Report - phatchoa.net/?request_ab2=0&js_build=iclick-v1.514.0&zoneid=5734989&rb=dFOt7E51HCUr_E6R0DstjTpy673v5-hBTq460sZAOYFczsb-sz9DPUDoHwD-83YI6XyX-jjSY8XPGe2T2ON7vMAjtsHE4nsz9JVMBGTA2xpNMAscSzwiqI6ozl2UEJKmhFzbXBcooht33NM4fE9jsVGUNMuVnDbBE_vfMReoCdNQia_Wh1JohWuvUAAIH21nboSwKvSR-4LHkOXIx6P0zcbRDCHbeufvx8CGWrBjoSBjrIJkX0-W8WGP08zE7sPhw6xLAhRgsPrUtZCNpQtJ-RcvZ-zPZjHP&fs=0&cf=0&sw=1366&sh=768&sah=728&wx=0&wy=0&ww=1366&wh=728&cw=1965&wih=987&wiw=1987&wfc=5&pl=modsfire.com/download/59Bu827XhZD51R0/5c6bd&drf=https://modsfire.com/59Bu827XhZD51R0&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.514.0&bs=0f69a9f9-bc41-4f0a-b090-d7743b8b28bb&userId=w6dz727033zp671628730g4b2wkak393&os=windows&os

Report Overview

Submitted URL
phatchoa.net/?request_ab2=0&js_build=iclick-v1.514.0&zoneid=5734989&rb=dFOt7E51HCUr_E6R0DstjTpy673v5-hBTq460sZAOYFczsb-sz9DPUDoHwD-83YI6XyX-jjSY8XPGe2T2ON7vMAjtsHE4nsz9JVMBGTA2xpNMAscSzwiqI6ozl2UEJKmhFzbXBcooht33NM4fE9jsVGUNMuVnDbBE_vfMReoCdNQia_Wh1JohWuvUAAIH21nboSwKvSR-4LHkOXIx6P0zcbRDCHbeufvx8CGWrBjoSBjrIJkX0-W8WGP08zE7sPhw6xLAhRgsPrUtZCNpQtJ-RcvZ-zPZjHP&fs=0&cf=0&sw=1366&sh=768&sah=728&wx=0&wy=0&ww=1366&wh=728&cw=1965&wih=987&wiw=1987&wfc=5&pl=modsfire.com/download/59Bu827XhZD51R0/5c6bd&drf=https://modsfire.com/59Bu827XhZD51R0&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.514.0&bs=0f69a9f9-bc41-4f0a-b090-d7743b8b28bb&userId=w6dz727033zp671628730g4b2wkak393&os=windows&os_version=10.0.0
IP
139.45.197.242
ASN
#9002 RETN Limited
Submitted
2023-03-30 14:13:43
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-31T18:12:03Z	1.4 kB	2.8 kB	142.250.74.131
www.mysexymatches.com	unknown	2022-04-23T12:39:16Z	2023-03-31T09:24:31Z	2.2 kB	17 kB	52.17.88.125
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-31T20:19:47Z	395 B	11 kB	142.250.74.99
syndication.exdynsrv.com	34243	2016-04-20T20:35:15Z	2023-04-01T05:57:54Z	449 B	437 B	95.211.229.245
syndication.exoclick.com	22750	2012-05-21T10:27:02Z	2023-04-01T10:17:56Z	448 B	437 B	95.211.229.246
ctrack.trafficjunky.net	27301	2014-03-23T23:43:38Z	2023-04-01T05:57:54Z	482 B	435 B	66.254.114.89
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.8 kB	68 kB	34.120.237.76
phatchoa.net	unknown	2023-03-28T19:05:24Z	2023-03-30T15:18:38Z	1.4 kB	1.9 kB	139.45.197.242
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	2.7 kB	7.1 kB	23.33.119.27
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
cdn-adef.akamaized.net	125719	2018-02-06T08:56:01Z	2023-03-31T09:24:32Z	3.4 kB	2.5 MB	23.36.76.96
tsyndicate.com	13042	2017-03-16T10:04:54Z	2023-03-31T20:19:08Z	872 B	1.3 kB	136.243.43.25
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-31T21:56:16Z	341 B	640 B	192.229.221.95
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	238 B	34.117.65.55
s.exv6.com	unknown	2022-03-16T15:28:04Z	2023-03-31T10:10:26Z	435 B	433 B	95.211.229.248
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-31T22:03:32Z	387 B	42 kB	142.250.74.168
syndication.realsrv.com	9112	2019-07-03T23:39:52Z	2023-03-31T23:10:52Z	445 B	436 B	95.211.229.246

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-30	medium	www.mysexymatches.com/js/pushjs/1.0.0/utils.js	Phishing
2023-03-30	medium	www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js	Phishing
2023-03-30	medium	www.mysexymatches.com/js/service-worker.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5734989&rdk=rk1	180 B	2023-04-01	2023-04-01
Pretty URL www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5734989&rdk=rk1 IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:43:36 Last Seen2023-04-01 10:43:36 Times Seen1 Hash 6417ff19648b559f6bd3368dad4e28a2 913b91d236b57a1428bb18d2fc95bedcb8d75085 a0a3bbcf8fb743a645952197b1ca07af53b4842983a7894929fc9b896249470f Loading...

