| r.go2offer-1.com/click?pid=1698&offer_id=4492 | 34.90.46.36 | 302 Found | 0 B |
URL User Request GET HTTP/2r.go2offer-1.com/click?pid=1698&offer_id=4492 IP34.90.46.36:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerSectigo Limited Subjectr.go2offer-1.com Fingerprint4C:FC:5F:77:CD:1C:A2:15:FF:0F:25:3E:93:EB:4D:EB:54:5F:B2:27 ValidityMon, 25 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=1698&offer_id=4492 HTTP/1.1
Host: r.go2offer-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 25 Apr 2024 06:02:01 GMT
content-length: 0
location: https://r.trwl1.com/c1/e9473788-74c1-44a1-ae09-b3db83417b7f?cv1=&cv2=&cv3=&cv4=&cv5=&cv6=&cv7=&cv8=&cv9=1698
x-adjust-use-original-forwarded-for: 1
referer:
referrer-policy: no-referrer
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| r.trwl1.com/c1/e9473788-74c1-44a1-ae09-b3db83417b7f?cv1=&cv2=&cv3=&cv4=&cv5=&cv6=&cv7=&cv8=&cv9=1698 | 185.196.197.35 | 302 Found | 53 B |
URL User Request GET HTTP/1.1r.trwl1.com/c1/e9473788-74c1-44a1-ae09-b3db83417b7f?cv1=&cv2=&cv3=&cv4=&cv5=&cv6=&cv7=&cv8=&cv9=1698 IP185.196.197.35:443 ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjectr.trwl1.com Fingerprint86:C0:AE:B2:C1:BA:55:11:F3:7A:79:0D:44:F9:38:EF:C8:12:A1:44 ValidityThu, 14 Mar 2024 11:36:21 GMT - Wed, 12 Jun 2024 11:36:20 GMT
File typeHTML document, ASCII text Hash2445ae492f4c21f5c0891508347e1388 2a631ce90279906cfc0c374321ea28370aae37b7 a411ad34a4f2a4a7bd06cc834b4f43355709834f928b07dcc836862426d3b932
GET /c1/e9473788-74c1-44a1-ae09-b3db83417b7f?cv1=&cv2=&cv3=&cv4=&cv5=&cv6=&cv7=&cv8=&cv9=1698 HTTP/1.1
Host: r.trwl1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Thu, 25 Apr 2024 06:02:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 53
Connection: close
Location: https://tb.datingtopgirls.com/
Set-Cookie: lcid=cokv3mkej58qqjk4oiig; Path=/; Domain=trwl1.com; Expires=Fri, 26 Apr 2024 06:02:02 GMT; HttpOnly
uid=QkeGvEu-MH; Path=/; Domain=trwl1.com; Expires=Fri, 26 Apr 2024 06:02:02 GMT; HttpOnly
cid=cokv3mkej58qqjk4oiig; Path=/; Domain=trwl1.com; Expires=Fri, 26 Apr 2024 06:02:02 GMT; HttpOnly
X-Request-Id: 56e254e9-2487-414c-83b4-19d96f5eb03b
|
|
| | 31.220.24.141 | 200 OK | 764 B |
URL User Request GET HTTP/1.1IP31.220.24.141:443 ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjectdatingtopgirls.com Fingerprint4F:DD:97:E6:8E:2E:C6:BB:13:0F:08:4F:85:1E:AF:8B:F9:A0:F1:62 ValidityTue, 27 Feb 2024 22:01:39 GMT - Mon, 27 May 2024 22:01:38 GMT
File typeHTML document, ASCII text Hash30a4031ecb817d64c0d6a0dad7061906 fcc2174a085c5cb2c69c6e2e262581551e2d378f 7ca85690737646f4a9363313ed073a8f9c6997c8c4dc42c9a63bf14a3b6bb4ad
GET / HTTP/1.1
Host: tb.datingtopgirls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Thu, 25 Apr 2024 06:02:02 GMT
Content-Encoding: gzip
|
|
| tb.datingtopgirls.com/main.css | 31.220.24.141 | 200 OK | 1.8 kB |
URL GET HTTP/1.1tb.datingtopgirls.com/main.css IP31.220.24.141:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://tb.datingtopgirls.com/ CertificateIssuerLet's Encrypt Subjectdatingtopgirls.com Fingerprint4F:DD:97:E6:8E:2E:C6:BB:13:0F:08:4F:85:1E:AF:8B:F9:A0:F1:62 ValidityTue, 27 Feb 2024 22:01:39 GMT - Mon, 27 May 2024 22:01:38 GMT
Hashf0cf06a937ddd22be7074184ef7af221 11717d516b6461adc95b5cbde614caa46b09744e c7444436c6ddfd4263d7f1e4306cb89c16fbb64de5ae3fb06b5ea035361be79e
GET /main.css HTTP/1.1
Host: tb.datingtopgirls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tb.datingtopgirls.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Thu, 25 Apr 2024 06:02:02 GMT
Content-Type: text/css
Last-Modified: Tue, 19 Dec 2023 15:13:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6581b305-1b9b"
Content-Encoding: gzip
|
|
| tb.datingtopgirls.com/img/video.mp4 | 31.220.24.141 | 206 Partial Content | 119 kB |
URL GET HTTP/1.1tb.datingtopgirls.com/img/video.mp4 IP31.220.24.141:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://tb.datingtopgirls.com/ CertificateIssuerLet's Encrypt Subjectdatingtopgirls.com Fingerprint4F:DD:97:E6:8E:2E:C6:BB:13:0F:08:4F:85:1E:AF:8B:F9:A0:F1:62 ValidityTue, 27 Feb 2024 22:01:39 GMT - Mon, 27 May 2024 22:01:38 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size119 kB (119381 bytes) Hash7023c2d2367bee92f16a2e00c2861254 aacfb21256cd624a34b3ce4e22f0c0db994c45fc e073297d17fe904848dfbb17979bcaee9b6b456e3f0ae4903e6ab843befa923a
GET /img/video.mp4 HTTP/1.1
Host: tb.datingtopgirls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://tb.datingtopgirls.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx/1.24.0
Date: Thu, 25 Apr 2024 06:02:02 GMT
Content-Type: video/mp4
Content-Length: 119381
Last-Modified: Tue, 19 Dec 2023 15:13:09 GMT
Connection: keep-alive
ETag: "6581b305-1d255"
Content-Range: bytes 0-119380/119381
|
|
| | 172.67.133.54 | 302 Found | 13 kB |
URL User Request GET HTTP/2IP172.67.133.54:443
CertificateIssuerGoogle Trust Services LLC Subjectkinky-date.com FingerprintFC:24:90:64:ED:ED:53:4A:F5:13:AF:93:83:6C:C1:7D:DD:42:94:71 ValidityMon, 18 Mar 2024 04:39:14 GMT - Sun, 16 Jun 2024 04:39:13 GMT
Hashff4d4c8245b6979fa27ddeb64ec0d274 d8a28f5ec89b8729bd5f30f7b8b52ad14f0a4d86 ef06332eba63583277fbebbd1e9c9b23687536b1ae063ee00137d73dddf3eca3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: kinky-date.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 25 Apr 2024 06:02:01 GMT
content-type: text/html; charset=UTF-8
location: https://r.go2offer-1.com/click?pid=1698&offer_id=4492
cache-control: no-cache, private
set-cookie: tour=0; expires=Wed, 16-Apr-2025 06:02:01 GMT; Max-Age=30758400; path=/; domain=.kinky-date.com; secure; httponly; samesite=lax
segment=1; expires=Wed, 16-Apr-2025 06:02:01 GMT; Max-Age=30758400; path=/; domain=.kinky-date.com; secure; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QoE3z8mrz4y4zoSHQNKrsS4q5EL4y1ImqR%2FpuoiEJ0CNLFs2bT0CTB9hwTMUhLECUDjMusB8bgvHZPpX%2FJ5OAfP7Io7XXz7nYkzfMJszazsSLwhhdu9rdRqnJ6Z9X58HWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c1f2fedd2b50c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tb.datingtopgirls.com/favicon.ico | 31.220.24.141 | 200 OK | 15 kB |
URL GET HTTP/1.1tb.datingtopgirls.com/favicon.ico IP31.220.24.141:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://tb.datingtopgirls.com/ CertificateIssuerLet's Encrypt Subjectdatingtopgirls.com Fingerprint4F:DD:97:E6:8E:2E:C6:BB:13:0F:08:4F:85:1E:AF:8B:F9:A0:F1:62 ValidityTue, 27 Feb 2024 22:01:39 GMT - Mon, 27 May 2024 22:01:38 GMT
File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel Hash26d992478e452de11fb951c096eba389 3b2059f3ceca0a972bc88f25bcf1cdb51d76fede 8e11e8040988b883a9b4ad15dae77bbe7b26870e8e0f777087371013e1930308
GET /favicon.ico HTTP/1.1
Host: tb.datingtopgirls.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tb.datingtopgirls.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Thu, 25 Apr 2024 06:02:02 GMT
Content-Type: image/x-icon
Content-Length: 15086
Last-Modified: Tue, 19 Dec 2023 15:13:09 GMT
Connection: keep-alive
ETag: "6581b305-3aee"
Accept-Ranges: bytes
|
|
| cdn.onesignal.com/sdks/OneSignalSDK.js | 104.16.160.145 | 200 OK | 5.7 kB |
URL GET HTTP/2cdn.onesignal.com/sdks/OneSignalSDK.js IP104.16.160.145:443
Requested byhttps://tb.datingtopgirls.com/ CertificateIssuerGoogle Trust Services LLC Subjectonesignal.com Fingerprint28:4D:B2:BB:68:03:29:A7:D8:CB:4B:48:D4:14:BD:A4:4C:0F:D8:70 ValidityMon, 01 Apr 2024 23:12:28 GMT - Sun, 30 Jun 2024 23:12:27 GMT
File typeJavaScript source, ASCII text, with very long lines (9163) Hasha87c48d211877c49b878679b2e3cdab8 e75653dd0156806682e39abe8b1323ed40d840ca 4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tb.datingtopgirls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 06:02:02 GMT
content-type: application/javascript
etag: W/"a87c48d211877c49b878679b2e3cdab8"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1619
expires: Sun, 28 Apr 2024 06:02:02 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=UzXIKGYXCmcDJwjBSmbOYoW1Voag6agS7qwSDrn_AL4-1714024922-1.0.1.1-wV7i5lsxmodhpmkheDBY_bs4kXEyeg2fg8oWT0uWEjYQ0jSik8QOW_QtxkH4_uA04T3mSkn1.VEwTiI6Y5OLZQ; path=/; expires=Thu, 25-Apr-24 06:32:02 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 879c1f360f420b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2 | 216.58.207.227 | 200 OK | 13 kB |
URL GET HTTP/2fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2 IP216.58.207.227:443
Requested byhttps://tb.datingtopgirls.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 12968, version 1.0 Hash9d9347841a94810c11389b7544546a80 2d9e48222ce79fbf1769c9da614eaeeb3e58de0d 435102c6994284c58e63143d49204d6c3876633ffec220cc73ca05ff8e0156c9
GET /s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tb.datingtopgirls.com
DNT: 1
Connection: keep-alive
Referer: https://tb.datingtopgirls.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12968
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:30:40 GMT
expires: Fri, 18 Apr 2025 17:30:40 GMT
cache-control: public, max-age=31536000
age: 563482
last-modified: Wed, 11 Oct 2017 18:25:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|