wriblood-foutinets.com/53e82c6a-2a38-49d9-a8c3-e28d4aa0c6c5?var1=1b7346v9jjueuvwihrhxbm/&var2=SUB_PUBID&p1=puba693fc102a764c63842b2543b8dd40eb
18.195.174.160 0 B URL wriblood-foutinets.com/53e82c6a-2a38-49d9-a8c3-e28d4aa0c6c5?var1=1b7346v9jjueuvwihrhxbm/&var2=SUB_PUBID&p1=puba693fc102a764c63842b2543b8dd40eb
IP 18.195.174.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /53e82c6a-2a38-49d9-a8c3-e28d4aa0c6c5?var1=1b7346v9jjueuvwihrhxbm/&var2=SUB_PUBID&p1=puba693fc102a764c63842b2543b8dd40eb HTTP/1.1
Host: wriblood-foutinets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 04:46:22 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://click.mobsuitemo.com/?utm_medium=4094b1ac2a5ec0836f4aff13971d78cb6e79858f&utm_campaign=Adult_For_Chotas&1=f4a7c17b-01e0-4332-985c-cc9a764fab03_1b7346v9jjueuvwihrhxbm%2F&cid=w6eua699f79d8s413tgl360i
pragma: no-cache
set-cookie: 53e82c6a-2a38-49d9-a8c3-e28d4aa0c6c5-v4=Kv7i0JV72RSWeqB2GKG8OeyEPYWe6Ry-y0BeH-m1tTw; Max-Age=86400; Expires=Thu, 09-May-2024 04:46:22 GMT; Domain=wriblood-foutinets.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=e2tNGoXAZciXgo0UIHkEAV1BVEXTnqbq422%2Flvx0trvUj7lPFvbAsyYpftU5Iv02xuxla2Zucd63Q26CXS4Tz8DHZXHfFJ9fIGHD4tyX3iAdwqypP8KrhiAeERmUsnA4TEg29s2gxg9LgwzbvZ%2FIlw%3D%3D; Max-Age=31536000; Expires=Thu, 08-May-2025 04:46:22 GMT; Domain=wriblood-foutinets.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
cartining-specute.com/2c8047c4-066e-4834-a1b5-360c8c138f20?partner_id=1146&click_cost=0&subid=M7366485592651071558
18.197.36.77302 Found 0 B URL User Request GET HTTP/2 cartining-specute.com/2c8047c4-066e-4834-a1b5-360c8c138f20?partner_id=1146&click_cost=0&subid=M7366485592651071558
IP 18.197.36.77:443
Certificate IssuerLet's Encrypt
Subjectcartining-specute.com
Fingerprint7F:82:DA:7A:66:A7:71:66:EE:8C:DE:A5:B5:44:E6:F7:AB:0B:74:08
ValidityTue, 26 Mar 2024 06:48:17 GMT - Mon, 24 Jun 2024 06:48:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2c8047c4-066e-4834-a1b5-360c8c138f20?partner_id=1146&click_cost=0&subid=M7366485592651071558 HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://click.mobsuitemo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 04:46:23 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sweetiemeet.com/tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_source=int&affid=497f5345&subid=&clickid=w8co2ov23bkfps41j1clplem&subid2=w8co2ov23bkfps41j1clplem
pragma: no-cache
set-cookie: 2c8047c4-066e-4834-a1b5-360c8c138f20-v4=xihKBQpFswB3M632IMnQ5HqjTz1Pld8MCYpnwboQzYE; Max-Age=86400; Expires=Thu, 09-May-2024 04:46:23 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=00FG31GwtOsoHW427fNdO5rTvfLrDeoD0Y4QfgiYp%2FQLAE6ZuMPafGh1cRKBBucevKLqN8%2BX7xH4u67wvBlPByEu%2BChWCfI%2BtTjOiX9q5KJrd974vWyH17w5Mo9hMYnJs6j59RZ4ZEkyAjWn2%2FgvKQ%3D%3D; Max-Age=31536000; Expires=Thu, 08-May-2025 04:46:23 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.r2m03.amazontrust.com/
3.164.222.26 471 B URL ocsp.r2m03.amazontrust.com/
IP 3.164.222.26:0
Hash 339e73747af7989db72d1727772453f0
76b1d844010ef3083df348cb7b5b873792a2875d
eb1691b7e2a16ba9a0ec38f1e6af014f87397af2e2cf659090f6ecc5c9cd16fe
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 04:46:25 GMT
Last-Modified: Wed, 08 May 2024 04:10:48 GMT
Server: ECAcc (amb/6AC3)
X-Cache: Miss from cloudfront
Via: 1.1 da5d88dbc4ee6cd5f6a430e9228644f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: bfCSKkGSv9ypNoVMQW2b6PC6Myv55JYb2ywNs1xis4lcHpcoXxSSWA==
Age: 2137
ocsp.r2m03.amazontrust.com/
3.164.222.26 471 B URL ocsp.r2m03.amazontrust.com/
IP 3.164.222.26:0
Hash 339e73747af7989db72d1727772453f0
76b1d844010ef3083df348cb7b5b873792a2875d
eb1691b7e2a16ba9a0ec38f1e6af014f87397af2e2cf659090f6ecc5c9cd16fe
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 04:46:25 GMT
Server: ECAcc (amb/6A94)
X-Cache: Miss from cloudfront
Via: 1.1 d6c4df67fbc9179b8107c6193c7dead8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: UvFEz-b6uf7kSx9b9GKCB-x9_5srhg33rZ9XayEsBlW5ms6DtLua-A==
fonts.googleapis.com/css?family=Roboto+Slab&display=swap
142.250.74.106200 OK 1.1 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto+Slab&display=swap
IP 142.250.74.106:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File type gzip compressed data, max compression
Hash 517a49cf06656cadcfdc2c4c66e6ca85
b29de1f7435c0ac7ed79b5235afa427b03c0902f
4afc98fd96ac258b194c77160d749be0e167339cdaaf54de3555109ee98f7144
GET /css?family=Roboto+Slab&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn3reference.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 04:46:25 GMT
date: Wed, 08 May 2024 04:46:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sweetiemeet.com/bts.js
54.230.111.55301 Moved Permanently 134 B IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /bts.js HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
content-type: text/html
content-length: 134
age: 478
server: awselb/2.0
date: Wed, 08 May 2024 04:38:28 GMT
location: https://bts.insigit.com:443/bts.js
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: q0WxIHq-5K-BjH8LzuBu-4DsVNsAtavG2GlYMoPexn8hY3hLxUwofw==
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:03:54 GMT
expires: Fri, 02 May 2025 02:03:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 528152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 328669
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
142.250.74.168200 OK 77 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
IP 142.250.74.168:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File type JavaScript source, ASCII text, with very long lines (4073)
Hash abe51ffe12ff69acb42038a8f5dd0d2a
41d83800ae51beef816e2d9e40f6e5b72f63d4e3
0814ef3b972aa960f9778f54cb99b748b6bb087dcc2e8424aa770abc795d9579
GET /gtm.js?id=GTM-KMSJRW&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 04:46:26 GMT
expires: Wed, 08 May 2024 04:46:26 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 May 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76953
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotoslab/v34/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
216.58.207.227200 OK 14 kB URL GET HTTP/2 fonts.gstatic.com/s/robotoslab/v34/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
IP 216.58.207.227:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 13992, version 1.0
Hash 2777148aac2c795e90547d37d27d7ef6
081706e57acfd5778f3aceb81e1c7b32e52ae2a5
438099da1cf057f5b48133f7a74b2d506751fb1b2e888d22ca397fa1983a8f9a
GET /s/robotoslab/v34/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13992
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:05:31 GMT
expires: Fri, 02 May 2025 02:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 24 Oct 2023 01:50:45 GMT
content-type: font/woff2
age: 528055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 528686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m03.amazontrust.com/
3.164.222.26 471 B URL ocsp.r2m03.amazontrust.com/
IP 3.164.222.26:0
Hash bbe6a16ff80607103534843dd6d54f88
e64c739071f8e57803e6678cd38c16c6bc04b29b
2febbf025e593c9bc97fc12588cb4ce38056dc2707e6f1574226b198f24a7798
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 04:46:26 GMT
Last-Modified: Wed, 08 May 2024 04:41:20 GMT
Server: ECAcc (amb/6AB4)
X-Cache: Miss from cloudfront
Via: 1.1 da5d88dbc4ee6cd5f6a430e9228644f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: E4T3h7RTSL6DKoqHAYctAT5o3DrxoMF_bR7aWPM5QtAnZ906soErlg==
Age: 306
sweetiemeet.com/web-vitals@3.3.0/dist/web-vitals.iife.js
54.230.111.55200 OK 3.9 kB URL GET HTTP/3 sweetiemeet.com/web-vitals@3.3.0/dist/web-vitals.iife.js
IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type gzip compressed data, max speed
Hash 74c28b844273d972de6332e8902d9c96
3d8cf4460abec33b2731ff4267f5c03d437fef94
ae69335dec8b7f357f50dfb196acc826455be8c1f06609f5a8c2bf688fb45b76
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /web-vitals@3.3.0/dist/web-vitals.iife.js HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
age: 13728782
date: Fri, 01 Dec 2023 18:20:42 GMT
access-control-allow-origin: *
content-encoding: gzip
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1b8b-2Pht765cKB7+cupYL/A9I7DYa+A"
via: 1.1 fly.io, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
fly-request-id: 01HGJ3K6CGTYF0ZSHVHKXP89KJ-fra
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82ed587d0ba4373e-FRA
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9FoJOOKOq6IqB4sG5G6Q4lmp9akgO7GTZA-Zwzu5hS50EMsQLjahBQ==
bts.insigit.com/bts.js
18.194.250.109200 OK 8.9 kB IP 18.194.250.109:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectbts.insigit.com
FingerprintCE:F2:1B:70:1B:D1:E2:1A:82:E6:CC:0C:5A:46:F7:29:BA:F5:B6:7B
ValidityMon, 04 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (8877)
Hash 975eaea70ff4996a1f47591983e510bc
51e7e6dcef3d9bbe9e1fb9e27d014e59bf9fbc10
72e69358fa344f2bd1be00400a74600766cf4af15f71abf9b968b3fc3dfc9440
GET /bts.js HTTP/1.1
Host: bts.insigit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sweetiemeet.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 04:46:26 GMT
content-type: application/javascript
content-length: 8878
server: nginx
last-modified: Mon, 01 Apr 2024 08:23:54 GMT
etag: "660a6f1a-22ae"
cache-control: public, max-age=3600
accept-ranges: bytes
X-Firefox-Spdy: h2
sweetiemeet.com/b/tr
54.230.111.55202 Accepted 0 B IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 950
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=d350be8c9c814f328e584b0e8ad38f98
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 04:46:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UuBnaXTljLIpIcw6BAjopkM1gFYehbGb97cEOcg99bIP3YGinR0ijg==
sweetiemeet.com/b/tr
54.230.111.55202 Accepted 0 B IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 946
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=d350be8c9c814f328e584b0e8ad38f98
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 04:46:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SQ8Z47fg4PDNFJK2XlyB7zo7h4jcDgYk9VuG311HLV8TrOglYTE25g==
sweetiemeet.com/b/tr
54.230.111.55202 Accepted 0 B IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 850
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=d350be8c9c814f328e584b0e8ad38f98
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 04:46:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HoXV7PnJjyPY6rrjDHmfEWaVfRL-NWGoDRyUk7EuCUwwbAjqq3x-RA==
sweetiemeet.com/b/tr
54.230.111.55202 Accepted 0 B IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 846
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=d350be8c9c814f328e584b0e8ad38f98
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 04:46:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SHzfCeqGk5zAdCpZP5-mVrB68twV5Z4CcIHKdWQNScgMZfdJ6Nmj4Q==
sweetiemeet.com/b/tr
54.230.111.55202 Accepted 0 B IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 843
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=d350be8c9c814f328e584b0e8ad38f98
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 04:46:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: a0ChGN-KqH3NfjGuMZ-ArfjP1nZcKhKILsph-46qjhc82_EmPIuAAA==
sweetiemeet.com/b/tr
54.230.111.55202 Accepted 0 B IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 849
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=d350be8c9c814f328e584b0e8ad38f98
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 04:46:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NI-tnmLoCnfT-FDo5xzyMeX2NYHXt8URhTD_qCoZt0AAhk7-iV5YZA==
sweetiemeet.com/b/tr
54.230.111.55202 Accepted 0 B IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 848
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=d350be8c9c814f328e584b0e8ad38f98
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 04:46:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9zbIRSjQRMTeicw54EVeSKVBEBTKyFdIsOFN-ss34fywFvjrzWAbog==
sweetiemeet.com/b/tr
54.230.111.55202 Accepted 0 B IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 849
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=d350be8c9c814f328e584b0e8ad38f98
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 May 2024 04:46:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: axUaVjwfyiUyLukuK39yupE65CJF2fv3YzJoU9SkPxKeeg91TRuAzQ==
sweetiemeet.com/tds/interlayer?handler=FrodiData
54.230.111.55200 OK 0 B URL POST HTTP/3 sweetiemeet.com/tds/interlayer?handler=FrodiData
IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /tds/interlayer?handler=FrodiData HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 1775
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Wed, 08 May 2024 04:46:25 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-id: ve9zTewSf2F8TqO1-JSp2Xs0ehypUyZ0MzZuLrypE97lZZqYO4X-pA==
fonts.googleapis.com/css?family=Roboto:400,500,700,900&display=swap
142.250.74.106200 OK 991 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:400,500,700,900&display=swap
IP 142.250.74.106:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File type gzip compressed data, max compression
Size 991 kB (990974 bytes)
Hash 6a0ae8d7ed86add395c1ea427c501de6
bd6bd83bb6baad53570eaefa76b8052daaa8cd19
4d4611ebd91cbd0fdb352b3760f7edc9d37293217c24d0c072913952f0d09f5e
GET /css?family=Roboto:400,500,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn3reference.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 04:46:25 GMT
date: Wed, 08 May 2024 04:46:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn3reference.com/landings/24402/images/title.svg
3.164.230.16200 OK 693 B URL GET HTTP/2 cdn3reference.com/landings/24402/images/title.svg
IP 3.164.230.16:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectcdn3reference.com
Fingerprint68:6A:A1:F6:FE:1A:5F:E6:C3:5E:6E:F8:DE:09:60:05:AC:97:56:FC
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash b3e80c606f7e9558675f3506bca81300
3952181f51d4eb18207cf7c14714e7dac2e89782
eaf7e935a0487af944c842426a64ccf6ff7f961c1ea83aef6c976d0515be10d9
GET /landings/24402/images/title.svg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn3reference.com/landings/24402/css/1bb237f1d11d96bafc51aee0e34d1311.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 08 May 2024 04:46:26 GMT
last-modified: Wed, 04 Dec 2019 08:20:42 GMT
etag: W/"4ed-598dc7d104a80"
cache-control: public, max-age=604800
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0369688214835f42c0769e35bb5bc592.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: 2qTNb3ryooUPYQ0jFlqge53B1_5TNdrezeX4v_luK6PDy0mLtBlItQ==
X-Firefox-Spdy: h2
sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
54.230.111.55200 OK 6.5 kB URL User Request GET HTTP/2 sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
IP 54.230.111.55:443
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (6863), with no line terminators
Hash 2772bd77721d929d875fd0938e8e8864
f1c602cc37635564ad44e7e9a7d02fae488fa714
c42d587e478e0c9faf9882b159497b1f39a787f45ec7efd3f3b6d5682d946580
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://click.mobsuitemo.com/
DNT: 1
Connection: keep-alive
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 08 May 2024 04:46:24 GMT
server: nginx
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qlLC20iEcLmb3NDVXGrUVfQUvJ-_B5CdwvYmNmwyurSHiDH8PeAQjw==
X-Firefox-Spdy: h2
sweetiemeet.com/bridge/index.js
54.230.111.55200 OK 19 kB URL GET HTTP/3 sweetiemeet.com/bridge/index.js
IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (18821)
Hash 31ac533b3ecf8a8b34d8c65a86ea65b1
2a835d8081e68bf8cb57335e9022ae8279ead394
5cf3585f2f040f381d74c4d23f4ba5b34ec30cf9301ff94774a1ce70c1be26bc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /bridge/index.js HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Wed, 08 May 2024 04:46:25 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 02 May 2024 15:51:21 GMT
etag: W/"4986-18f3a00c8a8"
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-id: A_rnfjE0iubhiXW-nsKMot_oS2cd9V78MnjBarzLnCEt5J718jPJpw==
cdn3reference.com/images/jump-favicon.ico
0.0.0.0 0 B URL GET cdn3reference.com/images/jump-favicon.ico
IP 0.0.0.0:0
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectcdn3reference.com
Fingerprint68:6A:A1:F6:FE:1A:5F:E6:C3:5E:6E:F8:DE:09:60:05:AC:97:56:FC
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/jump-favicon.ico HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
server: nginx
date: Wed, 08 May 2024 04:46:26 GMT
last-modified: Fri, 05 Dec 2014 08:28:50 GMT
etag: W/"47e-50973ddc33480"
cache-control: public, max-age=604800
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0369688214835f42c0769e35bb5bc592.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: T7B_0I6wlJb2Na6cS1nPT20R___SGT1BKJJeqQfyeUc-7HY1GUeecQ==
X-Firefox-Spdy: h2
sweetiemeet.com/tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_source=int&affid=497f5345&subid=&clickid=w8co2ov23bkfps41j1clplem&subid2=w8co2ov23bkfps41j1clplem
54.230.111.55302 Found 6.5 kB URL User Request GET HTTP/2 sweetiemeet.com/tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_source=int&affid=497f5345&subid=&clickid=w8co2ov23bkfps41j1clplem&subid2=w8co2ov23bkfps41j1clplem
IP 54.230.111.55:443
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_source=int&affid=497f5345&subid=&clickid=w8co2ov23bkfps41j1clplem&subid2=w8co2ov23bkfps41j1clplem HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://click.mobsuitemo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
date: Wed, 08 May 2024 04:46:24 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
set-cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; Max-Age=31536000; Domain=.sweetiemeet.com; Path=/; Expires=Thu, 08 May 2025 04:46:24 GMT; Secure; SameSite=None
dm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Mon, 13 May 2024 04:46:24 GMT
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kUs8yPm5wfW8TrBFUcqCvQuAwk9GuixhwGfxT_289HqMtqGv7ArWDw==
X-Firefox-Spdy: h2
cdn3reference.com/landings/24402/js/20dff8cf5ed8c45d47eca00751d44eb9.js
3.164.230.16200 OK 97 kB URL GET HTTP/2 cdn3reference.com/landings/24402/js/20dff8cf5ed8c45d47eca00751d44eb9.js
IP 3.164.230.16:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectcdn3reference.com
Fingerprint68:6A:A1:F6:FE:1A:5F:E6:C3:5E:6E:F8:DE:09:60:05:AC:97:56:FC
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65535)
Hash 20dff8cf5ed8c45d47eca00751d44eb9
209faa3f1a08dcb3c943fe8b6c344571005ef3b4
aaf2bc75c60776c40df9015d7f99cde0e9adb2f81e859276ed30d7c431d6a720
GET /landings/24402/js/20dff8cf5ed8c45d47eca00751d44eb9.js HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 08 May 2024 04:46:25 GMT
last-modified: Fri, 26 Aug 2022 12:23:03 GMT
etag: W/"17b45-5e723f9b7d7c0"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0369688214835f42c0769e35bb5bc592.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: Yve2itcETM5_2-ckKFP67ZkGR7ZXWdBlA-QuIt7zZMandab8c0_NCA==
X-Firefox-Spdy: h2
sweetiemeet.com/integration.js?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
54.230.111.55200 OK 2.4 kB URL GET HTTP/3 sweetiemeet.com/integration.js?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (2547), with no line terminators
Hash a9851c92a9ff566c3be31de17178aede
3519fa1d3024118e428c887eb62b7c0c1f346fa5
d1018b20743bc1fc1059269ff2a0ee7c808ebd13fb38a400619645101da1d727
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /integration.js?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Wed, 08 May 2024 04:46:25 GMT
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"966-gnbtoLwSLWPMZXlV8XAUZbwiy2E"
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-id: Lkzghf9eHyCbhxbUx2ldaOqHjtpz5V9oxL544Y-QOlwhWLy_mmeGyQ==
sweetiemeet.com/ufis/main.js?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsweetiemeet.com%2Fjump%3Ftds_oid%3D24402%26dci%3D22397b1a3feef8ff3d8a418856c4f828b50e6777%26clickid%3Dw8co2ov23bkfps41j1clplem%26tds_campaign%3Db1727pos%26tds_ac_id%3Ds0792tok%26utm_source%3Dint%26_tgUrl%3DaHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%252FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%253D%26affid%3D497f5345%26tds_host%3Dsweetiemeet.com%26id%3D24402%26subid%3D%26s1%3Dps%26tds_cid%3D46c0f29faf3ce767fb029702e20779f8b24bd6ce%26tds_ao%3D1%26tds_id%3Db1727pos_jump_a_1598613018653%26subid2%3Dw8co2ov23bkfps41j1clplem&uaDataValues={}
54.230.111.55200 OK 199 B URL GET HTTP/3 sweetiemeet.com/ufis/main.js?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsweetiemeet.com%2Fjump%3Ftds_oid%3D24402%26dci%3D22397b1a3feef8ff3d8a418856c4f828b50e6777%26clickid%3Dw8co2ov23bkfps41j1clplem%26tds_campaign%3Db1727pos%26tds_ac_id%3Ds0792tok%26utm_source%3Dint%26_tgUrl%3DaHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%252FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%253D%26affid%3D497f5345%26tds_host%3Dsweetiemeet.com%26id%3D24402%26subid%3D%26s1%3Dps%26tds_cid%3D46c0f29faf3ce767fb029702e20779f8b24bd6ce%26tds_ao%3D1%26tds_id%3Db1727pos_jump_a_1598613018653%26subid2%3Dw8co2ov23bkfps41j1clplem&uaDataValues={}
IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 34da7c5ca056925017c6b515151b56fb
62c837d70fef5df6cd32a98d394d0a4da484ec81
d1e75a1ab55540bae67aedae90c7b4aca491728d98f4a2da8b8070f0af3c37c1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ufis/main.js?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsweetiemeet.com%2Fjump%3Ftds_oid%3D24402%26dci%3D22397b1a3feef8ff3d8a418856c4f828b50e6777%26clickid%3Dw8co2ov23bkfps41j1clplem%26tds_campaign%3Db1727pos%26tds_ac_id%3Ds0792tok%26utm_source%3Dint%26_tgUrl%3DaHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%252FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%253D%26affid%3D497f5345%26tds_host%3Dsweetiemeet.com%26id%3D24402%26subid%3D%26s1%3Dps%26tds_cid%3D46c0f29faf3ce767fb029702e20779f8b24bd6ce%26tds_ao%3D1%26tds_id%3Db1727pos_jump_a_1598613018653%26subid2%3Dw8co2ov23bkfps41j1clplem&uaDataValues={} HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Wed, 08 May 2024 04:46:25 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"c7-qF/KRh2X+Q6vUiRrlZdO6ruifCA"
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-id: 5Wjm422HJM6MwCnZPOJ-8dRR2J4ytmNWrW88tOg5UzUJAtQFhrX_Ow==
sweetiemeet.com/bridge/intg.js
54.230.111.55200 OK 339 B URL GET HTTP/3 sweetiemeet.com/bridge/intg.js
IP 54.230.111.55:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type ASCII text, with very long lines (358), with no line terminators
Hash cf8ca42f5e46260e52a5a7c50c44fb7e
0b1c2552e321d8265717e1449a0c7c369fc723c8
a97d4e2dcf3e56b1b88e3425284784cffa51fe0e0bebe76fbbb3581cf5826b3d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /bridge/intg.js HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Cookie: dci=22397b1a3feef8ff3d8a418856c4f828b50e6777; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Wed, 08 May 2024 04:46:25 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=3600
last-modified: Thu, 02 May 2024 15:51:21 GMT
etag: W/"153-18f3a00c8a8"
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-id: tzMooOiDWGRvbfdR8zSIek13hZu4PSHQtUR6-Xr50DPSh93lc1Wj1g==
cdn3reference.com/landings/24402/css/1bb237f1d11d96bafc51aee0e34d1311.css
3.164.230.16200 OK 4.0 kB URL GET HTTP/2 cdn3reference.com/landings/24402/css/1bb237f1d11d96bafc51aee0e34d1311.css
IP 3.164.230.16:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectcdn3reference.com
Fingerprint68:6A:A1:F6:FE:1A:5F:E6:C3:5E:6E:F8:DE:09:60:05:AC:97:56:FC
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT
File type ASCII text, with very long lines (4059), with no line terminators
Hash 02e65bcfd8ee03a70c55a928d2891a2d
28bec4ebc281a41e2e1018c43dc18af8e7457bbb
af46a60199930c2671af4465778b5daac9818a3c4f9dd93e9165ad054686f171
GET /landings/24402/css/1bb237f1d11d96bafc51aee0e34d1311.css HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Wed, 08 May 2024 04:46:25 GMT
last-modified: Fri, 26 Aug 2022 12:23:03 GMT
etag: W/"fcb-5e723f9b7d7c0"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0369688214835f42c0769e35bb5bc592.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: CNGMc7SI_bp1U77mmiyJ9xT6nuWKhE3btNxM7ygqcVvCUjf0zRdHrA==
X-Firefox-Spdy: h2
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?j_type=open&jump=24402&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777
143.204.55.119200 OK 35 B URL GET HTTP/2 retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?j_type=open&jump=24402&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777
IP 143.204.55.119:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectretarget2core.com
FingerprintAC:15:CC:37:0E:B3:F2:08:95:E0:FC:52:46:A2:9A:06:02:11:B5:F5
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?j_type=open&jump=24402&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777 HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
date: Wed, 08 May 2024 04:46:25 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
set-cookie: dci=30e40a0f36a7f8f9ad7665e4db1d6468eb415e5c; Max-Age=31536000; Domain=.retarget2core.com; Path=/; Expires=Thu, 08 May 2025 04:46:25 GMT; Secure; SameSite=None
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0-t5IXjYQDRrh0Ik1MEX_E1u8tYiQt4ZoTaHvX63qIZi4IsHSxYyQA==
X-Firefox-Spdy: h2
cdn3reference.com/landings/24402/images/1.gif
3.164.230.16200 OK 990 kB URL GET HTTP/2 cdn3reference.com/landings/24402/images/1.gif
IP 3.164.230.16:443
Requested by https://sweetiemeet.com/jump?tds_oid=24402&dci=22397b1a3feef8ff3d8a418856c4f828b50e6777&clickid=w8co2ov23bkfps41j1clplem&tds_campaign=b1727pos&tds_ac_id=s0792tok&utm_source=int&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvNDNhZjk2OTYwOTRkYWU5OGZmODE5MzhkMGQwNmQ4ZGQ%2FX190PTE3MTUxNDM1ODQ2NTUmX19sPTM2MDAmX19jPTQ2YzBmMjlmYWYzY2U3NjdmYjAyOTcwMmUyMDc3OWY4YjI0YmQ2Y2U%3D&affid=497f5345&tds_host=sweetiemeet.com&id=24402&subid=&s1=ps&tds_cid=46c0f29faf3ce767fb029702e20779f8b24bd6ce&tds_ao=1&tds_id=b1727pos_jump_a_1598613018653&subid2=w8co2ov23bkfps41j1clplem
Certificate IssuerAmazon
Subjectcdn3reference.com
Fingerprint68:6A:A1:F6:FE:1A:5F:E6:C3:5E:6E:F8:DE:09:60:05:AC:97:56:FC
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT
File type GIF image data, version 89a, 350 x 350
Size 990 kB (990217 bytes)
Hash b6a3143a53b595e8fbdb0b57325eb689
92b4ec51c3d7c4a7153b9f6c71fc773801e681be
0f4d95d70a7c81a640b273cc833c39a15f44c3b6c87c48c7d372926fef736862
GET /landings/24402/images/1.gif HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn3reference.com/landings/24402/css/1bb237f1d11d96bafc51aee0e34d1311.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
content-length: 990217
server: nginx
date: Wed, 08 May 2024 04:46:26 GMT
last-modified: Wed, 04 Dec 2019 08:19:16 GMT
etag: "f1c09-598dc77f00900"
accept-ranges: bytes
cache-control: public, max-age=604800
x-cache: Miss from cloudfront
via: 1.1 0369688214835f42c0769e35bb5bc592.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: 224rVvJEqWfKXm6AVjgJzJln_cUE0Ja9z5KxhgzQBEAC1SEJUG5WMw==
X-Firefox-Spdy: h2