trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366583818553131074&website=22040-b30cf673&placement=22040&eyeg=1
51.68.85.158 0 B URL trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366583818553131074&website=22040-b30cf673&placement=22040&eyeg=1
IP 51.68.85.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366583818553131074&website=22040-b30cf673&placement=22040&eyeg=1 HTTP/1.1
Host: trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Wed, 08 May 2024 12:18:43 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://2358ba28.persefone.top/rc/7edf752b35?pubid=pubid&affclick=8052099376595984038
www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366602166653419548&website=13260-801fc700-31a2e730&placement=13260
51.68.85.158 4.4 kB URL www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366602166653419548&website=13260-801fc700-31a2e730&placement=13260
IP 51.68.85.158:0
File type HTML document, ASCII text, with very long lines (3497)
Hash f8f192babc5bb4716c1ae876a66072ec
09ff3de47bfe824109c325b7bc4a6f64b7af8783
e90e770c2535a46526583cf235be9c22dd7d57b006b709d5ef6cf4f655ee79fe
GET /?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366602166653419548&website=13260-801fc700-31a2e730&placement=13260 HTTP/1.1
Host: www.trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tuk.kutberg.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 12:18:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform
Accept-CH: Sec-CH-UA-Platform-Version
cdn.addlnk.com/redirect.css
104.21.19.98 5.8 kB URL cdn.addlnk.com/redirect.css
IP 104.21.19.98:0
File type ASCII text, with very long lines (1242), with no line terminators
Hash 5a3c9c45b881a166810cf80fc97bdb7e
402ef1f36cb82dc3ebbf1b7ff8b538d17b256ed0
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
GET /redirect.css HTTP/1.1
Host: cdn.addlnk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2358ba28.persefone.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 12:18:43 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1680
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
x-amz-id-2: AoXod/ZXfujOPTXmqpybjdVBRwMiv2S1rg1qh7wC2lIS1l8TIMLw+Zkkbs2sTT8o1804g0X2/28gYQf6HzcYpw==
x-amz-request-id: AG08DBJ4MZ3YCNZ8
cf-cache-status: HIT
age: 5477
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yahf8vIurDL4OWXL6da6gPjK4b81NI0e2Wzmc%2B94wQal4YP5ifQxvB60uxPHvbLlyhuk5U0eZrpT9xt6QNC%2F7%2FvaWXzCR4VzZdTd9hhopzkpaDHGRFIQQ92nIHbmzReEsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880964e09a111c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366602166653419548&website=13260-801fc700-31a2e730&placement=13260&eyeg=5f9e6c0dd1e3f65f9692e6a2e10cbdb0&eyer=0.2622744641404574&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=tuk.kutberg.com
51.68.85.158 0 B URL www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366602166653419548&website=13260-801fc700-31a2e730&placement=13260&eyeg=5f9e6c0dd1e3f65f9692e6a2e10cbdb0&eyer=0.2622744641404574&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=tuk.kutberg.com
IP 51.68.85.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366602166653419548&website=13260-801fc700-31a2e730&placement=13260&eyeg=5f9e6c0dd1e3f65f9692e6a2e10cbdb0&eyer=0.2622744641404574&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=tuk.kutberg.com HTTP/1.1
Host: www.trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Wed, 08 May 2024 12:18:44 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366602166653419548&website=13260-801fc700-31a2e730&placement=13260&eyeg=3&eyer=0.2622744641404574&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=tuk.kutberg.com
www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366602166653419548&website=13260-801fc700-31a2e730&placement=13260&eyeg=3&eyer=0.2622744641404574&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=tuk.kutberg.com
51.68.85.158 0 B URL www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366602166653419548&website=13260-801fc700-31a2e730&placement=13260&eyeg=3&eyer=0.2622744641404574&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=tuk.kutberg.com
IP 51.68.85.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366602166653419548&website=13260-801fc700-31a2e730&placement=13260&eyeg=3&eyer=0.2622744641404574&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=tuk.kutberg.com HTTP/1.1
Host: www.trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Wed, 08 May 2024 12:18:45 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330005cf898ecc8bb078a3c121097286ff2430508-202405-flb*5768231-bead7*M7366602166653419548*sl_5768231-bead7*09e698e771fbfc93f46878b22e469f19cfdef113*13260-801fc700-31a2e730*13260
admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330005cf898ecc8bb078a3c121097286ff2430508-202405-flb*5768231-bead7*M7366602166653419548*sl_5768231-bead7*09e698e771fbfc93f46878b22e469f19cfdef113*13260-801fc700-31a2e730*13260
172.67.71.68 173 B URL admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330005cf898ecc8bb078a3c121097286ff2430508-202405-flb*5768231-bead7*M7366602166653419548*sl_5768231-bead7*09e698e771fbfc93f46878b22e469f19cfdef113*13260-801fc700-31a2e730*13260
IP 172.67.71.68:0
File type HTML document, ASCII text
Hash 1d575a5af1cdd6703d19847fc1eb53e4
396858ee0bcd52ae9a9a6159f38340c7aa318862
2dab183c2a176ffe69d037b61ea9c60f2b77e25dc3e3491c0ce1c304fc19a9f1
GET /track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330005cf898ecc8bb078a3c121097286ff2430508-202405-flb*5768231-bead7*M7366602166653419548*sl_5768231-bead7*09e698e771fbfc93f46878b22e469f19cfdef113*13260-801fc700-31a2e730*13260 HTTP/1.1
Host: admoustache.aftrad-visit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 08 May 2024 12:18:45 GMT
content-type: text/html; charset=utf-8
content-length: 173
location: https://mety.panparan.com/rc/a91581ead4?affclick=201BzChZ74zCWM9zsdJZs4aiw4iN5EAEDWUmL86c84pw4BfzSnu3wUpQ31oQUkKvnr6LUk&pubid=1B7fmUHKE&pubid=
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jObKBNW%2F4m7YZI%2BolQa7PWkFbTAqEVoiznGHp9BfwEsxu9xboU7YF8JLacqwtqOIzDhEtdJanpmYS4QeFwchBaH8Zo%2FeDRhXjuGOaLn9mXCFa%2FkRQvY5vm5biJuuOQuS4%2BTRYfc4B2Scrav1AoQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880964e7ebb95697-OSL
X-Firefox-Spdy: h2
www.trimbuilder.foundation/favicon.ico
51.68.85.158 0 B URL www.trimbuilder.foundation/favicon.ico
IP 51.68.85.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Wed, 08 May 2024 12:18:45 GMT
Connection: keep-alive
cdn.addlnk.com/redirect.css
172.67.185.188 396 B URL cdn.addlnk.com/redirect.css
IP 172.67.185.188:0
File type ASCII text, with very long lines (1242), with no line terminators
Hash 5a3c9c45b881a166810cf80fc97bdb7e
402ef1f36cb82dc3ebbf1b7ff8b538d17b256ed0
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
GET /redirect.css HTTP/1.1
Host: cdn.addlnk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mety.panparan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 12:18:45 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1680
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
x-amz-id-2: AoXod/ZXfujOPTXmqpybjdVBRwMiv2S1rg1qh7wC2lIS1l8TIMLw+Zkkbs2sTT8o1804g0X2/28gYQf6HzcYpw==
x-amz-request-id: AG08DBJ4MZ3YCNZ8
cf-cache-status: HIT
age: 5479
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yx90AGDj8%2FLAoMkSnsejp2uYHPFezPaykh19xarfSUpcNxa10RNkLJmoTE91%2FopzztQlBrgDj3fQ9yYkzCogHN7K8MutTWsNRqVNcFq5zLo6wHThuhfgC3Qi31CYYd3YGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880964ea7d761c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
172.67.134.193 3.6 kB URL mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
IP 172.67.134.193:0
File type JavaScript source, ASCII text, with very long lines (7813), with no line terminators
Hash 403a498361cc2fa7fdf53b91cd2d8bdb
92f8b21e97d290cfb918e3a5a0ac07799923ebb3
77237d71d193f320146361bbdbacdb7dc8f280588dce37f25b493b427dbff351
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js HTTP/1.1
Host: mety.panparan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 12:18:45 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CWWDt8hVytZu3rQi%2BftXmr6nN2ECn8iw4v%2FO1Veauj9BLGqUgYIvqsdCsdMGTryhiE22quFmbmBzioDOrbs%2FoiuyqdtqnULCTuUF02cYpAs69qdEIRS8v0Flac2o6g%2FyJGO1uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880964eaee717127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cartining-specute.com/2c8047c4-066e-4834-a1b5-360c8c138f20?partner_id=20961&click_cost=0&subid=M7366602175243354117
18.197.36.77302 Found 0 B URL User Request GET HTTP/2 cartining-specute.com/2c8047c4-066e-4834-a1b5-360c8c138f20?partner_id=20961&click_cost=0&subid=M7366602175243354117
IP 18.197.36.77:443
Certificate IssuerLet's Encrypt
Subjectcartining-specute.com
Fingerprint7F:82:DA:7A:66:A7:71:66:EE:8C:DE:A5:B5:44:E6:F7:AB:0B:74:08
ValidityTue, 26 Mar 2024 06:48:17 GMT - Mon, 24 Jun 2024 06:48:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2c8047c4-066e-4834-a1b5-360c8c138f20?partner_id=20961&click_cost=0&subid=M7366602175243354117 HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://click.mobsuitemo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 12:18:46 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sweetiemeet.com/tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_source=int&affid=497f5345&subid=&clickid=w9l2qqec9q4of451317hnui0&subid2=w9l2qqec9q4of451317hnui0
pragma: no-cache
set-cookie: 2c8047c4-066e-4834-a1b5-360c8c138f20-v4=j5kNS4CHZAUudrbE8TQwJzSgZunLr8_1dc4Iib_TM5I; Max-Age=86400; Expires=Thu, 09-May-2024 12:18:46 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=k4yiK7%2BjFrNLqQV5LCm4kT2i6so6c6TY2nX4bEEHjaw1c6nXp8XXfhHWf9dyFr6rLGxwyf%2FilFeLKa%2Fmf2YmU3nTpsbORr%2FBXxPyaDeWyUe0aq5fiE3kepC5%2BWaD1%2F96O5%2FlJKa0ro6IziU3Juplhg%3D%3D; Max-Age=31536000; Expires=Thu, 08-May-2025 12:18:46 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
click.mobsuitemo.com/favicon.ico
173.236.35.190 1.2 kB URL click.mobsuitemo.com/favicon.ico
IP 173.236.35.190:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 91abe01116ab422c598e9c8af72cf4da
0f2815fe8e067d48537ad168225ab4674271fa27
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
GET /favicon.ico HTTP/1.1
Host: click.mobsuitemo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://click.mobsuitemo.com/proc.php?4411b75f205a87e8f0dfa73f407d2421faf56944
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx
date: Wed, 08 May 2024 12:18:46 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Fri, 11 Aug 2023 10:37:02 GMT
etag: "64d60f4e-47e"
expires: Thu, 09 May 2024 12:18:46 GMT
cache-control: max-age=86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=604800; persist=1
accept-ranges: bytes
ocsp.r2m03.amazontrust.com/
143.204.53.97 471 B URL ocsp.r2m03.amazontrust.com/
IP 143.204.53.97:0
Hash 339e73747af7989db72d1727772453f0
76b1d844010ef3083df348cb7b5b873792a2875d
eb1691b7e2a16ba9a0ec38f1e6af014f87397af2e2cf659090f6ecc5c9cd16fe
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 12:18:47 GMT
Server: ECAcc (amb/6B27)
X-Cache: Miss from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2BP12V-twX30RDNPPaEP7QH6cxSSZSCM7H4D2KJpvPIBOAbfYnf2QA==
sweetiemeet.com/bridge/intg.js
54.230.111.88200 OK 7.8 kB URL GET HTTP/2 sweetiemeet.com/bridge/intg.js
IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (338)
Hash 0984735e7d9ea7efeccf7f8b98fde33b
3657ab09102c809a5b568d3d19fc36bc09c6a860
36765069dc707a1f004301bbc55ee5359b317ab1f2cb66ebfff536522c82fc78
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /bridge/intg.js HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 08 May 2024 12:18:47 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=3600
last-modified: Thu, 02 May 2024 15:51:21 GMT
etag: W/"153-18f3a00c8a8"
vary: Accept-Encoding, Accept-Encoding
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xdGryu4G-oKrtpPg5A6te7EzxmWROqnSzvmDNcvfV4QBIdnBbIVwHw==
X-Firefox-Spdy: h2
ocsp.r2m03.amazontrust.com/
143.204.53.97 471 B URL ocsp.r2m03.amazontrust.com/
IP 143.204.53.97:0
Hash 339e73747af7989db72d1727772453f0
76b1d844010ef3083df348cb7b5b873792a2875d
eb1691b7e2a16ba9a0ec38f1e6af014f87397af2e2cf659090f6ecc5c9cd16fe
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 12:18:47 GMT
Server: ECAcc (amb/6B09)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ie6GMkhXnh2fuI5_ISOCJbw_4IuN9pfEEkjsSsZHl2H08kloF-bbCQ==
ocsp.r2m03.amazontrust.com/
143.204.53.97 471 B URL ocsp.r2m03.amazontrust.com/
IP 143.204.53.97:0
Hash 339e73747af7989db72d1727772453f0
76b1d844010ef3083df348cb7b5b873792a2875d
eb1691b7e2a16ba9a0ec38f1e6af014f87397af2e2cf659090f6ecc5c9cd16fe
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 12:18:48 GMT
Server: ECAcc (amb/6AB4)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uzDDRQCUetboC4bjyvtDKR1pIx1Sx15Y0LV0h7ROMd6xkoUPLB5jSg==
cdn3reference.com/landings/21682/images/girl.jpg
54.230.111.43200 OK 36 kB URL GET HTTP/2 cdn3reference.com/landings/21682/images/girl.jpg
IP 54.230.111.43:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectcdn3reference.com
Fingerprint68:6A:A1:F6:FE:1A:5F:E6:C3:5E:6E:F8:DE:09:60:05:AC:97:56:FC
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x743, components 3
Hash 1da3fabcb472c476642ab2053739cb68
7e1e11f5219f0c63d699dcec11a529cd0b1deee6
cf8adb43aefee06727a4b762ec61a9b90191504c6b02c6e20ff888d3cbd00c46
GET /landings/21682/images/girl.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 35512
server: nginx
last-modified: Mon, 25 Dec 2017 15:36:05 GMT
accept-ranges: bytes
date: Wed, 08 May 2024 12:18:48 GMT
cache-control: public, max-age=604800
etag: "8ab8-5612beca0c340"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5YJyEZ8UuEdeR-4DJUl67KJqOoQQcE9gsbcZbYRJDYw5gWA7LQoeLQ==
X-Firefox-Spdy: h2
sweetiemeet.com/bts.js
54.230.111.88301 Moved Permanently 134 B IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /bts.js HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
content-type: text/html
content-length: 134
age: 2523
server: awselb/2.0
date: Wed, 08 May 2024 11:36:45 GMT
location: https://bts.insigit.com:443/bts.js
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Gj7eT0i-J5rj6qqmSVwTHVLYWkj3xZW0owN4m5J003nmRQEPph7A-g==
www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
142.250.74.72200 OK 77 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
IP 142.250.74.72:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File type JavaScript source, ASCII text, with very long lines (4073)
Hash 09cdf75ffb55fa427b96728bfb28c68e
ac962742eeafbb6e1194b98cacde7b30e1a71919
275a2c18c52de0858f169813ca3df0573f81381405921da5d15fb3b023f0137e
GET /gtm.js?id=GTM-KMSJRW&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 12:18:48 GMT
expires: Wed, 08 May 2024 12:18:48 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 May 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76967
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.131200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.131:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Hash 015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 371946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.131200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.131:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Hash 015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 371946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m03.amazontrust.com/
143.204.53.97 471 B URL ocsp.r2m03.amazontrust.com/
IP 143.204.53.97:0
Hash 9cdfe88a10202c5be29ae543ba1768d6
fb7da0e5b0de15b5e69beb218adf5ffbe812e65b
22ba3aaee87ac999eb2489739b71f779f3c9477f9d7acde9a29d9be5eeb7a5f5
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 12:18:48 GMT
Last-Modified: Wed, 08 May 2024 10:51:00 GMT
Server: ECAcc (ska/F776)
X-Cache: Miss from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cJtC7vWL5KtGVwDTQhl0k0MJXYRpdRGJh_IzFw9kKE1YcfPvY3KpKQ==
Age: 5269
cdn3reference.com/landings/21682/js/5253a72c66c176f0bd4b48a71c340612.js
54.230.111.43200 OK 43 kB URL GET HTTP/2 cdn3reference.com/landings/21682/js/5253a72c66c176f0bd4b48a71c340612.js
IP 54.230.111.43:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectcdn3reference.com
Fingerprint68:6A:A1:F6:FE:1A:5F:E6:C3:5E:6E:F8:DE:09:60:05:AC:97:56:FC
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 38f19162730e4146f35b7dcfe3c5383f
f115b387794a4c9676b0789986a798182ecebe89
9eaf134673d77cf07abcdb16d5fbaec078c676108104786143e413099d770a6a
GET /landings/21682/js/5253a72c66c176f0bd4b48a71c340612.js HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
last-modified: Mon, 25 Dec 2017 15:36:46 GMT
content-encoding: gzip
date: Wed, 08 May 2024 12:18:48 GMT
etag: W/"17cf2-5612bef125f80"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m3cgTfH8BaQ1p4BoPCbkGfaLC3R0hME4XHb4_jci8EkV_h0XKpE7NQ==
X-Firefox-Spdy: h2
sweetiemeet.com/b/tr
54.230.111.88202 Accepted 0 B IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 950
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=52404d173fb74a368d0d7bc5636c4753
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 12:18:49 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WUxscODtA6n5gQ--3uOTQKFy524Z0qaaMdlpta4qWMQNSd8r5Kq0yw==
sweetiemeet.com/b/tr
54.230.111.88202 Accepted 0 B IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 849
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=52404d173fb74a368d0d7bc5636c4753
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 12:18:49 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fBebHTuvempp9Sc24uSH8afCKqFZsx1xrW0U6NjT8v9YW0u8RRSKBQ==
sweetiemeet.com/b/tr
54.230.111.88202 Accepted 0 B IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 946
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=52404d173fb74a368d0d7bc5636c4753
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 12:18:49 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qJ0Pk8W5aJL8HbQlqU90w4ayPlpN9Kvx79M84vnwnWydX_dWGd2mDQ==
sweetiemeet.com/b/tr
54.230.111.88202 Accepted 0 B IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 849
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=52404d173fb74a368d0d7bc5636c4753
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 12:18:49 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v43RcsEGrqz312x6ig5pgB-bJdIIeNdHxEhVF0qrM4KrhGZClLVT5Q==
sweetiemeet.com/b/tr
54.230.111.88202 Accepted 0 B IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 843
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=52404d173fb74a368d0d7bc5636c4753
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 12:18:49 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E5cYjo0KlEdwJ8cyxD05I_2FwmRAtnEFZtnS-sSyvQdadVOvl81vvQ==
fonts.googleapis.com/css?family=Open+Sans:400,700
142.250.74.138200 OK 1.6 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700
IP 142.250.74.138:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File type ASCII text, with very long lines (1572)
Hash b69c29c8c917c014d6f4b79752d8ce0b
71a580b2e8792ba930815bcca3bda73e7715ca3f
5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0
GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn3reference.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 12:18:48 GMT
date: Wed, 08 May 2024 12:18:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sweetiemeet.com/b/tr
54.230.111.88202 Accepted 0 B IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 850
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=52404d173fb74a368d0d7bc5636c4753
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 12:18:49 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ncBiOWlICXtjx9sGpdb9RulZI6Tc3BSiBCgYGPF6-Uuo5-qjyqNrFA==
sweetiemeet.com/b/tr
54.230.111.88202 Accepted 0 B IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 839
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=52404d173fb74a368d0d7bc5636c4753
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 12:18:49 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: str0UxI4xUgBMIjayG7MvLUGqJXDt8ff0fuKjq9vkuwtQdQFhi530A==
sweetiemeet.com/b/tr
54.230.111.88202 Accepted 0 B IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 848
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=52404d173fb74a368d0d7bc5636c4753
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 12:18:49 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7RO5UFmeK7xg1y3XEbLQfJqP3FUqWcyg1NAuKNBADcSxV2shvksuBg==
sweetiemeet.com/tds/interlayer?handler=FrodiData
54.230.111.88200 OK 0 B URL POST HTTP/2 sweetiemeet.com/tds/interlayer?handler=FrodiData
IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /tds/interlayer?handler=FrodiData HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 1775
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 12:18:47 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: V7x9sK1UP4CiLNfpTE7RfZItrDCBnf-pcLbN5H5giUysOfz_vs8SFw==
X-Firefox-Spdy: h2
2358ba28.persefone.top/rc/7edf752b35?pubid=pubid&affclick=8052099376595984038
104.21.64.16 11 kB URL 2358ba28.persefone.top/rc/7edf752b35?pubid=pubid&affclick=8052099376595984038
IP 104.21.64.16:0
File type HTML document, ASCII text
Hash 68f0071771d4cb11daf5d842abccc93f
5fd1d430006663a5ee889935a7dcde1ff16e019a
09189239e5f2cf1eecf38bae6a3668e06dd1678128c4b44821b494b1d7490f40
GET /rc/7edf752b35?pubid=pubid&affclick=8052099376595984038 HTTP/1.1
Host: 2358ba28.persefone.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 12:18:43 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Language, Cookie
content-language: en
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RT2fT0oVN4kcgj7qSDCBZg7oF76pudl4JvdVRfN%2BPRaGnH83YPfqcNfflQE5pyC%2FLoiJBqzQkXjJTA2rU2lMSLLDNbX5PrqGWI3e895TgE2Pdh5SG61PyuaAbrgTHSOHoSJVQ0uZanTm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880964de1f69b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sweetiemeet.com/web-vitals@3.3.0/dist/web-vitals.iife.js
54.230.111.88200 OK 7.1 kB URL GET HTTP/3 sweetiemeet.com/web-vitals@3.3.0/dist/web-vitals.iife.js
IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (7180), with no line terminators
Hash c9c97c32b2a58ce5eb14cbd684631e0b
c41313cf88c7b4e7b2aa8d5a6cde575d76c4310b
4b84cf440a00fd8f8c4855eb73ad8b1cf90acacd592d2ac15b6dae78a26cb659
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /web-vitals@3.3.0/dist/web-vitals.iife.js HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
age: 13755924
date: Fri, 01 Dec 2023 18:20:42 GMT
access-control-allow-origin: *
content-encoding: gzip
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1b8b-2Pht765cKB7+cupYL/A9I7DYa+A"
via: 1.1 fly.io, 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
fly-request-id: 01HGJ3K6CGTYF0ZSHVHKXP89KJ-fra
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82ed587d0ba4373e-FRA
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E3ucqBP1SBN9_PFwwetdsQZInocHjauGN_SML8Ixz63Y2266ACccrQ==
sweetiemeet.com/integration.js?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
54.230.111.88200 OK 2.4 kB URL GET HTTP/2 sweetiemeet.com/integration.js?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (2547), with no line terminators
Hash 80732abb3d7d2c84fa1b7aa70d09df84
326bec6bc00829e2bb450d2853ae59e2394b63f2
a53dc19e5581da543751920a04cf5610e4674b26bbc07daecff54bd38bb482c7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /integration.js?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0 HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Wed, 08 May 2024 12:18:47 GMT
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"966-RD45dY9Ht9toSx2tryEfziWkhFo"
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -yoQpBn9JWEUv9eBsrEOsCWtzr7khiyhLrdzGTSbr9DcrhNqoGIClw==
X-Firefox-Spdy: h2
sweetiemeet.com/bridge/index.js
54.230.111.88200 OK 19 kB URL GET HTTP/2 sweetiemeet.com/bridge/index.js
IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (18821)
Hash 31ac533b3ecf8a8b34d8c65a86ea65b1
2a835d8081e68bf8cb57335e9022ae8279ead394
5cf3585f2f040f381d74c4d23f4ba5b34ec30cf9301ff94774a1ce70c1be26bc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /bridge/index.js HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 08 May 2024 12:18:47 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 02 May 2024 15:51:21 GMT
etag: W/"4986-18f3a00c8a8"
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: hgMGds8akG6WFc5i7Vg1X2Q4iUEMGhpji15zzXgjcaiWQeSN6Tjgmg==
X-Firefox-Spdy: h2
cdn3reference.com/landings/21682/css/3d95f33ffffbc2b4e53efb057b72ae6f.css
54.230.111.43200 OK 2.7 kB URL GET HTTP/2 cdn3reference.com/landings/21682/css/3d95f33ffffbc2b4e53efb057b72ae6f.css
IP 54.230.111.43:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectcdn3reference.com
Fingerprint68:6A:A1:F6:FE:1A:5F:E6:C3:5E:6E:F8:DE:09:60:05:AC:97:56:FC
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT
File type ASCII text, with very long lines (2681), with no line terminators
Hash 7d474964a5581b226d04d4f77836c259
ff4eadc7182f28c4ba7a7ac6d1ed0c296fadc0c2
40f83843224b654a4e3b58b11a3d90381b0586bfa9937ba95b7f53a06f2f7c32
GET /landings/21682/css/3d95f33ffffbc2b4e53efb057b72ae6f.css HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
server: nginx
last-modified: Mon, 25 Dec 2017 15:36:46 GMT
content-encoding: gzip
date: Wed, 08 May 2024 12:18:48 GMT
etag: W/"a72-5612bef125f80"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HmQuLeiIxtKyK9c_RRsOgU9IKToBzp11hG-6PqolbAOjXdsBkrWW_w==
X-Firefox-Spdy: h2
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?j_type=open&jump=21682&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9
143.204.55.119200 OK 35 B URL GET HTTP/2 retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?j_type=open&jump=21682&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9
IP 143.204.55.119:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectretarget2core.com
FingerprintAC:15:CC:37:0E:B3:F2:08:95:E0:FC:52:46:A2:9A:06:02:11:B5:F5
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?j_type=open&jump=21682&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9 HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
date: Wed, 08 May 2024 12:18:47 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
set-cookie: dci=bf7e93ec2b86a45f40f1ec0111538a434d365172; Max-Age=31536000; Domain=.retarget2core.com; Path=/; Expires=Thu, 08 May 2025 12:18:47 GMT; Secure; SameSite=None
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: aes4EDR53PZWJvjRO3PXobf2phAn6i7cbb3zv1YkCYMR98_889h2pg==
X-Firefox-Spdy: h2
sweetiemeet.com/tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_source=int&affid=497f5345&subid=&clickid=w9l2qqec9q4of451317hnui0&subid2=w9l2qqec9q4of451317hnui0
54.230.111.88302 Found 17 kB URL User Request GET HTTP/2 sweetiemeet.com/tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_source=int&affid=497f5345&subid=&clickid=w9l2qqec9q4of451317hnui0&subid2=w9l2qqec9q4of451317hnui0
IP 54.230.111.88:443
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_source=int&affid=497f5345&subid=&clickid=w9l2qqec9q4of451317hnui0&subid2=w9l2qqec9q4of451317hnui0 HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://click.mobsuitemo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
date: Wed, 08 May 2024 12:18:47 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
set-cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; Max-Age=31536000; Domain=.sweetiemeet.com; Path=/; Expires=Thu, 08 May 2025 12:18:47 GMT; Secure; SameSite=None
dm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Mon, 13 May 2024 12:18:47 GMT
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: uOzVc-XgBbqcG48ry1kY5hp4trXYJ5O1z9XFNdwxawpa-Rvu1Ee7Yg==
X-Firefox-Spdy: h2
sweetiemeet.com/ufis/main.js?utm_source=int&tds_ao=1&s1=ps&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsweetiemeet.com%2Fjump%3Futm_source%3Dint%26tds_ao%3D1%26s1%3Dps%26subid%3D%26subid2%3Dw9l2qqec9q4of451317hnui0%26dci%3D5bf254c206772fe9b3d483283c89c77df4a1e0f9%26tds_oid%3D21682%26id%3D21682%26tds_campaign%3Db1727pos%26tds_host%3Dsweetiemeet.com%26_tgUrl%3DaHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%252FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%253D%26affid%3D497f5345%26tds_id%3Db1727pos_jump_a_1598613018653%26tds_ac_id%3Ds0792tok%26tds_cid%3Dccdfae6b3996d474afcb3c64ca01966dd7cc3ef6%26clickid%3Dw9l2qqec9q4of451317hnui0&uaDataValues={}
54.230.111.88200 OK 199 B URL GET HTTP/2 sweetiemeet.com/ufis/main.js?utm_source=int&tds_ao=1&s1=ps&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsweetiemeet.com%2Fjump%3Futm_source%3Dint%26tds_ao%3D1%26s1%3Dps%26subid%3D%26subid2%3Dw9l2qqec9q4of451317hnui0%26dci%3D5bf254c206772fe9b3d483283c89c77df4a1e0f9%26tds_oid%3D21682%26id%3D21682%26tds_campaign%3Db1727pos%26tds_host%3Dsweetiemeet.com%26_tgUrl%3DaHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%252FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%253D%26affid%3D497f5345%26tds_id%3Db1727pos_jump_a_1598613018653%26tds_ac_id%3Ds0792tok%26tds_cid%3Dccdfae6b3996d474afcb3c64ca01966dd7cc3ef6%26clickid%3Dw9l2qqec9q4of451317hnui0&uaDataValues={}
IP 54.230.111.88:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 34da7c5ca056925017c6b515151b56fb
62c837d70fef5df6cd32a98d394d0a4da484ec81
d1e75a1ab55540bae67aedae90c7b4aca491728d98f4a2da8b8070f0af3c37c1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ufis/main.js?utm_source=int&tds_ao=1&s1=ps&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsweetiemeet.com%2Fjump%3Futm_source%3Dint%26tds_ao%3D1%26s1%3Dps%26subid%3D%26subid2%3Dw9l2qqec9q4of451317hnui0%26dci%3D5bf254c206772fe9b3d483283c89c77df4a1e0f9%26tds_oid%3D21682%26id%3D21682%26tds_campaign%3Db1727pos%26tds_host%3Dsweetiemeet.com%26_tgUrl%3DaHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%252FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%253D%26affid%3D497f5345%26tds_id%3Db1727pos_jump_a_1598613018653%26tds_ac_id%3Ds0792tok%26tds_cid%3Dccdfae6b3996d474afcb3c64ca01966dd7cc3ef6%26clickid%3Dw9l2qqec9q4of451317hnui0&uaDataValues={} HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Wed, 08 May 2024 12:18:47 GMT
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"c7-qF/KRh2X+Q6vUiRrlZdO6ruifCA"
vary: Accept-Encoding, Accept-Encoding
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gyT2kcjpayLxm3ZFk71cHavc5XHP8HwEqqesOTQpAbh4uxEOxIy5bA==
X-Firefox-Spdy: h2
sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
54.230.111.88200 OK 17 kB URL User Request GET HTTP/2 sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
IP 54.230.111.88:443
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0 HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://click.mobsuitemo.com/
DNT: 1
Connection: keep-alive
Cookie: dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9; dm=fe450dd0d1dadc615429144d33241f42
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 08 May 2024 12:18:47 GMT
server: nginx
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: aZCQF5G6OMnSbg9MWBtU3l8XVcs48kx6VNHVKRSCiq3T6wZmy4lxHw==
X-Firefox-Spdy: h2
cdn3reference.com/images/jump-favicon.ico
0.0.0.0 0 B URL GET cdn3reference.com/images/jump-favicon.ico
IP 0.0.0.0:0
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectcdn3reference.com
Fingerprint68:6A:A1:F6:FE:1A:5F:E6:C3:5E:6E:F8:DE:09:60:05:AC:97:56:FC
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/jump-favicon.ico HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
server: nginx
last-modified: Fri, 05 Dec 2014 08:28:50 GMT
content-encoding: gzip
date: Wed, 08 May 2024 12:18:49 GMT
cache-control: public, max-age=604800
etag: W/"47e-50973ddcdee10"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _NW1gS-Rwubcn-FVYJ719DfMZPyGAdVPM-rxw2fzikzjiuPUgtODMw==
X-Firefox-Spdy: h2
bts.insigit.com/bts.js
18.193.227.145200 OK 8.9 kB IP 18.193.227.145:443
Requested by https://sweetiemeet.com/jump?utm_source=int&tds_ao=1&s1=ps&subid=&subid2=w9l2qqec9q4of451317hnui0&dci=5bf254c206772fe9b3d483283c89c77df4a1e0f9&tds_oid=21682&id=21682&tds_campaign=b1727pos&tds_host=sweetiemeet.com&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvZWQzZWNlNjYyMjdkMzc1ODE3Njg5Yjg0MTNjN2Y0MTc%2FX190PTE3MTUxNzA3MjcyMzQmX19sPTM2MDAmX19jPWNjZGZhZTZiMzk5NmQ0NzRhZmNiM2M2NGNhMDE5NjZkZDdjYzNlZjY%3D&affid=497f5345&tds_id=b1727pos_jump_a_1598613018653&tds_ac_id=s0792tok&tds_cid=ccdfae6b3996d474afcb3c64ca01966dd7cc3ef6&clickid=w9l2qqec9q4of451317hnui0
Certificate IssuerAmazon
Subjectbts.insigit.com
FingerprintCE:F2:1B:70:1B:D1:E2:1A:82:E6:CC:0C:5A:46:F7:29:BA:F5:B6:7B
ValidityMon, 04 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (9115), with no line terminators
Hash 56ede0ed323768401ff546dabefbc8af
73483b46624ae2aa04cf47a76ef553ef8c645c48
95660c767667128322f3755f993c2bb14dbb5a6dc291689f24bc0eaac143dc7d
GET /bts.js HTTP/1.1
Host: bts.insigit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sweetiemeet.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 12:18:49 GMT
content-type: application/javascript
content-length: 8878
server: nginx
last-modified: Mon, 01 Apr 2024 08:23:54 GMT
etag: "660a6f1a-22ae"
cache-control: public, max-age=3600
accept-ranges: bytes
X-Firefox-Spdy: h2