	www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5734989&rdk=rk1	1.8 kB	2023-03-07	2024-01-22
Pretty URL www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5734989&rdk=rk1 IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-01-22 06:10:19 Times Seen1898 Hash f635f3356b851f81cd3544c628a404d7 1e5b2e303492351cb8e8de3c5569d69d005acce4 2d39b7df8163f76195f1f28e837d34a8de00f146db22be3ea3b91c925ea044fd Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-app.js	25 kB	2023-03-07	2024-05-11
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-app.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-05-11 00:01:57 Times Seen11068 Hash 9164d0e8a317eceb870cca88c9683127 4617c910005f7100b4ff26a458a8b4463e33cdc6 15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931 Loading...

	cdn-adef.akamaized.net/landings/277421/1669996000/js/jquery.min.js?1669996000	86 kB	2023-03-07	2024-05-11
Pretty URL cdn-adef.akamaized.net/landings/277421/1669996000/js/jquery.min.js?1669996000 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-11 00:13:28 Times Seen390716 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	cdn-adef.akamaized.net/landings/277421/1669996000/js/backoffer.js?1669996000	430 B	2023-03-07	2024-05-10
Pretty URL cdn-adef.akamaized.net/landings/277421/1669996000/js/backoffer.js?1669996000 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-05-10 22:09:06 Times Seen5868 Hash 6d5aa83d23ce0b9f72d3b87d000d8fae 034fb8768eb58ffc0b5849e2c162989741a6cbec 89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800 Loading...

	cdn-adef.akamaized.net/landings/277421/1669996000/js/MB_push_NEW.js?1669996000	671 B	2023-03-07	2024-04-21
Pretty URL cdn-adef.akamaized.net/landings/277421/1669996000/js/MB_push_NEW.js?1669996000 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-04-21 23:30:57 Times Seen3708 Hash 533a9cb9c41907529c3d603edb25d5d9 222bee472465971cf71bfa210d04136eb765ccc0 45d257677164ebc2c1fd4ff44b4ee5a1ce9c87682f165836a3e38113d1e09eaf Loading...

	www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5734989&rdk=rk1	389 B	2023-03-08	2023-04-05
Pretty URL www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5734989&rdk=rk1 IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:49:55 Last Seen2023-04-05 02:12:13 Times Seen46 Hash ccd7bfe9939301c0f4906d4295f3c2cd fc705d5c77b285655c4616195142663a62668346 e66acdd1213e71630067f6cca1e1a7aa9ed819670b33bad410ea085176f26196 Loading...

	www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js	9.4 kB	2023-03-07	2023-05-23
Pretty URL www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2023-05-23 11:55:13 Times Seen1847 Hash eaaa22632bcced1b4a2bad3c22bd618f c5bb4097ff0b252c19671985d5d431dfd6bb7281 20a2729b7c4f4c6a0dd2e80500284bd8c0e84e3e4076eb6a248e2951fec0c550 Loading...

	phatchoa.net/?request_ab2=0&js_build=iclick-v1.514.0&zoneid=5734989&rb=dFOt7E51HCUr_E6R0DstjTpy673v5-hBTq460sZAOYFczsb-sz9DPUDoHwD-83YI6XyX-jjSY8XPGe2T2ON7vMAjtsHE4nsz9JVMBGTA2xpNMAscSzwiqI6ozl2UEJKmhFzbXBcooht33NM4fE9jsVGUNMuVnDbBE_vfMReoCdNQia_Wh1JohWuvUAAIH21nboSwKvSR-4LHkOXIx6P0zcbRDCHbeufvx8CGWrBjoSBjrIJkX0-W8WGP08zE7sPhw6xLAhRgsPrUtZCNpQtJ-RcvZ-zPZjHP&fs=0&cf=0&sw=1366&sh=768&sah=728&wx=0&wy=0&ww=1366&wh=728&cw=1965&wih=987&wiw=1987&wfc=5&pl=https://modsfire.com/download/59Bu827XhZD51R0/5c6bd&drf=https://modsfire.com/59Bu827XhZD51R0&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.514.0&bs=0f69a9f9-bc41-4f0a-b090-d7743b8b28bb&userId=w6dz727033zp671628730g4b2wkak393&os=windows&os_version=10.0.0	495 B	2023-04-01	2023-04-01
Pretty URL phatchoa.net/?request_ab2=0&js_build=iclick-v1.514.0&zoneid=5734989&rb=dFOt7E51HCUr_E6R0DstjTpy673v5-hBTq460sZAOYFczsb-sz9DPUDoHwD-83YI6XyX-jjSY8XPGe2T2ON7vMAjtsHE4nsz9JVMBGTA2xpNMAscSzwiqI6ozl2UEJKmhFzbXBcooht33NM4fE9jsVGUNMuVnDbBE_vfMReoCdNQia_Wh1JohWuvUAAIH21nboSwKvSR-4LHkOXIx6P0zcbRDCHbeufvx8CGWrBjoSBjrIJkX0-W8WGP08zE7sPhw6xLAhRgsPrUtZCNpQtJ-RcvZ-zPZjHP&fs=0&cf=0&sw=1366&sh=768&sah=728&wx=0&wy=0&ww=1366&wh=728&cw=1965&wih=987&wiw=1987&wfc=5&pl=https://modsfire.com/download/59Bu827XhZD51R0/5c6bd&drf=https://modsfire.com/59Bu827XhZD51R0&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.514.0&bs=0f69a9f9-bc41-4f0a-b090-d7743b8b28bb&userId=w6dz727033zp671628730g4b2wkak393&os=windows&os_version=10.0.0 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:43:36 Last Seen2023-04-01 10:43:36 Times Seen1 Hash abc6abd89f498f45e48b73baa5d94851 4d71290f67abc63055fe3de686f6b7ef02dfe019 868d2341260275840a9be743f6c5d7367dc740efabb3783ac31db41a9247e559 Loading...

