
Pretty URL myenjoydating.life/media/dating/sinder2adult/js/wow.min.js IP 185.155.186.20 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-03 00:37:58 Times Seen1487 Hash 40d8385730e212732209b2268ee704c4 8d1fdeeff2d5319719d1ee26ddb49086f532d6ed 914153d308670b304cc3d167b82bed9f7e6a3923e7ae9eda46fe87dac9040c86 Loading...

	myenjoydating.life/media/dating/sinder2adult/js/bootstrap.js	58 kB	2023-03-07	2024-05-03
Pretty URL myenjoydating.life/media/dating/sinder2adult/js/bootstrap.js IP 185.155.186.20 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-03 00:37:58 Times Seen2618 Hash cf1cf2fce27179c0de8a71c73b378f07 44a69a91c82f22941f0fd8c9f1c459eca33d8dbe d88949ad637b040b893c651e938b80f8a1aabc350c94c01c28e8a38fadab2df3 Loading...

	myenjoydating.life/media/exit-new/exit1.js	3.5 kB	2023-03-07	2024-05-04
Pretty URL myenjoydating.life/media/exit-new/exit1.js IP 185.155.186.20 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-04 00:35:00 Times Seen13430 Hash 625e5e2950612f771e246beb33c9ea61 e4fc251c6c000496c285f8dc3fa097040b031681 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46 Loading...

	myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca	0 B	2023-03-07	2024-05-04
Pretty URL myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca IP 185.155.186.20 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-04 00:38:02 Times Seen37320127 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	myenjoydating.life/media/dating/sinder2adult/js/jquery.countdown.js	9.6 kB	2023-03-07	2024-05-03
Pretty URL myenjoydating.life/media/dating/sinder2adult/js/jquery.countdown.js IP 185.155.186.20 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-03 00:37:58 Times Seen1757 Hash 6292a39650fa959a1617d42461dd3b9d 72fc3a06ed692b54098979f8bb5f33d5e1e959b4 ff4f2111640943da61697206b422470b7743bcb33b28b048bfc257dfcdb4b860 Loading...

	myenjoydating.life/media/dating/sinder2adult/js/trls.js	16 kB	2023-03-07	2024-05-03
Pretty URL myenjoydating.life/media/dating/sinder2adult/js/trls.js IP 185.155.186.20 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-03 00:37:58 Times Seen1066 Hash 782c3f17b5192235a8134cde70643267 b2475c26afd90aa51897106d2db5766854d67bef 8b500cfd26b6d4f43bbb21716f6d11c0cda70753a04089e120e8b6126a177ea2 Loading...

HTTP Transactions (39)

URL IP Response Size

www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361182995962658825&website=15494-7ce6e2d6&placement=15494&eyeg=1

51.68.85.158

0 B

URL
www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361182995962658825&website=15494-7ce6e2d6&placement=15494&eyeg=1
IP
51.68.85.158:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361182995962658825&website=15494-7ce6e2d6&placement=15494&eyeg=1 HTTP/1.1
Host: www.trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 23 Apr 2024 21:49:57 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://grix.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=1419006226474130060

grix.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=1419006226474130060

188.114.96.1

6.6 kB

URL
grix.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=1419006226474130060
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
6.6 kB (6612 bytes)
Hash
81fc33a9df2bb88a19506a0d348028e1
b62c773d8ff82489e51d312e1bcfbe6cf2ae0cc0
23c72d3d424629abde40bea6d015d99bde73837c8348e922ef54a39967d928b7

HTTP Headers

GET /rc/7edf752b35?pubid=pubid&affclick=1419006226474130060 HTTP/1.1
Host: grix.ningutengo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:49:58 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Language, Cookie
content-language: en
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IO%2FChzd08FAq0IHoo%2B15eXcbDIHlHYLnqrmiLXiF6%2FWxGqpnFglZ2P3vAkQ%2BhLGsUPojF8rXEaVQG0wa%2F8g%2BeDNt3c1EAItYJFqFYzMewj5dWCeezWHybwxtSFbXl1O%2FKLMj23vQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87911106b8e656bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pfuatk.com/images/bot-captcha/img2.png

185.162.87.220

6.8 kB

URL
pfuatk.com/images/bot-captcha/img2.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 94 x 70, 8-bit/color RGBA, non-interlaced
Size
6.8 kB (6809 bytes)
Hash
363f9239be45e8e79a78de5f87f66e02
5b87271d4b2cf33bcedab34faee06a4deb6a09d5
425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bot-captcha/img2.png HTTP/1.1
Host: pfuatk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pfuatk.com/bot-captcha?h=waWQiOjEwMjYxMTMsInNpZCI6MTMzOTUwMSwid2lkIjo1NTc2MTEsInNyYyI6Mn0=eyJ&click_id=30affC1713908999aff2da463b549282a071a509&si1=&si2=30288860
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 23 Apr 2024 21:50:00 GMT
content-type: image/png
content-length: 6809
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-1a99"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2

pfuatk.com/images/bot-captcha/img3.png

185.162.87.220

12 kB

URL
pfuatk.com/images/bot-captcha/img3.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced
Size
12 kB (12344 bytes)
Hash
02d63db8d1b7baaeb3f7ce167a07805f
17fdf882fa8fe42ec201ee731cfcd65d6d950d51
4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bot-captcha/img3.png HTTP/1.1
Host: pfuatk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pfuatk.com/bot-captcha?h=waWQiOjEwMjYxMTMsInNpZCI6MTMzOTUwMSwid2lkIjo1NTc2MTEsInNyYyI6Mn0=eyJ&click_id=30affC1713908999aff2da463b549282a071a509&si1=&si2=30288860
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 23 Apr 2024 21:50:00 GMT
content-type: image/png
content-length: 12344
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-3038"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2

pfuatk.com/images/bot-captcha/img1.png

185.162.87.220

70 kB

URL
pfuatk.com/images/bot-captcha/img1.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 450 x 428, 8-bit/color RGB, non-interlaced
Size
70 kB (69486 bytes)
Hash
9b56483e5d9d40bc59596db1e02c886a
82053d01b347ba17d0bc833293fa7ee118c3362a
9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bot-captcha/img1.png HTTP/1.1
Host: pfuatk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pfuatk.com/bot-captcha?h=waWQiOjEwMjYxMTMsInNpZCI6MTMzOTUwMSwid2lkIjo1NTc2MTEsInNyYyI6Mn0=eyJ&click_id=30affC1713908999aff2da463b549282a071a509&si1=&si2=30288860
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 23 Apr 2024 21:50:00 GMT
content-type: image/png
content-length: 69486
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-10f6e"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2

mdakky.com/rpe?a=1&s=1&act=18&src=2&p=1026113&st=1339501&wd=557611&d=pfuatk.com&tpl=7&rnd=0.4379679623176904&sbid=&sbid2=30288860

185.162.85.19

0 B

URL
mdakky.com/rpe?a=1&s=1&act=18&src=2&p=1026113&st=1339501&wd=557611&d=pfuatk.com&tpl=7&rnd=0.4379679623176904&sbid=&sbid2=30288860
IP
185.162.85.19:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rpe?a=1&s=1&act=18&src=2&p=1026113&st=1339501&wd=557611&d=pfuatk.com&tpl=7&rnd=0.4379679623176904&sbid=&sbid2=30288860 HTTP/1.1
Host: mdakky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pfuatk.com
DNT: 1
Connection: keep-alive
Referer: https://pfuatk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 23 Apr 2024 21:50:00 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2

jelzup.com/gosl/InNpZCI6MTMzOTUwMSwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjYxMTMs?click_id=30affC1713908999aff2da463b549282a071a509&si2=30288860

172.67.217.73

13 kB

URL
jelzup.com/gosl/InNpZCI6MTMzOTUwMSwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjYxMTMs?click_id=30affC1713908999aff2da463b549282a071a509&si2=30288860
IP
172.67.217.73:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
13 kB (12758 bytes)
Hash
07bacfdf5204005cbe0a13162fc946ec
5a85be2a67a6b46ba4a26d45d8191d2f483632bd
79b34fd553ba9671734f9f77f59342d269854855ed70137ca3fc5ee2a2a3a3db

HTTP Headers

GET /gosl/InNpZCI6MTMzOTUwMSwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjYxMTMs?click_id=30affC1713908999aff2da463b549282a071a509&si2=30288860 HTTP/1.1
Host: jelzup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0c44a5.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 23 Apr 2024 21:49:59 GMT
content-type: text/html; charset=UTF-8
location: https://pfuatk.com/bot-captcha?h=waWQiOjEwMjYxMTMsInNpZCI6MTMzOTUwMSwid2lkIjo1NTc2MTEsInNyYyI6Mn0=eyJ&click_id=30affC1713908999aff2da463b549282a071a509&si1=&si2=30288860
cache-control: no-cache
max-age: 0
x-zone: eu
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sl23R9nZHsUrKtW1mwWnQoSURme%2FKK3yO6Ob5XjXnRKy5bAWNvYgLjIJPt5fT4OgzuZDz6ptv7zOqFIS5NMcIXzhwh%2BR2kyUZ11xcUn0Sznzo1OZR%2BCaDdPzwD8o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8791110fa9610afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mdakky.com/rpe?a=1&s=1&act=7&src=2&p=1026113&st=1339501&wd=557611&d=pfuatk.com&tpl=7&rnd=0.2647047863226786&sbid=&sbid2=30288860

185.162.85.19

0 B

URL
mdakky.com/rpe?a=1&s=1&act=7&src=2&p=1026113&st=1339501&wd=557611&d=pfuatk.com&tpl=7&rnd=0.2647047863226786&sbid=&sbid2=30288860
IP
185.162.85.19:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rpe?a=1&s=1&act=7&src=2&p=1026113&st=1339501&wd=557611&d=pfuatk.com&tpl=7&rnd=0.2647047863226786&sbid=&sbid2=30288860 HTTP/1.1
Host: mdakky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pfuatk.com
DNT: 1
Connection: keep-alive
Referer: https://pfuatk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 23 Apr 2024 21:50:00 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2

tratbc.com/tb?h=waWQiOjEwMjYxMTMsInNpZCI6MTMzOTUwMSwid2lkIjo1NTc2MTEsInNyYyI6Mn0=eyJ&click_id=30affC1713908999aff2da463b549282a071a509&si1=&si2=30288860

138.68.123.185

302 Found

0 B

URL User Request GET HTTP/1.1
tratbc.com/tb?h=waWQiOjEwMjYxMTMsInNpZCI6MTMzOTUwMSwid2lkIjo1NTc2MTEsInNyYyI6Mn0=eyJ&click_id=30affC1713908999aff2da463b549282a071a509&si1=&si2=30288860
IP
138.68.123.185:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjecttratbc.com
Fingerprint95:0F:0A:AB:7B:5A:7D:25:E2:1E:9F:6C:80:8A:60:26:97:90:06:9A
ValidityTue, 20 Feb 2024 13:19:36 GMT - Mon, 20 May 2024 13:19:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tb?h=waWQiOjEwMjYxMTMsInNpZCI6MTMzOTUwMSwid2lkIjo1NTc2MTEsInNyYyI6Mn0=eyJ&click_id=30affC1713908999aff2da463b549282a071a509&si1=&si2=30288860 HTTP/1.1
Host: tratbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pfuatk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.15.0
Date: Tue, 23 Apr 2024 21:50:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://track.wbdpnz.com/0f72aceb-1686-4bca-a918-ff82f889bf8f?source_id=&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1026113&sub_period=&cost=&click_id=
X-Zone: eu

track.wbdpnz.com/0f72aceb-1686-4bca-a918-ff82f889bf8f?source_id=&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1026113&sub_period=&cost=&click_id=

143.204.55.92

302 Found

0 B

URL User Request GET HTTP/2
track.wbdpnz.com/0f72aceb-1686-4bca-a918-ff82f889bf8f?source_id=&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1026113&sub_period=&cost=&click_id=
IP
143.204.55.92:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjecttrack.wbdpnz.com
FingerprintC8:81:F6:79:E2:7A:64:3E:95:34:AA:C4:2E:5E:20:88:55:9B:AB:7E
ValidityWed, 17 Apr 2024 00:00:00 GMT - Fri, 16 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0f72aceb-1686-4bca-a918-ff82f889bf8f?source_id=&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1026113&sub_period=&cost=&click_id= HTTP/1.1
Host: track.wbdpnz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pfuatk.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
location: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
date: Tue, 23 Apr 2024 21:50:01 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: 0f72aceb-1686-4bca-a918-ff82f889bf8f-v4=Ms-BOe_Fp8evrATZvGPeZjSkd8eQ-1NBV2cSQ4PCU70; Max-Age=86400; Expires=Wed, 24-Apr-2024 21:50:01 GMT; Domain=track.wbdpnz.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22wjdokq54354ep5q03hgtpoca%22%2C%22caid%22%3A%220f72aceb-1686-4bca-a918-ff82f889bf8f%22%7D; Max-Age=31536000; Expires=Wed, 23-Apr-2025 21:50:01 GMT; Domain=track.wbdpnz.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bqcBiMUjjS_w6khJEGfn7uKXgBAl1f53Vl5q9EVD477JDPrh1u98Mg==
X-Firefox-Spdy: h2

myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca

185.155.186.20

200 OK

6.9 kB

URL User Request GET HTTP/1.1
myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (533), with CRLF line terminators
Size
6.9 kB (6910 bytes)
Hash
cc97607c3f011afc13b6a934cfbbbfa0
b28cbf62a13f266cb02b1aa25c97db96d0201e03
82411609a20df038ddbbebd549f1cab5b69338b5a7c3f9e0f194dd89a4789070

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pfuatk.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:01 GMT
Content-Type: text/html
Content-Length: 6910
Connection: keep-alive
set-cookie: sid=t2~00plzxoumbqe3bdeand1xkfn; path=/
cache-control: private, no-transform

myenjoydating.life/media/dating/sinder2adult/css/bootstrap.min.css

185.155.186.20

200 OK

100 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/css/bootstrap.min.css
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
ASCII text, with very long lines (65367), with CRLF line terminators
Size
100 kB (99578 bytes)
Hash
59e18774537c99e2a747caffdbf1499e
8bf8573b1496a490565fca1474063effd5381e16
aea66e66c9609f40f41877444473b430cfe99cc28f294a7c1660767e9db37b8c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/css/bootstrap.min.css HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:01 GMT
Content-Type: text/css
Content-Length: 99578
Connection: keep-alive
ETag: "59e18774537c99e2a747caffdbf1499e"
Last-Modified: Tue, 21 Nov 2023 12:29:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9070055562998
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223356#659641919/gid:0/gname:root/mode:33279/mtime:1655387455#258588892/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:55.258588892Z
Expires: Wed, 23 Apr 2025 21:50:01 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/dating/sinder2adult/css/style.css

185.155.186.20

200 OK

5.4 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/css/style.css
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
ASCII text, with CRLF line terminators
Size
5.4 kB (5395 bytes)
Hash
21addfa06b1e70ced9cb48f7fde7488d
9f1261873a1863725f0a5343f48fdf03173519da
917bbaafab2d22de7ed3c4415bae64cc9a230238840fd2082818f11c438aa5e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/css/style.css HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:01 GMT
Content-Type: text/css
Content-Length: 5395
Connection: keep-alive
ETag: "21addfa06b1e70ced9cb48f7fde7488d"
Last-Modified: Tue, 21 Nov 2023 12:29:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C905B72ADBE70B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223356#663641928/gid:0/gname:root/mode:33279/mtime:1655387455#258588892/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:55.258588892Z
Expires: Wed, 23 Apr 2025 21:50:01 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/dating/sinder2adult/js/vegas.js

185.155.186.20

200 OK

22 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/js/vegas.js
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
JavaScript source, ASCII text
Size
22 kB (21762 bytes)
Hash
1a419deb38ff5a22cb817101bbf1adce
1fda0a3eb1b871a16a900d1132538112dc36a200
d20665d11b6b7b0df9119eb8100bc0623c52f1e719b7673b6c740a99d989bdfd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/js/vegas.js HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: application/javascript
Content-Length: 21762
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "1a419deb38ff5a22cb817101bbf1adce"
Last-Modified: Mon, 20 Feb 2023 09:31:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C905B74E4F66F1
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676801713#141186621/gid:0/gname:root/mode:33188/mtime:1659086493#473884000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:21:33.473884Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/dating/sinder2adult/css/vegas.css

185.155.186.20

200 OK

15 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/css/vegas.css
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
ASCII text, with CRLF line terminators
Size
15 kB (14932 bytes)
Hash
456b6de9f41b67650ef5cfa88ea428a9
bb5ff666b0121a73d1465f6f218a27b8910e072d
fe021b8ac1b62ed1205600c44b1da6db3b4bf10b4d80f3fe080e16f01cf7de79

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/css/vegas.css HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: text/css
Content-Length: 14932
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "456b6de9f41b67650ef5cfa88ea428a9"
Last-Modified: Mon, 20 Feb 2023 09:31:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C905B737897EAD
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843395#111755995/gid:0/gname:root/mode:33279/mtime:1655387455#262588901/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:55.262588901Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/dating/sinder2adult/js/jquery.countdown.js

185.155.186.20

200 OK

9.6 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/js/jquery.countdown.js
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
JavaScript source, ASCII text
Size
9.6 kB (9550 bytes)
Hash
6292a39650fa959a1617d42461dd3b9d
72fc3a06ed692b54098979f8bb5f33d5e1e959b4
ff4f2111640943da61697206b422470b7743bcb33b28b048bfc257dfcdb4b860

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/js/jquery.countdown.js HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: text/javascript
Content-Length: 9550
Connection: keep-alive
ETag: "6292a39650fa959a1617d42461dd3b9d"
Last-Modified: Tue, 21 Nov 2023 12:29:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C905B750F86F4F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223356#707642029/gid:0/gname:root/mode:33188/mtime:1659086492#901883000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:21:32.901883Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/dating/sinder2adult/js/trls.js

185.155.186.20

200 OK

16 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/js/trls.js
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
Unicode text, UTF-8 text
Size
16 kB (15472 bytes)
Hash
782c3f17b5192235a8134cde70643267
b2475c26afd90aa51897106d2db5766854d67bef
8b500cfd26b6d4f43bbb21716f6d11c0cda70753a04089e120e8b6126a177ea2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/js/trls.js HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: text/javascript
Content-Length: 15472
Connection: keep-alive
ETag: "782c3f17b5192235a8134cde70643267"
Last-Modified: Tue, 21 Nov 2023 12:29:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C907182B00ABB8
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223356#727642074/gid:0/gname:root/mode:33188/mtime:1659086493#341884000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:21:33.341884Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/util/flag-icon/css/flag-icon.css

185.155.186.20

200 OK

41 kB

URL GET HTTP/1.1
myenjoydating.life/util/flag-icon/css/flag-icon.css
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
ASCII text, with CRLF line terminators
Size
41 kB (40627 bytes)
Hash
0a47b937981e7389e3ebe63e4a503066
01b395ad016a1d9d15016d765f7d2c51a6e2809b
d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /util/flag-icon/css/flag-icon.css HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: text/css
Content-Length: 40627
Connection: keep-alive
ETag: "0a47b937981e7389e3ebe63e4a503066"
Last-Modified: Wed, 20 Sep 2023 15:26:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C90615F4391F23
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134513#296037122/gid:0/gname:root/mode:33188/mtime:1655386274#684017000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:14.684017Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/dating/sinder2adult/css/animate.css

185.155.186.20

200 OK

61 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/css/animate.css
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
ASCII text, with very long lines (460), with CRLF line terminators
Size
61 kB (61188 bytes)
Hash
1cbfbb2c4ef85880799a74ab2f290f2a
9b6366d6c7ad05010f7070db70fba10754be6e9c
bfdad6766b12a3826bf32024f0fc13fffbcee84f102034b9270da7e538451031

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/css/animate.css HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:01 GMT
Content-Type: text/css
Content-Length: 61188
Connection: keep-alive
ETag: "1cbfbb2c4ef85880799a74ab2f290f2a"
Last-Modified: Wed, 20 Sep 2023 15:22:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C905B72AFC6986
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134507#428018772/gid:0/gname:root/mode:33279/mtime:1655387455#258588892/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:55.258588892Z
Expires: Wed, 23 Apr 2025 21:50:01 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/util/utils.js

185.155.186.20

200 OK

7.5 kB

URL GET HTTP/1.1
myenjoydating.life/util/utils.js
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
JavaScript source, ASCII text, with very long lines (641), with CRLF line terminators
Size
7.5 kB (7512 bytes)
Hash
01816d15ca03032751161a746e2fb7c3
dcc72ea5fa1356490ba473288159df9786b4a3c3
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /util/utils.js HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: application/javascript
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Mon, 20 Feb 2023 09:36:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C90711C6727621
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676885559#334512232/gid:0/gname:root/mode:33188/mtime:1659085489#684136000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:04:49.684136Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/dating/sinder2adult/js/wow.min.js

185.155.186.20

200 OK

7.1 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/js/wow.min.js
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
JavaScript source, ASCII text, with very long lines (7033)
Size
7.1 kB (7063 bytes)
Hash
40d8385730e212732209b2268ee704c4
8d1fdeeff2d5319719d1ee26ddb49086f532d6ed
914153d308670b304cc3d167b82bed9f7e6a3923e7ae9eda46fe87dac9040c86

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/js/wow.min.js HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: application/javascript
Content-Length: 7063
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "40d8385730e212732209b2268ee704c4"
Last-Modified: Mon, 20 Feb 2023 09:31:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C905B78AC282C8
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676801713#141186621/gid:0/gname:root/mode:33188/mtime:1659086494#573886000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:21:34.573886Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/dating/sinder2adult/js/jquery.js

185.155.186.20

200 OK

93 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/js/jquery.js
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
JavaScript source, ASCII text, with very long lines (32072)
Size
93 kB (93107 bytes)
Hash
628072e7212db1e8cdacb22b21752cda
0511abe9863c2ea7084efa7e24d1d86c5b3974f1
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/js/jquery.js HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: application/javascript
Content-Length: 93107
Connection: keep-alive
ETag: "628072e7212db1e8cdacb22b21752cda"
Last-Modified: Wed, 20 Sep 2023 15:22:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C905B73FD9B65E
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134507#428018772/gid:0/gname:root/mode:33188/mtime:1659086493#57883000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:21:33.057883Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/dating/sinder2adult/js/touchswipe.min.js

185.155.186.20

200 OK

11 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/js/touchswipe.min.js
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
JavaScript source, ASCII text, with very long lines (11417), with no line terminators
Size
11 kB (11417 bytes)
Hash
e18a1319eeff8fcb4b6374b3fdda08d8
6b3670f59186923576e343e6b8b8daa645d14dbc
0ab340987711378e8cb5582b1f97f6938037712213396d8e7c7f8fa7b1ab4e5a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/js/touchswipe.min.js HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: application/javascript
Content-Length: 11417
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "e18a1319eeff8fcb4b6374b3fdda08d8"
Last-Modified: Mon, 20 Feb 2023 09:31:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C905B78B8617FF
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843395#115756001/gid:0/gname:root/mode:33279/mtime:1655387455#246588865/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:55.246588865Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/dating/sinder2adult/js/bootstrap.js

185.155.186.20

200 OK

58 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/js/bootstrap.js
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
JavaScript source, ASCII text
Size
58 kB (58533 bytes)
Hash
cf1cf2fce27179c0de8a71c73b378f07
44a69a91c82f22941f0fd8c9f1c459eca33d8dbe
d88949ad637b040b893c651e938b80f8a1aabc350c94c01c28e8a38fadab2df3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/js/bootstrap.js HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: text/javascript
Content-Length: 58533
Connection: keep-alive
ETag: "cf1cf2fce27179c0de8a71c73b378f07"
Last-Modified: Tue, 21 Nov 2023 12:29:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C905B789030962
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223356#707642029/gid:0/gname:root/mode:33188/mtime:1659086492#825883000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:21:32.825883Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/dating/sinder2adult/js/timer.js

185.155.186.20

200 OK

621 B

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/js/timer.js
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
JavaScript source, ASCII text
Size
621 B (621 bytes)
Hash
40fe503eb84093a37b15e39365ffc587
911128043c901314d283fe478477d26e2b3d821a
60b0f0de4c72c1ce9c05b36ba776f12538b1d9b80858b7099068a3e7e0415bc1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/js/timer.js HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: application/javascript
Content-Length: 621
Connection: keep-alive
ETag: "40fe503eb84093a37b15e39365ffc587"
Last-Modified: Wed, 20 Sep 2023 15:22:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C905B788F0D23C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134507#428018772/gid:0/gname:root/mode:33188/mtime:1659086493#221883000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:21:33.221883Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/bb.js

185.155.186.20

200 OK

639 B

URL GET HTTP/1.1
myenjoydating.life/media/bb.js
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
ASCII text, with very long lines (639), with no line terminators
Size
639 B (639 bytes)
Hash
0d553e4bac91c74bfee2dbabba61e99e
5af71e2377c9c012a7826a695f2724901941b19b
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/bb.js HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: application/javascript
Content-Length: 639
Connection: keep-alive
ETag: "0d553e4bac91c74bfee2dbabba61e99e"
Last-Modified: Wed, 20 Sep 2023 15:21:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9065FAA835123
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134512#756035434/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.852764Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/exit-new/exit1.js

185.155.186.20

200 OK

3.5 kB

URL GET HTTP/1.1
myenjoydating.life/media/exit-new/exit1.js
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
JavaScript source, ASCII text, with very long lines (641), with CRLF line terminators
Size
3.5 kB (3473 bytes)
Hash
625e5e2950612f771e246beb33c9ea61
e4fc251c6c000496c285f8dc3fa097040b031681
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/exit-new/exit1.js HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: application/javascript
Content-Length: 3473
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "625e5e2950612f771e246beb33c9ea61"
Last-Modified: Mon, 20 Feb 2023 09:32:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C906B3C342697B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843279#623580037/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/dating/sinder2adult/images/logo.svg

185.155.186.20

200 OK

4.6 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/images/logo.svg
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
SVG Scalable Vector Graphics image
Size
4.6 kB (4564 bytes)
Hash
896592d7f2fa3d761c0b767e9399b010
ed1c0502263392938f4cbdd72afb1a8704bf840e
3417f549b6a1018ee687dd84aec136cb7fba2bb5b4c83cf269f9f8e958cc48de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/images/logo.svg HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: image/svg+xml
Content-Length: 4564
Connection: keep-alive
ETag: "896592d7f2fa3d761c0b767e9399b010"
Last-Modified: Wed, 20 Sep 2023 15:22:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9071A50ECF44E
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134507#428018772/gid:0/gname:root/mode:33279/mtime:1655387455#254588883/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:55.254588883Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/util/flag-icon/flags/4x3/no.svg

185.155.186.20

200 OK

331 B

URL GET HTTP/1.1
myenjoydating.life/util/flag-icon/flags/4x3/no.svg
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
SVG Scalable Vector Graphics image
Size
331 B (331 bytes)
Hash
c7ecfe59439b5fd23924fd206cf2fded
056fbd2b17c7f08bfb480d21973a96bf86fbd72a
4027f3320608508754640a6de4cb1cdabdef4654b5a214e875c134802345683f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /util/flag-icon/flags/4x3/no.svg HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/util/flag-icon/css/flag-icon.css
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: image/svg+xml
Content-Length: 331
Connection: keep-alive
ETag: "c7ecfe59439b5fd23924fd206cf2fded"
Last-Modified: Wed, 20 Sep 2023 15:26:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C907282A2708F4
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134513#304037147/gid:0/gname:root/mode:33188/mtime:1655386305#848080000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:45.84808Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myenjoydating.life
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:32:46 GMT
expires: Fri, 18 Apr 2025 02:32:46 GMT
cache-control: public, max-age=31536000
age: 501436
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48208, version 1.0
Size
48 kB (48208 bytes)
Hash
c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

HTTP Headers

GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myenjoydating.life
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 21:58:53 GMT
expires: Tue, 22 Apr 2025 21:58:53 GMT
cache-control: public, max-age=31536000
age: 85869
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

myenjoydating.life/media/dating/sinder2adult/images/slide3.jpg

185.155.186.20

200 OK

227 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/images/slide3.jpg
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1252, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=2004], baseline, precision 8, 2004x1252, components 3
Size
227 kB (227373 bytes)
Hash
3efb35e08cef28949adf7bdcccba78af
e2994c02e12eb80eef850dc55423c057613099d1
c58997426847dc8a4c74158e53bd9b9e888246662e4e0750680eecd0a24d5ab1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/images/slide3.jpg HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Content-Type: image/jpeg
Content-Length: 227373
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "3efb35e08cef28949adf7bdcccba78af"
Last-Modified: Mon, 20 Feb 2023 09:31:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C905BCFC613A8D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843395#115756001/gid:0/gname:root/mode:33279/mtime:1655387455#258588892/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:55.258588892Z
Expires: Wed, 23 Apr 2025 21:50:02 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/favicon.ico

185.155.186.20

204 No Content

0 B

URL GET HTTP/1.1
myenjoydating.life/favicon.ico
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 23 Apr 2024 21:50:02 GMT
Connection: keep-alive
Cache-Control: no-transform

myenjoydating.life/media/dating/sinder2adult/images/slide2.jpg

185.155.186.20

200 OK

327 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/images/slide2.jpg
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1252, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=2004], baseline, precision 8, 2004x1252, components 3
Size
327 kB (326748 bytes)
Hash
553799ee8cb33ead6daa48f4153a4fe6
5c17495bcaa9af37de603bc5139a9de5e7e74531
1d9c47b2e71f7e3a3eee4feede500469d5d7e60ad55e8ebb3e4cc3ef32ac8bd2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/images/slide2.jpg HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:04 GMT
Content-Type: image/jpeg
Content-Length: 326748
Connection: keep-alive
ETag: "553799ee8cb33ead6daa48f4153a4fe6"
Last-Modified: Tue, 21 Nov 2023 12:29:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C905B82128A38E
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223356#695642001/gid:0/gname:root/mode:33279/mtime:1655387455#254588883/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:55.254588883Z
Expires: Wed, 23 Apr 2025 21:50:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

myenjoydating.life/media/dating/sinder2adult/images/slide1.jpg

185.155.186.20

200 OK

224 kB

URL GET HTTP/1.1
myenjoydating.life/media/dating/sinder2adult/images/slide1.jpg
IP
185.155.186.20:443
ASN
#203639 Teknology SA

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerLet's Encrypt
Subjectmyenjoydating.life
FingerprintE6:2F:0E:C9:09:FB:6E:F3:14:82:4A:25:8A:25:A5:C7:57:1B:A1:9B
ValidityMon, 08 Apr 2024 00:37:43 GMT - Sun, 07 Jul 2024 00:37:42 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1252, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=2004], baseline, precision 8, 2004x1252, components 3
Size
224 kB (223916 bytes)
Hash
6f4928a0680ee3ae69c7102663ef0050
417b7b679103e26e27db16fc86d60746c8947dd2
cc06278c623a4cdf977f69bb9ff8eb0dd9eadd4b6f9183ffd7d825e2efcd0438

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/sinder2adult/images/slide1.jpg HTTP/1.1
Host: myenjoydating.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Cookie: sid=t2~00plzxoumbqe3bdeand1xkfn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:50:07 GMT
Content-Type: image/jpeg
Content-Length: 223916
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "6f4928a0680ee3ae69c7102663ef0050"
Last-Modified: Mon, 20 Feb 2023 09:31:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C90589863F9427
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843395#115756001/gid:0/gname:root/mode:33279/mtime:1655387455#254588883/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:55.254588883Z
Expires: Wed, 23 Apr 2025 21:50:07 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

cdn.addlnk.com/redirect.css

104.21.19.98

5.7 kB

URL
cdn.addlnk.com/redirect.css
IP
104.21.19.98:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1242), with no line terminators
Size
5.7 kB (5733 bytes)
Hash
5a3c9c45b881a166810cf80fc97bdb7e
402ef1f36cb82dc3ebbf1b7ff8b538d17b256ed0
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

HTTP Headers

GET /redirect.css HTTP/1.1
Host: cdn.addlnk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grix.ningutengo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:49:58 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1680
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
x-amz-id-2: hogeNgFQkGRbu5QqLBIQBNsh3it5WBWWVOpEfEN6uG+Iy6kQNIj+Mwas3t/cGFOLKGr+HPnjXf0=
x-amz-request-id: 0X9VFFN12X1ZYTHB
cf-cache-status: HIT
age: 5437
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8c5Tj8zNyvqsi2lAdzwxrT4mMCTVFGSz%2F0Eg%2Buqi%2FkGWsXkmRrdLYMPxNdoLmWGGOEwkfTDWcZQRLwmplG08eCRtW15nBaoJOUHMfPN4Boz5TZnSY8Z4u6vJ1tbS%2B7cgMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791110a29f81c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

0c44a5.click/go.php?go=https%3A%2F%2Fjelzup.com%2Fgosl%2FInNpZCI6MTMzOTUwMSwic21hcnRsaW5rIjp0cnVlfQ%3D%3DeyJwaWQiOjEwMjYxMTMs%3Fclick_id%3D30affC1713908999aff2da463b549282a071a509%26si2%3D30288860&do=89b16e5d245cef5ef1b7fa9ad00201f8

185.66.201.8

9.4 kB

URL
0c44a5.click/go.php?go=https%3A%2F%2Fjelzup.com%2Fgosl%2FInNpZCI6MTMzOTUwMSwic21hcnRsaW5rIjp0cnVlfQ%3D%3DeyJwaWQiOjEwMjYxMTMs%3Fclick_id%3D30affC1713908999aff2da463b549282a071a509%26si2%3D30288860&do=89b16e5d245cef5ef1b7fa9ad00201f8
IP
185.66.201.8:0
ASN
#201702 skHosting.eu s.r.o.

File type
HTML document, ASCII text
Size
9.4 kB (9362 bytes)
Hash
b24b73aabc1363bc5db3978aad2f1eaf
9b057f0a4287a2f30aff285f70c92aecc9277150
7dfb2e1a80e1b0a73ee693757093fd99f2d49b03e7f4d812302861c7d218e3f8

HTTP Headers

GET /go.php?go=https%3A%2F%2Fjelzup.com%2Fgosl%2FInNpZCI6MTMzOTUwMSwic21hcnRsaW5rIjp0cnVlfQ%3D%3DeyJwaWQiOjEwMjYxMTMs%3Fclick_id%3D30affC1713908999aff2da463b549282a071a509%26si2%3D30288860&do=89b16e5d245cef5ef1b7fa9ad00201f8 HTTP/1.1
Host: 0c44a5.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgmp.world/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:49:59 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=KFBmWHg6HgUohlUIW4n0wtDUn1wcqBUwiau8Pq3dmqSNPhmiPwZkFrdT2A-o94aSi8TPupn9rMkznn496nu2RfUNwATo7RbhX2ffdBs0Ahsmcb3z59hyPgDnarDNaMU2
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Tue, 23 Apr 2024 21:49:03 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 73
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,300,700|Raleway:400,700&subset=latin,cyrillic

142.250.74.106

200 OK

9.9 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:400,300,700|Raleway:400,700&subset=latin,cyrillic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://myenjoydating.life/?u=875kd01&o=46zmlec&t=&cid=wjdokq54354ep5q03hgtpoca
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (10130), with no line terminators
Size
9.9 kB (9882 bytes)
Hash
03d4c989bccfa7d2e6c210468c945f8c
fe8d0da4b9d908f4c3e063ab02869f4af9baac8b
ec0669b12ad6395336fdea3d6328e094a8b0c7bff7c1107ab21e3cc64b337a22

HTTP Headers

GET /css?family=Roboto:400,300,700|Raleway:400,700&subset=latin,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myenjoydating.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 23 Apr 2024 21:50:01 GMT
date: Tue, 23 Apr 2024 21:50:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML