Report - scsipc.top/click?o=2&a=4800&aff_click

Report Overview

Visited public
2024-06-30 14:38:45
Tags
URL
scsipc.top/click?o=2&a=4800&aff_click_id=12281k2a4gh507
Finishing URL
mwnqka.romanceaffairs.com/?s1=218301&s2=2007065&s3=4800&s5=backuser&click_id=62a87ft46xo1mvr63e&iexpp=1&j1=1&utm_source=da57dc555e50572d&ban=other
IP / ASN
104.21.13.92
#13335 CLOUDFLARENET
Title
Instadate

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-06-29 18:32:01	458 B	1.5 kB	142.250.74.106
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2024-06-30 04:47:32	872 B	46 kB	142.250.74.35
cdn-dimi.akamaized.net	unknown	2014-03-18	2022-07-07 15:18:25	2024-06-18 16:05:00	4.3 kB	1.5 MB	88.221.27.74
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-06-29 18:20:53	1.3 kB	2.8 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-06-29 18:15:51	1.1 kB	48 kB	216.58.207.227
mwnqka.romanceaffairs.com	unknown	unknown	No data	No data	2.1 kB	68 kB	52.19.138.177
scsipc.top	unknown	2023-11-29	2023-11-30 04:27:28	2024-04-17 15:16:50	511 B	45 kB	172.67.167.234
24in.butik23.top	unknown	unknown	No data	No data	585 B	45 kB	188.114.96.1
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-06-29 18:13:04	1.6 kB	4.4 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-06-30	medium	scsipc.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	From	Size	First Seen	Last Seen
	mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800	ScriptElement	2.2 kB	2024-08-19	2024-08-19
Pretty URL mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800 IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 18:43 Last Seen2024-08-19 18:43 Times Seen1 Hash 9517b7b10205725eda3a0f6fe5ae1092 b303000b9d87e1f7b48d2f09972176686f90922d cb58868c855ea202e98a46f7afd623e2e08c4a0db200b0a301c18e940e2a1e57 Loading...

	cdn-dimi.akamaized.net/landings/285829/1704989202/js/translates.js?1704989202	ScriptElement	25 kB	2023-12-07	2025-05-26
Pretty URL cdn-dimi.akamaized.net/landings/285829/1704989202/js/translates.js?1704989202 IP 88.221.27.74 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 09:50 Last Seen2025-05-26 05:59 Times Seen189 Hash 7455b9bda59236475645ed7fde6ec8ed 0d94306d56dcbfb68842b1b54f25957c0f008e37 965e93618f8d1ac1f5d552fde96a86308fb9fa8c8820186ad1ca4bbf5e84c17d Loading...

	mwnqka.romanceaffairs.com/js/pushjs/1.0.0/subscriber.js	ScriptElement	9.4 kB	2024-05-14	2024-08-19
Pretty URL mwnqka.romanceaffairs.com/js/pushjs/1.0.0/subscriber.js IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-14 15:18 Last Seen2024-08-19 23:00 Times Seen420 Hash 0ca69a320d6c689e61a4aa70b47715b7 acc2c843042287ad53718827618a0fc88ae28aa3 1d86dcaa15794145fe1f552bc8f3fcbc02dedcc4ece9fa0d5af3e0285d30f685 Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-app.js	ScriptElement	25 kB	2023-03-07	2024-08-29
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-app.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2024-08-29 18:11 Times Seen2206 Hash 9164d0e8a317eceb870cca88c9683127 4617c910005f7100b4ff26a458a8b4463e33cdc6 15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931 Loading...

	mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800	ScriptElement	4.0 kB	2024-08-19	2024-08-19
Pretty URL mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800 IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 18:43 Last Seen2024-08-19 18:43 Times Seen1 Hash 5b2d2347a532c02784a14e913c7e668c c0a8277908b04fc31905957e1ff139a383532d1f c9af464c36a6eea963a609806cfd0c3278ce145f9adf29f9418298a68ae778bc Loading...

	mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800	ScriptElement	3.8 kB	2024-08-19	2024-08-19
Pretty URL mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800 IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 18:43 Last Seen2024-08-19 18:43 Times Seen1 Hash 92065801681ab332e5457a661330730a e4dccfe2fdd026494812390a99471aae2d594f6d 10591961465eeaec7d9fc769159d2f7c2dadb182c94806dc0f22b3f7ed885482 Loading...

	mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800	ScriptElement	12 kB	2024-08-19	2024-08-19
Pretty URL mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800 IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 18:43 Last Seen2024-08-19 18:43 Times Seen1 Hash 42953438b3059e5b9adba12ab35c58b5 ce9c25a7715f394ae4bcebcc40fd6408bd1dcba5 4c8e91daa91b761e8b7ea9f9dfe6dcc1b4a2e60e10260872024a393edca57a84 Loading...

	cdn-dimi.akamaized.net/landings/285829/1704989202/js/scripts.js?1704989202	ScriptElement	511 B	2023-03-25	2025-05-26
Pretty URL cdn-dimi.akamaized.net/landings/285829/1704989202/js/scripts.js?1704989202 IP 88.221.27.74 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:54 Last Seen2025-05-26 05:59 Times Seen268 Hash 69e75e0997cdd1b51ef2d8f78358e937 f816503aceb6edd2fd9f0cc3f911b99817ca611d 40c9bae2946917f32864946aabede4750f809cf9f3ab600669faab410b82526c Loading...

	mwnqka.romanceaffairs.com/?s1=218301&s2=2007065&s3=4800&s5=backuser&click_id=62a87ft46xo1mvr63e&iexpp=1&j1=1&utm_source=da57dc555e50572d&ban=other	ScriptElement	0 B	0001-01-01	2025-05-27
Pretty URL mwnqka.romanceaffairs.com/?s1=218301&s2=2007065&s3=4800&s5=backuser&click_id=62a87ft46xo1mvr63e&iexpp=1&j1=1&utm_source=da57dc555e50572d&ban=other IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-27 18:31 Times Seen4771164 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/shims/firebase.js		2.3 kB	2023-05-05	2025-05-26
Pretty URL moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/shims/firebase.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38 Last Seen2025-05-26 14:01 Times Seen10777 Hash 32d439c9ec8c789e843ae58b6774681c deb2c661dacf46eb3a1eacbba3e430dcf10cc395 f65e83801e16f98e150ae8843afb4c98c0b3ac0fa7fbe5a5ec687b08119732d6 Loading...

	mwnqka.romanceaffairs.com/sandbox%20eval%20code		123 B	2023-05-05	2025-05-26
Pretty URL mwnqka.romanceaffairs.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38 Last Seen2025-05-26 14:01 Times Seen8358 Hash 239166f4d1bda569909c9af241098419 ad3987a93224de5c735c7c380daf5bfaecf60ac8 255566913e81e0587539abba68839777480779575271b734e817e7093f4dceec Loading...

	mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800	ScriptElement	2.5 kB	2023-06-30	2025-05-26
Pretty URL mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800 IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 16:46 Last Seen2025-05-26 17:34 Times Seen2044 Hash 78a93fba834e51562cc0c1643de4a304 2bf106e16eb1752230a8499285b73ae6d8dcbcc2 d684c6105ece5706298f7778d19bc9881449a39196f92c000254f4ce6fdd368e Loading...

	mwnqka.romanceaffairs.com/js/pushjs/1.0.0/utils.js	ScriptElement	7.1 kB	2023-03-07	2025-05-26
Pretty URL mwnqka.romanceaffairs.com/js/pushjs/1.0.0/utils.js IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-26 05:59 Times Seen2259 Hash 711c7ecda710a342d24faef1dec76ede d1b38489603a2aecc2be5edb4fa4cd8d442fe727 41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb Loading...

	mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800	ScriptElement	338 B	2024-08-19	2024-08-19
Pretty URL mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800 IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 18:43 Last Seen2024-08-19 18:43 Times Seen1 Hash f9790a479d064e46136de3ff08835005 b8051a43ca5b29f80b564db9c32efc5a5e483e5f ff810acd20727d2619e6118ff795ec235058c12fb2054af477681112aa7ddbbc Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js	ScriptElement	36 kB	2023-03-07	2024-08-29
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2024-08-29 18:11 Times Seen2206 Hash 0cb7a0eb328ea70ab360f861314c8820 e3e20eb50dae36f4cbcef1890b1cc7878acb537a 4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9 Loading...

	cdn-dimi.akamaized.net/landings/285829/1704989202/js/jquery.min.js?1704989202	ScriptElement	86 kB	2023-03-07	2025-05-27
Pretty URL cdn-dimi.akamaized.net/landings/285829/1704989202/js/jquery.min.js?1704989202 IP 88.221.27.74 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-27 18:28 Times Seen175888 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

HTTP Transactions (28)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
11d12f1fba8aca9d9418e9d8dc4952bf
815abf5c4b5eb6f908e3c9aa829ee2e6ccdcc449
97f30de1fa8e41bf859ba482af92cec319429e14f4f81a9c675977b672ed7b9a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "97F30DE1FA8E41BF859BA482AF92CEC319429E14F4F81A9C675977B672ED7B9A"
Last-Modified: Fri, 28 Jun 2024 01:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6782
Expires: Sun, 30 Jun 2024 16:31:20 GMT
Date: Sun, 30 Jun 2024 14:38:18 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f6d043d7b5e98906db1fe2695e98859c
154db889ef567d2839bb7eaa15818cd546495b4f
f4fcc79261acda8e1cb81b9fc6524ee560b60740b0cf8107308dc82750dc079a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F4FCC79261ACDA8E1CB81B9FC6524EE560B60740B0CF8107308DC82750DC079A"
Last-Modified: Sat, 29 Jun 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11719
Expires: Sun, 30 Jun 2024 17:53:37 GMT
Date: Sun, 30 Jun 2024 14:38:18 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7cd114e209a6a2072fa2672372a02f1
3e872420829976f523c9a9b28225e81ad877bfc9
5d0241d467ad619637837f9894f8011e62a08a39bd81dd072cad8091dd58a588

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5D0241D467AD619637837F9894F8011E62A08A39BD81DD072CAD8091DD58A588"
Last-Modified: Sat, 29 Jun 2024 16:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7361
Expires: Sun, 30 Jun 2024 16:41:00 GMT
Date: Sun, 30 Jun 2024 14:38:19 GMT
Connection: keep-alive

cdn-dimi.akamaized.net/landings/285829/1704989202/css/style.css?1704989202

88.221.27.74

200 OK

1.9 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285829/1704989202/css/style.css?1704989202
IP
88.221.27.74:443
ASN
#20940 Akamai International B.V.

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
ASCII text
Size
1.9 kB (1857 bytes)
Hash
2377fd13afd591c5738f12be02d8ac78
ea4ac44ccafc516876781ab751d796bf7705d538
325b0acec6efe45feb749aa73136ce9282d3fa0ecec25d5e5727f1b796497016

HTTP Headers

GET /landings/285829/1704989202/css/style.css?1704989202 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mwnqka.romanceaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: cx1IXmwD0xOeipHnH1Gj+XYx+aBcT5AUbYQU6+4Vot7NBNjkz2m8C+bUwibbdHySByCdaRDbEwA=
x-amz-request-id: Y1STTXMCZ8D3VH29
Last-Modified: Fri, 12 Jan 2024 08:41:25 GMT
ETag: "2377fd13afd591c5738f12be02d8ac78"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 30 Jun 2024 14:38:20 GMT
Content-Length: 1857
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285829/1704989202/js/translates.js?1704989202

88.221.27.74

200 OK

8.8 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285829/1704989202/js/translates.js?1704989202
IP
88.221.27.74:443
ASN
#20940 Akamai International B.V.

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
8.8 kB (8781 bytes)
Hash
7455b9bda59236475645ed7fde6ec8ed
0d94306d56dcbfb68842b1b54f25957c0f008e37
965e93618f8d1ac1f5d552fde96a86308fb9fa8c8820186ad1ca4bbf5e84c17d

HTTP Headers

GET /landings/285829/1704989202/js/translates.js?1704989202 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mwnqka.romanceaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: mnA5T+GPs8gCu7OudV774ZVsbz3NJCGLNjSKyKNHyZ2lSHvB4lQL0ibQNAUILoVBUypAy6DwyeY=
x-amz-request-id: Y1SN5A5CPF4TAGAQ
Last-Modified: Fri, 12 Jan 2024 08:41:25 GMT
ETag: "7455b9bda59236475645ed7fde6ec8ed"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 30 Jun 2024 14:38:20 GMT
Content-Length: 8781
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285829/1704989202/js/scripts.js?1704989202

88.221.27.74

200 OK

511 B

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285829/1704989202/js/scripts.js?1704989202
IP
88.221.27.74:443
ASN
#20940 Akamai International B.V.

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
511 B (511 bytes)
Hash
69e75e0997cdd1b51ef2d8f78358e937
f816503aceb6edd2fd9f0cc3f911b99817ca611d
40c9bae2946917f32864946aabede4750f809cf9f3ab600669faab410b82526c

HTTP Headers

GET /landings/285829/1704989202/js/scripts.js?1704989202 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mwnqka.romanceaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: wc0nks/i+JgkAmwi5tfdwMBSQw49KRtbb+rayQJVtuNKuITV7CcufsVNaDsK5UFx6eoGy8C7b84=
x-amz-request-id: CBDATRJ0RZCH8RN0
Last-Modified: Fri, 12 Jan 2024 08:41:25 GMT
ETag: "69e75e0997cdd1b51ef2d8f78358e937"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 511
Date: Sun, 30 Jun 2024 14:38:20 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285829/1704989202/css/reset.min.css?1704989202

88.221.27.74

200 OK

527 B

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285829/1704989202/css/reset.min.css?1704989202
IP
88.221.27.74:443
ASN
#20940 Akamai International B.V.

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
CSV text
Size
527 B (527 bytes)
Hash
36f11c31f5b3885dc017f41ed8f5817c
e928be87b659d200361c277fcc3ed1fd13b2a472
b59fdf3a529889ad3a8d013a347d5586f3da8361e71291cc9215edb830d1e45e

HTTP Headers

GET /landings/285829/1704989202/css/reset.min.css?1704989202 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mwnqka.romanceaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: eAdegqZXN7cSSIXVP2r3h83FdFFEtQx73bEjK7BOqrIOxNvCP56ZUus54UQDk1EvwLJ9+VM0sZY=
x-amz-request-id: Y1SHH7TMEXPQNBTK
Last-Modified: Fri, 12 Jan 2024 08:41:25 GMT
ETag: "36f11c31f5b3885dc017f41ed8f5817c"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 30 Jun 2024 14:38:20 GMT
Content-Length: 527
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1d7e64f5328a745a624525554e23b60f
ea6d952ce6348bed3e1b0659d94c02fef45f6855
c31cb3d75afadec45bc4e8f9b1519a4fe39632734ed07103741d6b792312c15d

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Jun 2024 14:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

142.250.74.106

200 OK

867 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC7:12:52:3A:BD:E0:73:20:AD:A8:5F:DF:12:DB:C6:DE:AF:63:88:6B
ValidityThu, 13 Jun 2024 16:32:33 GMT - Thu, 05 Sep 2024 16:32:32 GMT

File type
gzip compressed data, max compression
Size
867 B (867 bytes)
Hash
d3fe9db73e6efcd1507813c3ee810fe7
8301305aad9a4279f1d6c2fc5f7c9069ffe9f327
05aee81134e65886d404b7c61d95a0f8f6ff7e0517b0b4eae19edb1df6aecc41

HTTP Headers

GET /css2?family=Lato:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 30 Jun 2024 14:38:20 GMT
date: Sun, 30 Jun 2024 14:38:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/285829/1704989202/js/jquery.min.js?1704989202

88.221.27.74

200 OK

30 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285829/1704989202/js/jquery.min.js?1704989202
IP
88.221.27.74:443
ASN
#20940 Akamai International B.V.

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
30 kB (29855 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /landings/285829/1704989202/js/jquery.min.js?1704989202 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mwnqka.romanceaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: D6I3lofP8dRdzFPznD1RN+jw2/HhUoWX9h295+tmH4GQjjnbe4Hq2nHP/F0iD9MV8+/RXLUs6HA=
x-amz-request-id: Y1SP56NN2Q8KGM51
Last-Modified: Fri, 12 Jan 2024 08:41:25 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 30 Jun 2024 14:38:21 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285829/1704989202/images/logo.svg

88.221.27.74

200 OK

11 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285829/1704989202/images/logo.svg
IP
88.221.27.74:443
ASN
#20940 Akamai International B.V.

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
11 kB (10652 bytes)
Hash
89efea4d57e53488be96c41f813895c2
4ace0a06591c30d245809c58f7cf3aad9e602959
ea91bcc64cbe5159a96da591bdec4939528366b64226c688cc4462baf74dfdd3

HTTP Headers

GET /landings/285829/1704989202/images/logo.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mwnqka.romanceaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: R8YEbF+ADvvpkKWBxhtSDv45FOVp4id2yWyOwtIJ77tfpFk0DgNQGtMnCNcMI8KOAGqCMpcvJPo=
x-amz-request-id: Y1SWFQE9FKYEPB2M
Last-Modified: Fri, 12 Jan 2024 08:41:24 GMT
ETag: "89efea4d57e53488be96c41f813895c2"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 10652
Date: Sun, 30 Jun 2024 14:38:21 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285829/1704989202/images/girl-ico.png

88.221.27.74

200 OK

1.5 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285829/1704989202/images/girl-ico.png
IP
88.221.27.74:443
ASN
#20940 Akamai International B.V.

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1540 bytes)
Hash
87fa20787233a7ac89d1ee83563832c6
2fd58653f791912508d469a274fbdffbc7177bf6
2cb1de63c827301236cb47fc705964c827deb48b360148e11a28c15ea9ef66d0

HTTP Headers

GET /landings/285829/1704989202/images/girl-ico.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mwnqka.romanceaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 4Ln961t1AmJqTA7kNycQIsEsQ3Yqc9fDjjT3DOvRxD3LLP6LKX1X1EYadRGxslVbY8+IaGK3w/0=
x-amz-request-id: CBDC5M01D2VR1CK1
Last-Modified: Fri, 12 Jan 2024 08:41:24 GMT
ETag: "87fa20787233a7ac89d1ee83563832c6"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1540
Date: Sun, 30 Jun 2024 14:38:21 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0c22b10a118098f2cdc4b186e6f8e9a8
cfe8b247d843f42d2205bb16a48cefe38c78526e
1208b1961307dfb3c91a337dfa900f9be57f91cab6a7dd3d7c5e38d2399d5d10

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1208B1961307DFB3C91A337DFA900F9BE57F91CAB6A7DD3D7C5E38D2399D5D10"
Last-Modified: Fri, 28 Jun 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19328
Expires: Sun, 30 Jun 2024 20:00:29 GMT
Date: Sun, 30 Jun 2024 14:38:21 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0c22b10a118098f2cdc4b186e6f8e9a8
cfe8b247d843f42d2205bb16a48cefe38c78526e
1208b1961307dfb3c91a337dfa900f9be57f91cab6a7dd3d7c5e38d2399d5d10

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1208B1961307DFB3C91A337DFA900F9BE57F91CAB6A7DD3D7C5E38D2399D5D10"
Last-Modified: Fri, 28 Jun 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19328
Expires: Sun, 30 Jun 2024 20:00:29 GMT
Date: Sun, 30 Jun 2024 14:38:21 GMT
Connection: keep-alive

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fd84c1a26b78850895b35b299c0fa27e
3cc51bf386ba69bdf1616b72742aa52c1cf176ad
9bbb6dacb7ff60dd8d6cf95eb8312cca8871f46b62e344b4bd641884c2f5b7b5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Jun 2024 14:38:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fd84c1a26b78850895b35b299c0fa27e
3cc51bf386ba69bdf1616b72742aa52c1cf176ad
9bbb6dacb7ff60dd8d6cf95eb8312cca8871f46b62e344b4bd641884c2f5b7b5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Jun 2024 14:38:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintC4:9C:27:09:1C:F7:14:C9:86:F0:B5:42:0B:8A:D2:AE:5E:AE:98:04
ValidityThu, 13 Jun 2024 16:31:03 GMT - Thu, 05 Sep 2024 16:31:02 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mwnqka.romanceaffairs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jun 2024 23:56:00 GMT
expires: Sat, 28 Jun 2025 23:56:00 GMT
cache-control: public, max-age=31536000
age: 139341
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintC4:9C:27:09:1C:F7:14:C9:86:F0:B5:42:0B:8A:D2:AE:5E:AE:98:04
ValidityThu, 13 Jun 2024 16:31:03 GMT - Thu, 05 Sep 2024 16:31:02 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mwnqka.romanceaffairs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jun 2024 04:30:25 GMT
expires: Sun, 29 Jun 2025 04:30:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 122876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fd84c1a26b78850895b35b299c0fa27e
3cc51bf386ba69bdf1616b72742aa52c1cf176ad
9bbb6dacb7ff60dd8d6cf95eb8312cca8871f46b62e344b4bd641884c2f5b7b5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Jun 2024 14:38:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn-dimi.akamaized.net/landings/285829/1704989202/images/favicon.ico?t=20240630143820

88.221.27.74

200 OK

14 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285829/1704989202/images/favicon.ico?t=20240630143820
IP
88.221.27.74:443
ASN
#20940 Akamai International B.V.

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
Size
14 kB (13868 bytes)
Hash
135aeed168833e38d0839e1709e41891
a689caccb7b0a9918ff731bef2a1e3d04aff07ec
74d44e795ea62dcb66e995bfc7a0914e4fb64041567e05cc9118cfc8608caa45

HTTP Headers

GET /landings/285829/1704989202/images/favicon.ico?t=20240630143820 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mwnqka.romanceaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: e3xGvMmV2uJcW6oTmwzZJUn1Wy4b6Syb/ZDBtV37y72CXjLXReuX1pWCDFGK2WILh0CRtaWUIQE=
x-amz-request-id: NFGW9V7YRGARWKGQ
Last-Modified: Fri, 12 Jan 2024 08:41:24 GMT
ETag: "135aeed168833e38d0839e1709e41891"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/x-icon
Server: AmazonS3
Content-Length: 13868
Date: Sun, 30 Jun 2024 14:38:21 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

www.gstatic.com/firebasejs/5.0.2/firebase-app.js

142.250.74.35

200 OK

8.6 kB

URL GET HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintC4:9C:27:09:1C:F7:14:C9:86:F0:B5:42:0B:8A:D2:AE:5E:AE:98:04
ValidityThu, 13 Jun 2024 16:31:03 GMT - Thu, 05 Sep 2024 16:31:02 GMT

File type
JavaScript source, ASCII text, with very long lines (25088)
Size
8.6 kB (8604 bytes)
Hash
9164d0e8a317eceb870cca88c9683127
4617c910005f7100b4ff26a458a8b4463e33cdc6
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931

HTTP Headers

GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mwnqka.romanceaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jun 2024 04:37:46 GMT
expires: Sun, 29 Jun 2025 04:37:46 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 122435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mwnqka.romanceaffairs.com/js/pushjs/1.0.0/utils.js

52.19.138.177

200 OK

13 kB

URL GET HTTP/2
mwnqka.romanceaffairs.com/js/pushjs/1.0.0/utils.js
IP
52.19.138.177:443
ASN
#16509 AMAZON-02

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerLet's Encrypt
Subject*.romanceaffairs.com
Fingerprint25:0F:A5:F3:D9:C7:93:6C:E4:7D:9A:A5:6C:65:2C:73:F6:25:29:29
ValidityMon, 20 May 2024 01:35:14 GMT - Sun, 18 Aug 2024 01:35:13 GMT

File type
JavaScript source, ASCII text, with very long lines (42618)
Size
13 kB (13404 bytes)
Hash
c90dd751eaad28b93223fd6a8085b0cf
7034acb572ae6bc9f82213803d8b4a9e53b39bc8
312918c1c16a0da134c8d4771b8f96c4b5ae2c2fe643194f96c4cb07ba669545

HTTP Headers

GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: mwnqka.romanceaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mwnqka.romanceaffairs.com/?s1=218301&s2=2007065&s3=4800&s5=backuser&click_id=62a87ft46xo1mvr63e&iexpp=1&j1=1&utm_source=da57dc555e50572d&ban=other
Cookie: unique_id=66813c5a000db4df; unique_id2=667e675e000ec3bc; 667e675e000ec3bc_c=1; ref_token=196315_210374_176207_164864_218609_173742_205336_216792_218301; 667e675e000ec3bc_sl=[285829]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 30 Jun 2024 14:38:21 GMT
content-type: application/javascript
expires: Sun, 07 Jul 2024 14:38:21 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/285829/1704989202/images/video-1.mp4

88.221.27.74

206 Partial Content

1.4 MB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285829/1704989202/images/video-1.mp4
IP
88.221.27.74:443
ASN
#20940 Akamai International B.V.

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
1.4 MB (1415166 bytes)
Hash
f9dd1dd7e9578c51a32b105114d819f6
71fd485ce0514814042859b47b2484c517e28728
59f1fa67c4461fcd0b05d7d00fdc8a8d804879c907f11dc1b648c48979bd5240

HTTP Headers

GET /landings/285829/1704989202/images/video-1.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://mwnqka.romanceaffairs.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
x-amz-id-2: azTgseTJAOcPPQPXYO6uGiSsCst9AvYuBYnp8wVIvoC9TfA2Jskra738II05mIB1IyhVBtQszGE=
x-amz-request-id: AHMA2NFVVMD0S2M1
Last-Modified: Fri, 12 Jan 2024 08:41:24 GMT
ETag: "f9dd1dd7e9578c51a32b105114d819f6"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Sun, 30 Jun 2024 14:38:21 GMT
Content-Range: bytes 0-1415165/1415166
Content-Length: 1415166
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800

52.19.138.177

200 OK

44 kB

URL User Request GET HTTP/2
mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
IP
52.19.138.177:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.romanceaffairs.com
Fingerprint25:0F:A5:F3:D9:C7:93:6C:E4:7D:9A:A5:6C:65:2C:73:F6:25:29:29
ValidityMon, 20 May 2024 01:35:14 GMT - Sun, 18 Aug 2024 01:35:13 GMT

File type

Size
44 kB (43842 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800 HTTP/1.1
Host: mwnqka.romanceaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 30 Jun 2024 14:38:20 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=66813c5a000db4df; Path=/; Expires=Thu, 29 Aug 2024 14:38:19 GMT; Secure; SameSite=None
unique_id2=667e675e000ec3bc; Path=/; Expires=Sat, 28 Sep 2024 14:38:19 GMT; Secure; SameSite=None
667e675e000ec3bc_c=1; Path=/; Expires=Sat, 28 Sep 2024 14:38:19 GMT; Secure; SameSite=None
ref_token=196315_210374_176207_164864_218609_173742_205336_216792_218301; Path=/; Expires=Tue, 30 Jul 2024 14:38:19 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Sun, 30 Jun 2024 14:38:20 GMT; Secure; SameSite=None
667e675e000ec3bc_sl=[285829]; Path=/; Expires=Sun, 14 Jul 2024 14:38:20 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

scsipc.top/click?o=2&a=4800&aff_click_id=12281k2a4gh507

172.67.167.234

302 Found

44 kB

URL User Request GET HTTP/2
scsipc.top/click?o=2&a=4800&aff_click_id=12281k2a4gh507
IP
172.67.167.234:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectscsipc.top
Fingerprint1C:2D:39:11:BE:D7:8D:99:9D:74:0B:F3:1C:4C:9B:00:7D:2C:FE:FC
ValidityFri, 24 May 2024 22:14:41 GMT - Thu, 22 Aug 2024 22:14:40 GMT

File type

Size
44 kB (43842 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /click?o=2&a=4800&aff_click_id=12281k2a4gh507 HTTP/1.1
Host: scsipc.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 30 Jun 2024 14:38:19 GMT
content-type: text/html; charset=UTF-8
location: https://24in.butik23.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=5c715792fb7cb0a95ef7ce984e5775ed&a=4800&landing=&sub_id1=&scGeo=NO
set-cookie: U-c81e728d9d4c2f636f067f89cc14862c=unique; expires=Tue, 30-Jul-2024 14:38:19 GMT; Max-Age=2592000; path=/; secure; SameSite=None
o_c81e728d9d4c2f636f067f89cc14862c=ae15ecfd-b58b-412d-9a70-6bb5726c2a14; expires=Sun, 07-Jul-2024 14:38:19 GMT; Max-Age=604800; path=/; secure; SameSite=None
x-debug-tag: 66816ddb2689f
x-debug-duration: 213
x-debug-link: /v-debugger/default/view?tag=66816ddb2689f
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7PaFUKNQzMNsQjb61EUEB3unSaf9nNTm7rJcrHMdX44knQdfbVNBtVsuOUvnMbo3bD5%2F8PchxQNw1%2BPgjnueDwe9a%2B5p4Bmq9QHgD7cPCzRlntCWJRtgbIzeDI6u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89bee6396b7babc3-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mwnqka.romanceaffairs.com/js/pushjs/1.0.0/subscriber.js

52.19.138.177

200 OK

9.4 kB

URL GET HTTP/2
mwnqka.romanceaffairs.com/js/pushjs/1.0.0/subscriber.js
IP
52.19.138.177:443
ASN
#16509 AMAZON-02

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerLet's Encrypt
Subject*.romanceaffairs.com
Fingerprint25:0F:A5:F3:D9:C7:93:6C:E4:7D:9A:A5:6C:65:2C:73:F6:25:29:29
ValidityMon, 20 May 2024 01:35:14 GMT - Sun, 18 Aug 2024 01:35:13 GMT

File type
JavaScript source, ASCII text, with very long lines (9662), with no line terminators
Size
9.4 kB (9396 bytes)
Hash
a3e0001a34bea8e4d6295b5adba9c18a
6dad80b4cb6996dbbdabd2d300cd10d9ef6d08e0
628cf80d0ba875880a42596cddff77b5bbead1a30589a30ee3f178cb59d847d2

HTTP Headers

GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: mwnqka.romanceaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mwnqka.romanceaffairs.com/?s1=218301&s2=2007065&s3=4800&s5=backuser&click_id=62a87ft46xo1mvr63e&iexpp=1&j1=1&utm_source=da57dc555e50572d&ban=other
Cookie: unique_id=66813c5a000db4df; unique_id2=667e675e000ec3bc; 667e675e000ec3bc_c=1; ref_token=196315_210374_176207_164864_218609_173742_205336_216792_218301; 667e675e000ec3bc_sl=[285829]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 30 Jun 2024 14:38:21 GMT
content-type: application/javascript
expires: Sun, 07 Jul 2024 14:38:21 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js

142.250.74.35

200 OK

36 kB

URL GET HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintC4:9C:27:09:1C:F7:14:C9:86:F0:B5:42:0B:8A:D2:AE:5E:AE:98:04
ValidityThu, 13 Jun 2024 16:31:03 GMT - Thu, 05 Sep 2024 16:31:02 GMT

File type
JavaScript source, ASCII text, with very long lines (35547)
Size
36 kB (35595 bytes)
Hash
0cb7a0eb328ea70ab360f861314c8820
e3e20eb50dae36f4cbcef1890b1cc7878acb537a
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9

HTTP Headers

GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mwnqka.romanceaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Jun 2024 08:33:04 GMT
expires: Fri, 27 Jun 2025 08:33:04 GMT
cache-control: public, max-age=31536000
age: 281117
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

24in.butik23.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=5c715792fb7cb0a95ef7ce984e5775ed&a=4800&landing=&sub_id1=&scGeo=NO

188.114.96.1

302 Found

44 kB

URL User Request GET HTTP/2
24in.butik23.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=5c715792fb7cb0a95ef7ce984e5775ed&a=4800&landing=&sub_id1=&scGeo=NO
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectbutik23.top
FingerprintF1:59:EB:95:AB:90:BD:EC:4B:B0:6E:21:48:3A:D4:D3:A6:26:54:E0
ValidityMon, 24 Jun 2024 14:49:05 GMT - Sun, 22 Sep 2024 14:49:04 GMT

File type

Size
44 kB (43842 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click.php?key=lav6t81woikcpgjtxpyd&externalid=5c715792fb7cb0a95ef7ce984e5775ed&a=4800&landing=&sub_id1=&scGeo=NO HTTP/1.1
Host: 24in.butik23.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 30 Jun 2024 14:38:19 GMT
content-type: text/html; charset=UTF-8
location: https://mwnqka.romanceaffairs.com/?utm_source=da57dc555e50572d&s1=218301&s2=2007065&ban=other&j1=1&click_id=62a87ft46xo1mvr63e&s3=4800
set-cookie: uclick=ft46xo1mfe; expires=Mon, 01-Jul-2024 14:38:19 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=ft46xo1mfe-ft46xo1mfe-fe-fe-wj-3y-6o-3be23f; expires=Mon, 01-Jul-2024 14:38:19 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclick=ft46xo1mfe; expires=Mon, 01-Jul-2024 14:38:19 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=ft46xo1mfe-ft46xo1mi4-i4-0-i4-2t-b4vr-075dde; expires=Mon, 01-Jul-2024 14:38:19 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclick=ft46xo1mfe; expires=Mon, 01-Jul-2024 14:38:19 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=ft46xo1mfe-ft46xo1mvr-vr-16bl-qdwj-g5d5-17p2-9087a5; expires=Mon, 01-Jul-2024 14:38:19 GMT; Max-Age=86400; path=/; secure; SameSite=none
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDrVsiEsTx2VeWv9rn57Kut%2BOVwH3i0pZY%2BJg45qCSRZVh8CbskBXNHxRyqxf1RR4clSFYivJ3X6GZFY7Z5lUJjhk6ef3g%2FEH7iuxwdelArIiM0tRsDNwtuv59U%2Fo2HD%2F71Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89bee63c1b9492a9-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by