	cdn-adef.akamaized.net/landings/277421/1669996000/js/main.js?1669996000	164 kB	2023-03-07	2024-04-21
Pretty URL cdn-adef.akamaized.net/landings/277421/1669996000/js/main.js?1669996000 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-04-21 23:30:57 Times Seen3930 Hash a0f4da40bd81c65d824afc106743d47f 55b2d4c57fdb017314f62ac2fe8a3e287dcadf7f e40e7cc368c897d6a3a5095fae6ccd6d9a3f88af5ef9c590f79b9fd22293ad10 Loading...

	www.mysexymatches.com/js/pushjs/1.0.0/utils.js	7.1 kB	2023-03-07	2024-05-11
Pretty URL www.mysexymatches.com/js/pushjs/1.0.0/utils.js IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-11 00:01:57 Times Seen4827 Hash 711c7ecda710a342d24faef1dec76ede d1b38489603a2aecc2be5edb4fa4cd8d442fe727 41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js	36 kB	2023-03-07	2024-05-11
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-05-11 00:01:57 Times Seen11145 Hash 0cb7a0eb328ea70ab360f861314c8820 e3e20eb50dae36f4cbcef1890b1cc7878acb537a 4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9 Loading...

	cdn-adef.akamaized.net/landings/277421/1669996000/js/secondofferv2.js?1669996000	1.2 kB	2023-03-07	2024-04-21
Pretty URL cdn-adef.akamaized.net/landings/277421/1669996000/js/secondofferv2.js?1669996000 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-04-21 23:30:57 Times Seen3751 Hash 9bbe216b8e526fd98d219f2b91ccaa57 3f5d1be91ba58b6501c022155fe6778ce82b1663 1c83d2863f746a234e46c5578826ceeb8cbe126bc4c274ca679295441c44b948 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ	107 kB	2023-04-01	2023-04-01
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:43:36 Last Seen2023-04-01 10:43:36 Times Seen1 Hash 5d8c67e089b17bd9a608cbb5ae9f653e 0c4a9b3214f411fdb7500a9d5ec49e03e3d45adc 6c2d408e6af2ae0487e50301150753a1d5ac4eaeb3b4df70f11494cd39beace0 Loading...

HTTP Transactions (48)

URL IP Response Size

phatchoa.net/?request_ab2=0&js_build=iclick-v1.514.0&zoneid=5734989&rb=dFOt7E51HCUr_E6R0DstjTpy673v5-hBTq460sZAOYFczsb-sz9DPUDoHwD-83YI6XyX-jjSY8XPGe2T2ON7vMAjtsHE4nsz9JVMBGTA2xpNMAscSzwiqI6ozl2UEJKmhFzbXBcooht33NM4fE9jsVGUNMuVnDbBE_vfMReoCdNQia_Wh1JohWuvUAAIH21nboSwKvSR-4LHkOXIx6P0zcbRDCHbeufvx8CGWrBjoSBjrIJkX0-W8WGP08zE7sPhw6xLAhRgsPrUtZCNpQtJ-RcvZ-zPZjHP&fs=0&cf=0&sw=1366&sh=768&sah=728&wx=0&wy=0&ww=1366&wh=728&cw=1965&wih=987&wiw=1987&wfc=5&pl=https://modsfire.com/download/59Bu827XhZD51R0/5c6bd&drf=https://modsfire.com/59Bu827XhZD51R0&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.514.0&bs=0f69a9f9-bc41-4f0a-b090-d7743b8b28bb&userId=w6dz727033zp671628730g4b2wkak393&os=windows&os_version=10.0.0

139.45.197.242

200 OK

574 B

URL HTTP/1.1
phatchoa.net/?request_ab2=0&js_build=iclick-v1.514.0&zoneid=5734989&rb=dFOt7E51HCUr_E6R0DstjTpy673v5-hBTq460sZAOYFczsb-sz9DPUDoHwD-83YI6XyX-jjSY8XPGe2T2ON7vMAjtsHE4nsz9JVMBGTA2xpNMAscSzwiqI6ozl2UEJKmhFzbXBcooht33NM4fE9jsVGUNMuVnDbBE_vfMReoCdNQia_Wh1JohWuvUAAIH21nboSwKvSR-4LHkOXIx6P0zcbRDCHbeufvx8CGWrBjoSBjrIJkX0-W8WGP08zE7sPhw6xLAhRgsPrUtZCNpQtJ-RcvZ-zPZjHP&fs=0&cf=0&sw=1366&sh=768&sah=728&wx=0&wy=0&ww=1366&wh=728&cw=1965&wih=987&wiw=1987&wfc=5&pl=https://modsfire.com/download/59Bu827XhZD51R0/5c6bd&drf=https://modsfire.com/59Bu827XhZD51R0&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.514.0&bs=0f69a9f9-bc41-4f0a-b090-d7743b8b28bb&userId=w6dz727033zp671628730g4b2wkak393&os=windows&os_version=10.0.0
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
574 B (574 bytes)
Hash
96b876192727d74642d9c191cb89a2be
9b100e1f93e06a783f656f51faf6dac0ad60c7cb
b06ec0f92833200723c4df4553071bf7468dbe2a4dfed4bbed1a4d2569f3419b

HTTP Headers

GET /?request_ab2=0&js_build=iclick-v1.514.0&zoneid=5734989&rb=dFOt7E51HCUr_E6R0DstjTpy673v5-hBTq460sZAOYFczsb-sz9DPUDoHwD-83YI6XyX-jjSY8XPGe2T2ON7vMAjtsHE4nsz9JVMBGTA2xpNMAscSzwiqI6ozl2UEJKmhFzbXBcooht33NM4fE9jsVGUNMuVnDbBE_vfMReoCdNQia_Wh1JohWuvUAAIH21nboSwKvSR-4LHkOXIx6P0zcbRDCHbeufvx8CGWrBjoSBjrIJkX0-W8WGP08zE7sPhw6xLAhRgsPrUtZCNpQtJ-RcvZ-zPZjHP&fs=0&cf=0&sw=1366&sh=768&sah=728&wx=0&wy=0&ww=1366&wh=728&cw=1965&wih=987&wiw=1987&wfc=5&pl=https://modsfire.com/download/59Bu827XhZD51R0/5c6bd&drf=https://modsfire.com/59Bu827XhZD51R0&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.514.0&bs=0f69a9f9-bc41-4f0a-b090-d7743b8b28bb&userId=w6dz727033zp671628730g4b2wkak393&os=windows&os_version=10.0.0 HTTP/1.1
Host: phatchoa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 14:13:31 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 2529a86daa2aba82d019426e3ad24cd1
Link: <https://www.mysexymatches.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=w6dz727033zp671628730g4b2wkak393; expires=Fri, 29 Mar 2024 14:13:31 GMT; path=/
oaidts=1680185611; expires=Fri, 29 Mar 2024 14:13:31 GMT; path=/
syncedCookie=true; expires=Thu, 06 Apr 2023 14:13:31 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21010
Expires: Thu, 30 Mar 2023 20:03:41 GMT
Date: Thu, 30 Mar 2023 14:13:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b93010cbf31ba3ec785b4088e5d0f529
c0f1ab8a2aae3c445a8f24959a4eea433a345caf
2cc1a5865dee7636b82a68deddd3aff8b697e846e37789a694cc3c7c47340590

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CC1A5865DEE7636B82A68DEDDD3AFF8B697E846E37789A694CC3C7C47340590"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16460
Expires: Thu, 30 Mar 2023 18:47:51 GMT
Date: Thu, 30 Mar 2023 14:13:31 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Retry-After, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 30 Mar 2023 13:28:17 GMT
content-type: application/json
age: 2714
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
374c9e295a804e605c402f48ae7e2446
967394b36ecdff2dd32842f878887f061024c6b3
7652dfcb9e2d620ce1d033be8ecc53166d2881154c15decd60899415e5ac2706

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7652DFCB9E2D620CE1D033BE8ECC53166D2881154C15DECD60899415E5AC2706"
Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6358
Expires: Thu, 30 Mar 2023 15:59:30 GMT
Date: Thu, 30 Mar 2023 14:13:32 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: QPmjQwYQd9z7l+SvcICB7o9uR/DlUrDOs21JGSRyhfH5w9L4bNBWRZcSnMBZNYTEzSFdbc5DeMo=
x-amz-request-id: D4TW7H8E7R6VGWBQ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 30 Mar 2023 14:02:57 GMT
age: 635
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 14:13:32 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
50464e56e10573bbb950170c626ef4c9
f0618692b5dde251311a4c3cfc4936ef81aa142c
1a312297b8cd24379bc81d7510b3e61ca98fab8c11bcf86c183ffc6e978e0c7f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A312297B8CD24379BC81D7510B3E61CA98FAB8C11BCF86C183FFC6E978E0C7F"
Last-Modified: Tue, 28 Mar 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7041
Expires: Thu, 30 Mar 2023 16:10:53 GMT
Date: Thu, 30 Mar 2023 14:13:32 GMT
Connection: keep-alive

phatchoa.net/favicon.ico

139.45.197.242

204 No Content

0 B

URL HTTP/1.1
phatchoa.net/favicon.ico
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: phatchoa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=w6dz727033zp671628730g4b2wkak393; oaidts=1680185611; syncedCookie=true

HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 30 Mar 2023 14:13:32 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ab61862f016dea85f8aa55e59369d905
a5e81f13052b9e9184caf05a9740c345a40d1f22
e0d580c313088d524a5338e63e4acf9f3f3cb45a54f2528c5d1c4915d71b255b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0D580C313088D524A5338E63E4ACF9F3F3CB45A54F2528C5D1C4915D71B255B"
Last-Modified: Thu, 30 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11908
Expires: Thu, 30 Mar 2023 17:32:00 GMT
Date: Thu, 30 Mar 2023 14:13:32 GMT
Connection: keep-alive

cdn-adef.akamaized.net/landings/277421/1669996000/js/backoffer.js?1669996000

23.36.76.96

200 OK

430 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/277421/1669996000/js/backoffer.js?1669996000
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (430), with no line terminators
Size
430 B (430 bytes)
Hash
6d5aa83d23ce0b9f72d3b87d000d8fae
034fb8768eb58ffc0b5849e2c162989741a6cbec
89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800

HTTP Headers

GET /landings/277421/1669996000/js/backoffer.js?1669996000 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 8ughA/KrGCvYbZ3xF3gEaZIfStoxWH5RKHySqx7y0P8qpWCtX+x85JxooSKXuYp9veFcjnr9MQs=
x-amz-request-id: AS6PDAYWSPNSYYB2
Last-Modified: Fri, 02 Dec 2022 15:46:42 GMT
ETag: "6d5aa83d23ce0b9f72d3b87d000d8fae"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 430
Date: Thu, 30 Mar 2023 14:13:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277421/1669996000/js/secondofferv2.js?1669996000

23.36.76.96

200 OK

454 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/277421/1669996000/js/secondofferv2.js?1669996000
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
454 B (454 bytes)
Hash
bbef5dda655f5ff740bdd295a2e64dac
d49b131b648d70d31bfe6b7f3582e22bf300bf41
f6bbab9bb5476e9da0ded1c517ec7f13fba307d2ee51141e8c81d28c43b35499

HTTP Headers

GET /landings/277421/1669996000/js/secondofferv2.js?1669996000 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: gCC8EdOBsTalZ9kN3k4PajPiM7vsYSACo1hejCFFeL8nfgd5fJVJU00RauIH1jITRel/iNCBW54rHNDMl3GPBg==
x-amz-request-id: AS6R10ZE3SY9GRZB
Last-Modified: Fri, 02 Dec 2022 15:46:42 GMT
ETag: "9bbe216b8e526fd98d219f2b91ccaa57"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 30 Mar 2023 14:13:32 GMT
Content-Length: 454
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277421/1669996000/js/MB_push_NEW.js?1669996000

23.36.76.96

200 OK

671 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/277421/1669996000/js/MB_push_NEW.js?1669996000
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with CRLF line terminators
Size
671 B (671 bytes)
Hash
533a9cb9c41907529c3d603edb25d5d9
222bee472465971cf71bfa210d04136eb765ccc0
45d257677164ebc2c1fd4ff44b4ee5a1ce9c87682f165836a3e38113d1e09eaf

HTTP Headers

GET /landings/277421/1669996000/js/MB_push_NEW.js?1669996000 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: iQFbxGO2G0wzIkkLcQX4DHuABp/VrhINpyLezUAcsd6wiXG52ENwQ6IAQa+odQ94MtTuYm6WOno=
x-amz-request-id: AS6VZDYG02FPHNSJ
Last-Modified: Fri, 02 Dec 2022 15:46:42 GMT
ETag: "533a9cb9c41907529c3d603edb25d5d9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 671
Date: Thu, 30 Mar 2023 14:13:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277421/1669996000/css/stylesheet.css?1669996000

23.36.76.96

200 OK

1.3 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/277421/1669996000/css/stylesheet.css?1669996000
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
1.3 kB (1265 bytes)
Hash
6432dc804752d5b373936fc87d28f3dd
bb8486233ac3f679f1b9cc79d4a7335163268d2d
cd41aeead5479b42ea88063cbaf4b5b1b1f30fca54469d4b4dfa9ee41169f8e8

HTTP Headers

GET /landings/277421/1669996000/css/stylesheet.css?1669996000 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: idJt5+OVsLlh8IGE85WpWfoI5vq5QV3kLxa/vsR4Znfz5zd/rHrF49UQQCM9QW62nSjC1ab6jQc=
x-amz-request-id: AS6WWX24XMFC6SZV
Last-Modified: Fri, 02 Dec 2022 15:46:42 GMT
ETag: "c7f3c5ce8633ae1b3f0b291ddca3ed1d"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 30 Mar 2023 14:13:32 GMT
Content-Length: 1265
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277421/1669996000/js/jquery.min.js?1669996000

23.36.76.96

200 OK

30 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/277421/1669996000/js/jquery.min.js?1669996000
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (32065)
Size
30 kB (29855 bytes)
Hash
2fa28552f1ee4e1382ee43930b53afb8
803670da6a35378bf4eb73acc8e72fe4feb5ca30
ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494

HTTP Headers

GET /landings/277421/1669996000/js/jquery.min.js?1669996000 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: STd0ABbD5nhML5aIYQDOUIUpwr92wM/FYWGiJc0lEWeTW2uxaatmXLanXtnoFeOynvOWJUSirn0=
x-amz-request-id: AS6JXP0X53XFYSVK
Last-Modified: Fri, 02 Dec 2022 15:46:42 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 30 Mar 2023 14:13:32 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277421/1669996000/js/main.js?1669996000

23.36.76.96

200 OK

40 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/277421/1669996000/js/main.js?1669996000
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (568), with CRLF line terminators
Size
40 kB (40511 bytes)
Hash
cd720caa7b1efe6818fffab644f4772d
148b527c3ad30c5efff3ba1fde9fe5b1c69f35c9
e99f918d74bb3cdaf1f8828f5caa2046be4bed08b2c51eb3b522661f6bf1b69e

HTTP Headers

GET /landings/277421/1669996000/js/main.js?1669996000 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: MfsV7XQNC9gzY/4IW7E11VFK+VKpge5izUS+FALaL9iLTmJxpIQ/vMLFU56lOQsAVZaXSvyU3Ug=
x-amz-request-id: AS6QSBNGDEBWZ0X1
Last-Modified: Fri, 02 Dec 2022 15:46:42 GMT
ETag: "a0f4da40bd81c65d824afc106743d47f"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 30 Mar 2023 14:13:32 GMT
Content-Length: 40511
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Backoff, Cache-Control, Last-Modified, Content-Length, Retry-After, Pragma, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 30 Mar 2023 13:14:37 GMT
age: 3535
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/277421/1669996000/images/bg.gif

23.36.76.96

200 OK

2.4 MB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/277421/1669996000/images/bg.gif
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 267 x 436\012- data
Size
2.4 MB (2372246 bytes)
Hash
0e3afb749aa96507313bb5fe7bd5ef30
b16476dba23a116d8c7b27a896253c175f5b562d
c4c596cad111ab7580c445631c36ff14cee9c3afb23a04e5ccb657667f0ac204

HTTP Headers

GET /landings/277421/1669996000/images/bg.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/landings/277421/1669996000/css/stylesheet.css?1669996000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
x-amz-id-2: 8sJucjrdKVcyPRMfwZO/KEtqOKzwlygdmJdXkkB3id123N+vRmEgcKbcDMFsd/BQK03a36EqVDg=
x-amz-request-id: ZQF1N3SZN4NQWPX6
Last-Modified: Fri, 02 Dec 2022 15:46:41 GMT
ETag: "0e3afb749aa96507313bb5fe7bd5ef30"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 2372246
Date: Thu, 30 Mar 2023 14:13:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

push.services.mozilla.com/

34.117.65.55

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.117.65.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Y0qfKDzfJaTIfnwQmVouCQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qJ9cRDHkv2Ux2AZaW2Uojtfs+2Y=
Date: Thu, 30 Mar 2023 14:13:32 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f6b3bb903e6f7394985c0ae662919208
ee3cb0fbd0017ed3a001ce195bc0cfa386979567
c6b84721f8ea52808c9884b612ffeaa16fe1e14345d9561135fbcf738a56dd2b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 14:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ

142.250.74.168

200 OK

41 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4691)
Size
41 kB (41167 bytes)
Hash
29d4d896e6a523cfb56b3217e15ec49b
5fc6af2569bda6c480870085abbac83f23874c76
fac45be71e0c7dc2509b39363f226480b108c26dd77e0ec6a15163796d44deca

HTTP Headers

GET /gtm.js?id=GTM-MLVPDTJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Mar 2023 14:13:32 GMT
expires: Thu, 30 Mar 2023 14:13:32 GMT
cache-control: private, max-age=900
last-modified: Thu, 30 Mar 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41167
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/images/favicon.ico

23.36.76.96

200 OK

4.1 kB

URL HTTP/1.1
cdn-adef.akamaized.net/images/favicon.ico
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: mzbDFFn0Yhqdz4XL9s4sX6yByljdNVrKhKiK+UtK4DVRgNzfBI6OtL7EakQiGwqEsC19uC++cQI=
x-amz-request-id: 78F19547EBC3B810
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 4103
Server: AmazonS3
Unused62: 8096267
Date: Thu, 30 Mar 2023 14:13:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

www.mysexymatches.com/js/pushjs/1.0.0/utils.js

52.17.88.125

200 OK

3.9 kB

URL HTTP/2
www.mysexymatches.com/js/pushjs/1.0.0/utils.js
IP
52.17.88.125:0
ASN
#16509 AMAZON-02

File type
data
Size
3.9 kB (3859 bytes)
Hash
e51b55e7848bd6a29fcc092b59d396c5
c6062863be7f192b1a15644f8b51936205cdac7c
c27b7ccb50047f718327aa5d68b07295eabd7e624055910b3d4b447faa2abb01

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5734989&rdk=rk1
Cookie: unique_id=6425990c000feeff; unique_id2=6425990c000ff8ac; 6425990c000ff8ac_sl=[277421]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 14:13:32 GMT
content-type: application/javascript
expires: Thu, 06 Apr 2023 14:13:32 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
21966d424aed17f9af10f69f1cb82860
87ffcdc8f4d76491bc4a5cb3a01a3923d1dff2be
6c02a4b1eee1b1c86633ef6364e6036e3f56b1eaa64a04b770d7641f7e2a2466

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 14:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
21966d424aed17f9af10f69f1cb82860
87ffcdc8f4d76491bc4a5cb3a01a3923d1dff2be
6c02a4b1eee1b1c86633ef6364e6036e3f56b1eaa64a04b770d7641f7e2a2466

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 14:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js

142.250.74.99

200 OK

10 kB

URL HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (35547)
Size
10 kB (10017 bytes)
Hash
fa9987a23f5a9d865766e952511baa30
f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7

HTTP Headers

GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 11:27:23 GMT
expires: Wed, 27 Mar 2024 11:27:23 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 182769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js

52.17.88.125

200 OK

12 kB

URL HTTP/2
www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js
IP
52.17.88.125:0
ASN
#16509 AMAZON-02

File type
C source, ASCII text, with very long lines (25088)
Size
12 kB (11901 bytes)
Hash
81f56132f149344af6b3b2785498ecf6
1bd3b7d07917fed53b3aa82437443e072b5cccf4
21522d97880629c6f3d18a71834941208767f00cfd2246f50c4a81325f18deec

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5734989&rdk=rk1
Cookie: unique_id=6425990c000feeff; unique_id2=6425990c000ff8ac; 6425990c000ff8ac_sl=[277421]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 14:13:32 GMT
content-type: application/javascript
expires: Thu, 06 Apr 2023 14:13:32 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
21966d424aed17f9af10f69f1cb82860
87ffcdc8f4d76491bc4a5cb3a01a3923d1dff2be
6c02a4b1eee1b1c86633ef6364e6036e3f56b1eaa64a04b770d7641f7e2a2466

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 14:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

syndication.realsrv.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=2451994

95.211.229.246

200 OK

20 B

URL HTTP/1.1
syndication.realsrv.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=2451994
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=2451994 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 14:13:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A71748%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-03-30%22%3B%7D%7D; expires=Fri, 29 Mar 2024 14:13:32 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

syndication.exdynsrv.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1214972120

95.211.229.245

200 OK

20 B

URL HTTP/1.1
syndication.exdynsrv.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1214972120
IP
95.211.229.245:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1214972120 HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 14:13:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A71748%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-03-30%22%3B%7D%7D; expires=Fri, 29 Mar 2024 14:13:33 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

syndication.exoclick.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=464397717

95.211.229.246

200 OK

20 B

URL HTTP/1.1
syndication.exoclick.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=464397717
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=464397717 HTTP/1.1
Host: syndication.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 14:13:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A71748%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-03-30%22%3B%7D%7D; expires=Fri, 29 Mar 2024 14:13:33 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.exv6.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1262814807

95.211.229.248

200 OK

20 B

URL HTTP/1.1
s.exv6.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1262814807
IP
95.211.229.248:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1262814807 HTTP/1.1
Host: s.exv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 14:13:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A71748%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-03-30%22%3B%7D%7D; expires=Fri, 29 Mar 2024 14:13:33 GMT; path=/; domain=.exv6.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

tsyndicate.com/api/v1/retargeting/set/57bd9f77-0f27-4a59-a866-cfcb44429b1d

136.243.43.25

200 OK

35 B

URL HTTP/2
tsyndicate.com/api/v1/retargeting/set/57bd9f77-0f27-4a59-a866-cfcb44429b1d
IP
136.243.43.25:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /api/v1/retargeting/set/57bd9f77-0f27-4a59-a866-cfcb44429b1d HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 14:13:33 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 9d4b02dfba4639ec
set-cookie: ts_rt_57bd9f77-0f27-4a59-a866-cfcb44429b1d=AAMC; expires=Fri, 29 Mar 2024 14:13:33 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

tsyndicate.com/api/v2/retargeting/set/57bd9f77-0f27-4a59-a866-cfcb44429b1d

136.243.43.25

200 OK

35 B

URL HTTP/2
tsyndicate.com/api/v2/retargeting/set/57bd9f77-0f27-4a59-a866-cfcb44429b1d
IP
136.243.43.25:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /api/v2/retargeting/set/57bd9f77-0f27-4a59-a866-cfcb44429b1d HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 14:13:33 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
x-request-id: 8e633e46c19aebae
set-cookie: ts_rt_57bd9f77-0f27-4a59-a866-cfcb44429b1d=AAMC; expires=Fri, 29 Mar 2024 14:13:33 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
0823bd8c38770a03b7a5c23e8e322bed
5314a4dcec351226a2a445188368b5d090dc66f6
1c49e4921c53d30ab0c35d00c2a25557c330b6f7e7368034979df28d25559203

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1549
Cache-Control: max-age=171819
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 14:13:33 GMT
Etag: "64258f2b-138"
Expires: Sat, 01 Apr 2023 13:57:12 GMT
Last-Modified: Thu, 30 Mar 2023 13:31:23 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 312

ctrack.trafficjunky.net/ctrack/ctrack?action=list&type=add&id=1&context=mb&cookiename=start&age=545600&maxcookiecount=10

66.254.114.89

200 OK

0 B

URL HTTP/1.1
ctrack.trafficjunky.net/ctrack/ctrack?action=list&type=add&id=1&context=mb&cookiename=start&age=545600&maxcookiecount=10
IP
66.254.114.89:0
ASN
#29789 REFLECTED

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ctrack/ctrack?action=list&type=add&id=1&context=mb&cookiename=start&age=545600&maxcookiecount=10 HTTP/1.1
Host: ctrack.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
server: openresty
date: Thu, 30 Mar 2023 14:13:33 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 6425990D-42FE725901BB6B62-17352FDF

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4314
Expires: Thu, 30 Mar 2023 15:25:28 GMT
Date: Thu, 30 Mar 2023 14:13:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4314
Expires: Thu, 30 Mar 2023 15:25:28 GMT
Date: Thu, 30 Mar 2023 14:13:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4314
Expires: Thu, 30 Mar 2023 15:25:28 GMT
Date: Thu, 30 Mar 2023 14:13:34 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5395 bytes)
Hash
76c71571a378e261334e5acb723634ab
f1234c280364b6fe1dcf9c6c64edadc235108c4b
97544d600ab1ae204b169c3b7ba2a74df689b6c711a003d72f0934165d8a3e25

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5395
x-amzn-requestid: ff3218dc-8754-4568-8e42-0885cb7e5d06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA0BFYNoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae7f-127129cf3776a60c333d205c;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: fuA8SDAQ_x_o-yVDQ8_j62FOzcHxGxc6su8QmqMl-sJFc9SImy7ucA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:55:44 GMT
age: 58670
etag: "f1234c280364b6fe1dcf9c6c64edadc235108c4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9859 bytes)
Hash
da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nZfXy-IsoHliuLodEocEZlH-IvmIV9G-noSmSEU1wmuMPfBx3rLJ9w==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 11:37:45 GMT
age: 9349
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11118 bytes)
Hash
1d109c71a6d804ac43ede46ac74f2065
251d3e3e3eadee46258a4ad9d33d5e9e83aa63b4
de2d781c75abb41ea14c0f4c072df0977562d824d81b5f4ca28c4f635067a17b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11118
x-amzn-requestid: 71508920-b2d8-446d-a498-8bf8708af974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA4qHrpoAMF-0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae9d-5191b68a4c7f1ee042a05583;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:17 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3JIDZJcepJFwPc0anfKz5OO8LZY3cFMI4oljiaft8jBgltzp2iYJiA==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:55:34 GMT
age: 58680
etag: "251d3e3e3eadee46258a4ad9d33d5e9e83aa63b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4549 bytes)
Hash
2021c271f9290204bd14cd2a3a1680fc
39b68cbcaba381d63dc67bc289fb67c849adb9ff
a84c5dd1e52d7cd535e04cb455891a1442000eb0e4381031c976b4cf3be96f2f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4549
x-amzn-requestid: 70e07309-5fc5-4307-b455-29a187eae0d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoBHFFoAMFx5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afcc-298f18fd0cf0b37465a74c13;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 0bqn9l0Lqaavg48Uv9xRI7-zbdu1OfBuxITVjbhnIhmT79W_dzC72g==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:41:40 GMT
age: 59514
etag: "39b68cbcaba381d63dc67bc289fb67c849adb9ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12233 bytes)
Hash
db24198518d1a093c5c03e92e53925a2
288898a60e0a029946e7d770d2b0c64b6f3bf51d
4a15da439fa1a3ccdd3d329f250bacaab581287183293c4e367b05c2a83eb66d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12233
x-amzn-requestid: 781fd422-c720-49d7-bc90-6f8b18751caf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAynHgNoAMFvCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae76-5327bf334c985816289507b9;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nwdrJGU7u4C_ZtSQkSASfZ2qj8a31rIr87g_K8YvrrsoVN5yeN8CRQ==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:52:11 GMT
age: 58883
etag: "288898a60e0a029946e7d770d2b0c64b6f3bf51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10271 bytes)
Hash
424b55535e5fd622b2fc96aac1246324
cf7cf08aa8969a86bf03695af2129686fd62fe86
c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoXGh5oAMFfzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 1cXec9_e-KpzyTwiHaNAaf0y5i12tw7BkZTXnduS5ek7yAAZ0LXTWw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:48:07 GMT
age: 59127
etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda18d5e-b73e-4202-b1f8-d36a10bc29f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6975 bytes)
Hash
c8de7c61ab5f849628db707ae7587904
f040cba140c3510c5e6fc0ae1e56505c3749d525
492ea40ba548983fcd3bc41a1e29b6337e4e4e83b1248dcccf82cc1e7e22df88

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda18d5e-b73e-4202-b1f8-d36a10bc29f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6975
x-amzn-requestid: bd3a35e2-22bc-4b5d-8c46-74f21205e512
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA4qHKCoAMFR4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae9d-7f1dd1175a4580f75a614254;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:17 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: Q39PWwkZfIyNwmE_PBk86LfcqDKgLlbLsU2ewpLgeCv9hehTL9Gvsw==
via: 1.1 8731d2a1a7d15f67b588bf58f652f9f0.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 22:04:53 GMT
age: 58127
etag: "f040cba140c3510c5e6fc0ae1e56505c3749d525"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5734989&rdk=rk1

52.17.88.125

200 OK

0 B

URL HTTP/2
www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5734989&rdk=rk1
IP
52.17.88.125:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5734989&rdk=rk1 HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 14:13:32 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=6425990c000feeff; Path=/; Expires=Mon, 29 May 2023 14:13:32 GMT; Secure; SameSite=None
unique_id2=6425990c000ff8ac; Path=/; Expires=Wed, 28 Jun 2023 14:13:32 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Thu, 30 Mar 2023 14:13:32 GMT; Secure; SameSite=None
6425990c000ff8ac_sl=[277421]; Path=/; Expires=Thu, 13 Apr 2023 14:13:32 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

www.mysexymatches.com/js/service-worker.js

52.17.88.125

200 OK

0 B

URL HTTP/2
www.mysexymatches.com/js/service-worker.js
IP
52.17.88.125:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/service-worker.js HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: unique_id=6425990c000feeff; unique_id2=6425990c000ff8ac; 6425990c000ff8ac_sl=[277421]
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 14:13:32 GMT
content-type: application/javascript
expires: Thu, 06 Apr 2023 14:13:32 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML