Report - www.mysexymatches.com/c/68acbebbd7514cd9

Report Overview

Submitted URL
www.mysexymatches.com/c/68acbebbd7514cd9
IP
52.17.88.125
ASN
#16509 AMAZON-02
Submitted
2023-01-28 19:24:32
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdn-adef.akamaized.net	125719	2018-02-06T08:56:01Z	2023-03-13T06:36:53Z	3.4 kB	3.2 MB	23.36.76.194
s.exv6.com	unknown	2022-03-16T15:28:04Z	2023-03-09T09:14:42Z	432 B	433 B	95.211.229.248
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-13T05:11:40Z	467 B	678 B	139.45.195.8
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.7 kB	48 kB	34.120.237.76
ctrack.trafficjunky.net	27301	2014-03-23T23:43:38Z	2023-03-13T06:54:14Z	478 B	1.1 kB	66.254.114.89
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	616 B	596 B	209.85.233.154
ads.traffichunt.com	68632	2014-02-19T12:17:45Z	2023-03-13T02:54:03Z	423 B	12 kB	54.162.88.88
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.33.119.27
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	944 B	54.230.245.39
s.opoxv.com	53756	2019-12-13T10:21:20Z	2023-03-10T15:58:05Z	435 B	434 B	95.211.229.246
main.exosrv.com	206751	2016-11-30T12:41:20Z	2023-03-13T07:30:58Z	439 B	435 B	95.211.229.247
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	615 B	349 B	31.13.72.36
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.4 kB	4.9 kB	142.250.74.131
main.realsrv.com	91110	2019-02-11T14:11:59Z	2023-03-13T07:30:58Z	440 B	436 B	95.211.229.247
s.orbsrv.com	unknown	2020-09-02T23:53:48Z	2023-03-10T15:11:26Z	435 B	435 B	95.211.229.246
a.mgid.com	18073	2013-11-17T06:08:48Z	2023-03-13T07:45:22Z	415 B	553 B	104.19.136.78
main.exoclick.com	33599	2015-09-01T12:25:49Z	2023-03-13T06:54:12Z	439 B	437 B	95.211.229.246
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
syndication.realsrv.com	9112	2019-07-03T23:39:52Z	2023-03-13T05:10:53Z	447 B	436 B	95.211.229.247
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	378 B	29 kB	31.13.72.12
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	385 B	41 kB	142.250.74.168
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	782 B	20 kB	142.250.74.35
main.exdynsrv.com	91821	2017-01-30T12:01:34Z	2023-03-13T07:30:58Z	440 B	437 B	95.211.229.247
s.st1net.com	473165	2021-07-27T04:22:16Z	2023-03-09T17:50:22Z	419 B	432 B	95.211.229.246
www.mysexymatches.com	unknown	2022-04-23T12:39:16Z	2023-03-10T15:55:53Z	1.2 kB	9.1 kB	52.17.88.125
tsyndicate.com	13042	2017-03-16T10:04:54Z	2023-03-13T06:54:15Z	1.5 kB	1.9 kB	136.243.75.209
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.200.77.111
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	377 B	21 kB	142.250.74.14
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.0 kB	2.2 kB	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-28	medium	www.mysexymatches.com/c/68acbebbd7514cd9	Phishing
2023-01-28	medium	www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js	Phishing
2023-01-28	medium	www.mysexymatches.com/js/pushjs/1.0.0/utils.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js	36 kB	2023-03-07	2024-04-19
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-19 12:29:50 Times Seen11062 Hash 0cb7a0eb328ea70ab360f861314c8820 e3e20eb50dae36f4cbcef1890b1cc7878acb537a 4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9 Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-12	2023-03-18
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:27:08 Last Seen2023-03-18 07:43:22 Times Seen1 Hash cf0731d687328f0426cf2709b697dd92 3fe9944a3efd792f4c59d0f1012cd8206769dca4 39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533 Loading...

	cdn-adef.akamaized.net/landings/262051/1645705681/js/secondofferv2.js?1645705683	1.2 kB	2023-03-07	2024-01-22
Pretty URL cdn-adef.akamaized.net/landings/262051/1645705681/js/secondofferv2.js?1645705683 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-01-22 06:10:19 Times Seen3749 Hash 9bbe216b8e526fd98d219f2b91ccaa57 3f5d1be91ba58b6501c022155fe6778ce82b1663 1c83d2863f746a234e46c5578826ceeb8cbe126bc4c274ca679295441c44b948 Loading...

	www.mysexymatches.com/c/68acbebbd7514cd9	394 B	2023-03-07	2023-10-05
Pretty URL www.mysexymatches.com/c/68acbebbd7514cd9 IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2023-10-05 03:02:52 Times Seen5 Hash 999854c5d7ccf411a7edea8a25ccbb6d b8aa66ccf295abeeda0e55a07f6b66bf71650c62 e037fc7c40d60e4754800b3b8e614958f7f56fe5b051517f46ce660fb3a11bd6 Loading...

	www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js	9.4 kB	2023-03-07	2023-05-23
Pretty URL www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2023-05-23 11:55:13 Times Seen1847 Hash eaaa22632bcced1b4a2bad3c22bd618f c5bb4097ff0b252c19671985d5d431dfd6bb7281 20a2729b7c4f4c6a0dd2e80500284bd8c0e84e3e4076eb6a248e2951fec0c550 Loading...

	www.mysexymatches.com/c/68acbebbd7514cd9	422 B	2023-03-07	2023-10-05
Pretty URL www.mysexymatches.com/c/68acbebbd7514cd9 IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2023-10-05 03:02:52 Times Seen8 Hash 7e3ca0c17b9c5c6106b107a64cb66d30 cc28adf80d2d8ac3733872f79b44c96a19dee436 95c30101f11a6095e52c4440570e0c2b5c3f3490fbd34d199a721f9668bc7364 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	cdn-adef.akamaized.net/landings/262051/1645705681/js/backoffer.js?1645705683	430 B	2023-03-07	2024-04-18
Pretty URL cdn-adef.akamaized.net/landings/262051/1645705681/js/backoffer.js?1645705683 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-18 09:54:54 Times Seen5794 Hash 6d5aa83d23ce0b9f72d3b87d000d8fae 034fb8768eb58ffc0b5849e2c162989741a6cbec 89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800 Loading...

	www.mysexymatches.com/c/68acbebbd7514cd9	129 B	2023-03-07	2023-03-26
Pretty URL www.mysexymatches.com/c/68acbebbd7514cd9 IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2023-03-26 05:17:38 Times Seen3 Hash cfcc9905a77b6ce89dbeca7d5e17e9fc e734341d811e7f4e534b9715a24c703ecaede409 fff18afd1e4e6ab4f4d8f3262ffa0444b2107110aec5c0f2b8c47f6fa14cb5cf Loading...

	www.mysexymatches.com/js/pushjs/1.0.0/utils.js	7.1 kB	2023-03-07	2024-04-19
Pretty URL www.mysexymatches.com/js/pushjs/1.0.0/utils.js IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-19 12:29:50 Times Seen4795 Hash 711c7ecda710a342d24faef1dec76ede d1b38489603a2aecc2be5edb4fa4cd8d442fe727 41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KSQ3BD	108 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KSQ3BD IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:09:18 Last Seen2023-03-13 10:09:18 Times Seen1 Hash 396d05eb2af4a7e5b3f5390372ab3a35 74756fba8df0eac9f6f4bc10a2a26e11852499cd 979ed5f8b659a4e8656356cac17cb23f06ba98a1967d09c124b28a7a140a5d4a Loading...

	www.mysexymatches.com/c/68acbebbd7514cd9	96 B	2023-03-07	2023-10-05
Pretty URL www.mysexymatches.com/c/68acbebbd7514cd9 IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2023-10-05 03:02:52 Times Seen8 Hash f2e61f5355392b10f9bc515a63b0e8a6 a0c7b3a6be8b92134670ec0ace265da80f6bd767 7176064d632bcbfe475449b71a7bdd05500535c0e273d3809259905ea3fb65e9 Loading...

	www.googletagmanager.com/gtag/js?id=UA-81004679-1	113 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-81004679-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:09:19 Last Seen2023-03-13 10:09:19 Times Seen1 Hash b15344f4f6d7311f3a8778b5ff189025 30f8ff67c470b58f8a1f93e97ce486eb0cbdebda a1698bded0997d655b927dab3ab8782aeb4d1947c30297bb5d49af3909137224 Loading...

	connect.facebook.net/signals/config/472208351285888?v=2.9.92&r=stable	386 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/signals/config/472208351285888?v=2.9.92&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:09:19 Last Seen2023-03-13 10:09:19 Times Seen1 Hash 2ebaf7596889c927d9ba612ab74199ed 7493301fbd5c20f414131b4a5dab6cfdc540efe0 132e26a52b7df51c222cc9ce42c081ce53e9af7dff18056cc48a682da4f67ed5 Loading...

	cdn-adef.akamaized.net/landings/262051/1645705681/js/main.js?1645705683	164 kB	2023-03-07	2024-03-15
Pretty URL cdn-adef.akamaized.net/landings/262051/1645705681/js/main.js?1645705683 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-03-15 03:06:38 Times Seen3928 Hash a0f4da40bd81c65d824afc106743d47f 55b2d4c57fdb017314f62ac2fe8a3e287dcadf7f e40e7cc368c897d6a3a5095fae6ccd6d9a3f88af5ef9c590f79b9fd22293ad10 Loading...

	cdn-adef.akamaized.net/landings/262051/1645705681/js/DT_RT_push_NEW.js?1645705683	569 B	2023-03-07	2023-11-10
Pretty URL cdn-adef.akamaized.net/landings/262051/1645705681/js/DT_RT_push_NEW.js?1645705683 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2023-11-10 14:58:55 Times Seen23 Hash ec213e6fbbcaf7a40e8800782a7184e6 7a96f23fcbf66ab4b56140f900031a4ef2f42c61 8826db3c05ab12d32572ffe5f4d4be4275aacf80763130507a6f2ff08f45acda Loading...

	www.mysexymatches.com/c/68acbebbd7514cd9	131 B	2023-03-07	2023-10-05
Pretty URL www.mysexymatches.com/c/68acbebbd7514cd9 IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2023-10-05 03:02:52 Times Seen8 Hash 4a7136eb468e413c4c3e71f3fde1d496 c613402470016751f9db0642c4e5a63b6f51d4b4 68ce44547d0b23734900ba027866db9ba7303436a08e2de185549fa781b62d5d Loading...

	cdn-adef.akamaized.net/landings/262051/1645705681/js/jquery.min.js?1645705683	86 kB	2023-03-07	2024-04-19
Pretty URL cdn-adef.akamaized.net/landings/262051/1645705681/js/jquery.min.js?1645705683 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 21:13:26 Times Seen380287 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-app.js	25 kB	2023-03-07	2024-04-19
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-app.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-19 12:29:50 Times Seen10986 Hash 9164d0e8a317eceb870cca88c9683127 4617c910005f7100b4ff26a458a8b4463e33cdc6 15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931 Loading...

HTTP Transactions (64)

URL IP Response Size

www.mysexymatches.com/c/68acbebbd7514cd9

52.17.88.125

200 OK

1.5 kB

URL HTTP/1.1
www.mysexymatches.com/c/68acbebbd7514cd9
IP
52.17.88.125:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1202)
Size
1.5 kB (1463 bytes)
Hash
78d021fb42fc4baf218e1cde2b6ead7e
5b625eb2d91a061d2f86e8abfc80c7ff52262b7f
6bc74ab1830c133b730738cf23a001250d7174aadb3e9194941e6ae55593948b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /c/68acbebbd7514cd9 HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 19:24:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: unique_id=63d576650007ad9c; Path=/; Expires=Wed, 29 Mar 2023 19:24:21 GMT
unique_id2=63d576650007b432; Path=/; Expires=Fri, 28 Apr 2023 19:24:21 GMT
impression=; Path=/; Expires=Sat, 28 Jan 2023 19:24:21 GMT
63d576650007b432_sl=[262051]; Path=/; Expires=Sat, 11 Feb 2023 19:24:21 GMT
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3120
Expires: Sat, 28 Jan 2023 20:16:21 GMT
Date: Sat, 28 Jan 2023 19:24:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10377
Expires: Sat, 28 Jan 2023 22:17:18 GMT
Date: Sat, 28 Jan 2023 19:24:21 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 18:43:06 GMT
content-type: application/json
age: 2475
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5446
Expires: Sat, 28 Jan 2023 20:55:07 GMT
Date: Sat, 28 Jan 2023 19:24:21 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 1Vjh7yTGHdr453k9VvISLuh/JI4j2YjIQL+BMDSNJoEAOxfY0b5Fwofm9PElCoGGJ4iYTgWEHJs=
x-amz-request-id: RYW9WF2FJ32DW96Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 19:21:05 GMT
age: 196
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 19:24:21 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/262051/1645705681/js/secondofferv2.js?1645705683

23.36.76.194

200 OK

454 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/262051/1645705681/js/secondofferv2.js?1645705683
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
454 B (454 bytes)
Hash
bbef5dda655f5ff740bdd295a2e64dac
d49b131b648d70d31bfe6b7f3582e22bf300bf41
f6bbab9bb5476e9da0ded1c517ec7f13fba307d2ee51141e8c81d28c43b35499

HTTP Headers

GET /landings/262051/1645705681/js/secondofferv2.js?1645705683 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: ZRjIuE9XC27MXgX2jrk35QsnR0qqJhsRe9qDZ2rGrAXkoaXAHJCoQPrt1ZrBU9AXSrxKkBs+wWc=
x-amz-request-id: E76ABQ7R3GD4GFYW
Last-Modified: Thu, 24 Feb 2022 12:28:06 GMT
ETag: "9bbe216b8e526fd98d219f2b91ccaa57"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 28 Jan 2023 19:24:21 GMT
Content-Length: 454
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/262051/1645705681/js/backoffer.js?1645705683

23.36.76.194

200 OK

430 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/262051/1645705681/js/backoffer.js?1645705683
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (430), with no line terminators
Size
430 B (430 bytes)
Hash
6d5aa83d23ce0b9f72d3b87d000d8fae
034fb8768eb58ffc0b5849e2c162989741a6cbec
89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800

HTTP Headers

GET /landings/262051/1645705681/js/backoffer.js?1645705683 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 2XmON3jcpCb8kTUTtyzLel1aPhJWGO4uSpZ3j0QKYXbpy0g+/Ah15o2Me+HUHPQvn+O8HKJqJYY=
x-amz-request-id: E76BBMMHEH1K3F8W
Last-Modified: Thu, 24 Feb 2022 12:28:05 GMT
ETag: "6d5aa83d23ce0b9f72d3b87d000d8fae"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 430
Date: Sat, 28 Jan 2023 19:24:21 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/262051/1645705681/css/stylesheet.css?1645705683

23.36.76.194

200 OK

1.3 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/262051/1645705681/css/stylesheet.css?1645705683
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
1.3 kB (1266 bytes)
Hash
b94d9501a294e7d02cbae8363ac90a4b
6f53aafc969874f7b5cecaa1cf0dd1e8caffe857
3f9f90ea44108f5f97941309a58c3380a16774ecf38c1624a049e7293e603ce6

HTTP Headers

GET /landings/262051/1645705681/css/stylesheet.css?1645705683 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 1cs2CJDcVylZSyUwKhoA5gbd/rVtWedh8yR2m0M1O0P5OzNeSCoM0btmiOe5jjCg6eHf1ClT3vI=
x-amz-request-id: E76EBHJ6G4T69QXM
Last-Modified: Thu, 24 Feb 2022 12:28:05 GMT
ETag: "917c0e4b233af9785af42182617deef2"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 28 Jan 2023 19:24:21 GMT
Content-Length: 1266
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/262051/1645705681/js/DT_RT_push_NEW.js?1645705683

23.36.76.194

200 OK

569 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/262051/1645705681/js/DT_RT_push_NEW.js?1645705683
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with CRLF line terminators
Size
569 B (569 bytes)
Hash
ec213e6fbbcaf7a40e8800782a7184e6
7a96f23fcbf66ab4b56140f900031a4ef2f42c61
8826db3c05ab12d32572ffe5f4d4be4275aacf80763130507a6f2ff08f45acda

HTTP Headers

GET /landings/262051/1645705681/js/DT_RT_push_NEW.js?1645705683 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: EWlYz9TgQgJfm3HSdGcyY9OXbvnJQkyaEJe3LW1sdCn9AyKtoH771otEc7tCVvaXmkmxo/eY4sM=
x-amz-request-id: E76DZ6W6XGFXE318
Last-Modified: Thu, 24 Feb 2022 12:28:06 GMT
ETag: "ec213e6fbbcaf7a40e8800782a7184e6"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 569
Date: Sat, 28 Jan 2023 19:24:21 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/262051/1645705681/js/jquery.min.js?1645705683

23.36.76.194

200 OK

30 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/262051/1645705681/js/jquery.min.js?1645705683
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (32065)
Size
30 kB (29855 bytes)
Hash
2fa28552f1ee4e1382ee43930b53afb8
803670da6a35378bf4eb73acc8e72fe4feb5ca30
ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494

HTTP Headers

GET /landings/262051/1645705681/js/jquery.min.js?1645705683 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: UEhJ5g9h98tjNpHlI9rKexTlc/XzYkDQGRTvgydeiX+FhYe+t6Ce+37Fbs9gcL5Af5fDiwaupsI=
x-amz-request-id: E7603GHRPA65HDTR
Last-Modified: Thu, 24 Feb 2022 12:28:05 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 28 Jan 2023 19:24:21 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/262051/1645705681/js/main.js?1645705683

23.36.76.194

200 OK

40 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/262051/1645705681/js/main.js?1645705683
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (568), with CRLF line terminators
Size
40 kB (40511 bytes)
Hash
cd720caa7b1efe6818fffab644f4772d
148b527c3ad30c5efff3ba1fde9fe5b1c69f35c9
e99f918d74bb3cdaf1f8828f5caa2046be4bed08b2c51eb3b522661f6bf1b69e

HTTP Headers

GET /landings/262051/1645705681/js/main.js?1645705683 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: rBrFK7Qbv6jkPhZCjvK601z0a5uw/6NE+QDk5SYKs8N+c0/CC1pQWFh0ripGspJmZJx4fniZKi8=
x-amz-request-id: E76122TZTB0B87JM
Last-Modified: Thu, 24 Feb 2022 12:28:05 GMT
ETag: "a0f4da40bd81c65d824afc106743d47f"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 28 Jan 2023 19:24:21 GMT
Content-Length: 40511
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/262051/1645705681/images/bg.gif

23.36.76.194

200 OK

3.1 MB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/262051/1645705681/images/bg.gif
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 270 x 480\012- data
Size
3.1 MB (3127274 bytes)
Hash
734d0f4e89295b23bb7535f5ebeac0a7
dcffafa074dfad9a4e0c8e14c52187a488374e55
d0d4990c139b1f88bf8ee037899f5ad09bd91b0a039a1c32f7c58181c6662c49

HTTP Headers

GET /landings/262051/1645705681/images/bg.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/landings/262051/1645705681/css/stylesheet.css?1645705683
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
x-amz-id-2: 3bgn2bFyzRAxYPDjThxIcXCMlG+mWCoe6U9P+2rZys11r1Lof5rjNo6jLONHljCY1ZkcbDx2peo=
x-amz-request-id: 6XC44K0K4GN78KVJ
Last-Modified: Thu, 24 Feb 2022 12:28:04 GMT
ETag: "734d0f4e89295b23bb7535f5ebeac0a7"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 3127274
Date: Sat, 28 Jan 2023 19:24:21 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js

52.17.88.125

200 OK

3.3 kB

URL HTTP/1.1
www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js
IP
52.17.88.125:0
ASN
#16509 AMAZON-02

File type
C source, ASCII text, with very long lines (9389)
Size
3.3 kB (3297 bytes)
Hash
3fc959642390ff4dc8b17be4e706c3fc
107f4500b048c2060c53260ef3c5a0c2286499a8
740aacdd2752459683dc7986658f1ac667048404bc12ce6dd233813d68aa4131

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mysexymatches.com/c/68acbebbd7514cd9
Cookie: unique_id=63d576650007ad9c; unique_id2=63d576650007b432; 63d576650007b432_sl=[262051]

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 19:24:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Feb 2023 19:24:21 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip

tsyndicate.com/api/v1/retargeting/set/50a46b77-9427-4fe0-8039-2d11b2379dfb?tracking=1

136.243.75.209

200 OK

35 B

URL HTTP/2
tsyndicate.com/api/v1/retargeting/set/50a46b77-9427-4fe0-8039-2d11b2379dfb?tracking=1
IP
136.243.75.209:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /api/v1/retargeting/set/50a46b77-9427-4fe0-8039-2d11b2379dfb?tracking=1 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 19:24:21 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 2e4fc116bbde0fb3
set-cookie: ts_rt_50a46b77-9427-4fe0-8039-2d11b2379dfb=AOnICTNmTRo3Z3rECAg=; expires=Sun, 28 Jan 2024 19:24:21 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 18:41:40 GMT
age: 2561
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:24:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.mysexymatches.com/js/pushjs/1.0.0/utils.js

52.17.88.125

200 OK

3.4 kB

URL HTTP/1.1
www.mysexymatches.com/js/pushjs/1.0.0/utils.js
IP
52.17.88.125:0
ASN
#16509 AMAZON-02

File type
C source, ASCII text, with very long lines (7071), with no line terminators
Size
3.4 kB (3387 bytes)
Hash
be3b25b851473bc70a884cb177fd7076
51db0baf5c4fd8a8b09ca7ffde3ffa987635cbd0
1b0a79f9e94716392c53169b6f43442b5228c54c3043be131d72b3bf60ca972a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mysexymatches.com/c/68acbebbd7514cd9
Cookie: unique_id=63d576650007ad9c; unique_id2=63d576650007b432; 63d576650007b432_sl=[262051]

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 19:24:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Feb 2023 19:24:21 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip

www.googletagmanager.com/gtm.js?id=GTM-KSQ3BD

142.250.74.168

200 OK

41 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KSQ3BD
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (7691)
Size
41 kB (40614 bytes)
Hash
9299bd532e97b7370da67488cc8b7845
14facd91396e5bbb2cc33015d12328106d95bf53
30bbc443d1a78f44b4af9e7fe1554a7803eac33b0d787cf8a8912f36fdbf0c9b

HTTP Headers

GET /gtm.js?id=GTM-KSQ3BD HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 19:24:21 GMT
expires: Sat, 28 Jan 2023 19:24:21 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 40614
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/images/favicon.ico

23.36.76.194

200 OK

4.1 kB

URL HTTP/1.1
cdn-adef.akamaized.net/images/favicon.ico
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: mzbDFFn0Yhqdz4XL9s4sX6yByljdNVrKhKiK+UtK4DVRgNzfBI6OtL7EakQiGwqEsC19uC++cQI=
x-amz-request-id: 78F19547EBC3B810
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 4103
Server: AmazonS3
Date: Sat, 28 Jan 2023 19:24:22 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:24:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:24:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11545
Expires: Sat, 28 Jan 2023 22:36:47 GMT
Date: Sat, 28 Jan 2023 19:24:22 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:24:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/firebasejs/5.0.2/firebase-app.js

142.250.74.35

200 OK

8.6 kB

URL HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (25088)
Size
8.6 kB (8604 bytes)
Hash
73069e532b7039778d3a7128c997c61a
c523bbf1ac7f4e612c8ade75434c42fbca885adc
b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5

HTTP Headers

GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 10:15:00 GMT
expires: Thu, 25 Jan 2024 10:15:00 GMT
cache-control: public, max-age=31536000
age: 292162
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js

142.250.74.35

200 OK

10 kB

URL HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (35547)
Size
10 kB (10017 bytes)
Hash
fa9987a23f5a9d865766e952511baa30
f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7

HTTP Headers

GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 03:51:35 GMT
expires: Sun, 28 Jan 2024 03:51:35 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
age: 55967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:24:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tsyndicate.com/api/v1/retargeting/set/50a46b77-9427-4fe0-8039-2d11b2379dfb

136.243.75.209

200 OK

35 B

URL HTTP/2
tsyndicate.com/api/v1/retargeting/set/50a46b77-9427-4fe0-8039-2d11b2379dfb
IP
136.243.75.209:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /api/v1/retargeting/set/50a46b77-9427-4fe0-8039-2d11b2379dfb HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Cookie: ts_rt_50a46b77-9427-4fe0-8039-2d11b2379dfb=AOnICTNmTRo3Z3rECAg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 19:24:22 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: f1ba49bd7b99e8e7
set-cookie: ts_rt_50a46b77-9427-4fe0-8039-2d11b2379dfb=AOnICTNmTRo3Z3rECAg=; expires=Sun, 28 Jan 2024 19:24:22 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

tsyndicate.com/api/v1/retargeting/set/50a46b77-9427-4fe0-8039-2d11b2379dfb?lwp={lwp}

136.243.75.209

200 OK

35 B

URL HTTP/2
tsyndicate.com/api/v1/retargeting/set/50a46b77-9427-4fe0-8039-2d11b2379dfb?lwp={lwp}
IP
136.243.75.209:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /api/v1/retargeting/set/50a46b77-9427-4fe0-8039-2d11b2379dfb?lwp={lwp} HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Cookie: ts_rt_50a46b77-9427-4fe0-8039-2d11b2379dfb=AOnICTNmTRo3Z3rECAg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 19:24:22 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 48fefa1abaf97e9f
set-cookie: ts_rt_50a46b77-9427-4fe0-8039-2d11b2379dfb=ANncgdOjxA0hAuEYJGKCjpwwY9akcXOmR4yA; expires=Sun, 28 Jan 2024 19:24:22 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

main.exdynsrv.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=759229931

95.211.229.247

200 OK

20 B

URL HTTP/1.1
main.exdynsrv.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=759229931
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=759229931 HTTP/1.1
Host: main.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 19:24:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A44122%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-28%22%3B%7D%7D; expires=Sun, 28 Jan 2024 19:24:22 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

main.realsrv.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=1523546959

95.211.229.247

200 OK

20 B

URL HTTP/1.1
main.realsrv.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=1523546959
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=1523546959 HTTP/1.1
Host: main.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 19:24:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A44122%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-28%22%3B%7D%7D; expires=Sun, 28 Jan 2024 19:24:22 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ab744f1fbf03bf793085117f6691a062
f26ee7a876fee3e80c2521374a4c527d55b17e83
fc5b8cb6f5bd7396921cac6bf1bbd6cb41715cdcd19527ae5310e59eafd07928

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC5B8CB6F5BD7396921CAC6BF1BBD6CB41715CDCD19527AE5310E59EAFD07928"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15215
Expires: Sat, 28 Jan 2023 23:37:57 GMT
Date: Sat, 28 Jan 2023 19:24:22 GMT
Connection: keep-alive

s.opoxv.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=1950840071

95.211.229.246

200 OK

20 B

URL HTTP/1.1
s.opoxv.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=1950840071
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=1950840071 HTTP/1.1
Host: s.opoxv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 19:24:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A44122%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-28%22%3B%7D%7D; expires=Sun, 28 Jan 2024 19:24:22 GMT; path=/; domain=.opoxv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.orbsrv.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=150246407

95.211.229.246

200 OK

20 B

URL HTTP/1.1
s.orbsrv.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=150246407
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=150246407 HTTP/1.1
Host: s.orbsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 19:24:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A44122%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-28%22%3B%7D%7D; expires=Sun, 28 Jan 2024 19:24:22 GMT; path=/; domain=.orbsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

syndication.realsrv.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=1973975267

95.211.229.247

200 OK

20 B

URL HTTP/1.1
syndication.realsrv.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=1973975267
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=1973975267 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 19:24:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A44122%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-28%22%3B%7D%7D; expires=Sun, 28 Jan 2024 19:24:22 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.st1net.com/tag.php?goal=67c6a1e7ce56d3d6fa748ab6d9af3fd7

95.211.229.246

200 OK

20 B

URL HTTP/1.1
s.st1net.com/tag.php?goal=67c6a1e7ce56d3d6fa748ab6d9af3fd7
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=67c6a1e7ce56d3d6fa748ab6d9af3fd7 HTTP/1.1
Host: s.st1net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 19:24:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A48%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-28%22%3B%7D%7D; expires=Sun, 28 Jan 2024 19:24:22 GMT; path=/; domain=.st1net.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.exv6.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=25503789

95.211.229.248

200 OK

20 B

URL HTTP/1.1
s.exv6.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=25503789
IP
95.211.229.248:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=25503789 HTTP/1.1
Host: s.exv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 19:24:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A44122%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-28%22%3B%7D%7D; expires=Sun, 28 Jan 2024 19:24:22 GMT; path=/; domain=.exv6.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

my.rtmark.net/img.gif?f=sync&lr=1&partner=cea37379ae0311e893860d93cfd80c48c3fb71e065cad5ecbb976f0972269a05

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=cea37379ae0311e893860d93cfd80c48c3fb71e065cad5ecbb976f0972269a05
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=cea37379ae0311e893860d93cfd80c48c3fb71e065cad5ecbb976f0972269a05 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 19:24:22 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b607979e72734e60adf5c96c10769ef1; expires=Sun, 28 Jan 2024 19:24:22 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

a.mgid.com/1x1.gif?id=185805&type=c&g=x&t=x&tg=&v=1&r=

104.19.136.78

200 OK

43 B

URL HTTP/2
a.mgid.com/1x1.gif?id=185805&type=c&g=x&t=x&tg=&v=1&r=
IP
104.19.136.78:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /1x1.gif?id=185805&type=c&g=x&t=x&tg=&v=1&r= HTTP/1.1
Host: a.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 19:24:22 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=ZS1QxuLTpfOkqzY3APHRRcX7KZM3SP2dNIRhtMfbuvI-1674933862-0-AVl8qskDYKS+A+984VzXKntvNT8MjzavBALOeT0d8deTQFDUTzL9K41XBF1C4E2zoaljP+gHfxqHbnSIWCOboWs=; path=/; expires=Sat, 28-Jan-23 19:54:22 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 790c1b9e9afa1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.200.77.111

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.200.77.111:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zOdpR2YGnSj5B39BZO3jAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RUCD5OFjs1+W2zZbqusvAK64Ujo=

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
52c129c16f008c15934ff78200f27f6c
d5d5ba6ebd2ad69b7555e4ab44e9010e69b5bd18
47de10f61d62c2da14d00fc01ee212f0465962196189ef5be4d43a42ad8f011f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 28 Jan 2023 19:24:22 GMT
Last-Modified: Sat, 28 Jan 2023 17:42:23 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xh682xBvxvqdnNWuyH6dOd1QRh7w1KFWkS-cjr4IVZFm6JD_4uYohw==
Age: 6119

www.google-analytics.com/analytics.js

142.250.74.14

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.14:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 28 Jan 2023 17:45:20 GMT
expires: Sat, 28 Jan 2023 19:45:20 GMT
cache-control: public, max-age=7200
age: 5942
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fab886d35a27f1ea89e95d08408e131c
ca2e7c94fa954aa477f1756d61ac9f94349bdc55
102b20858c47034b67115fcee25eb9c702e5a10119a3ee38bb1a6f1fe7cb5947

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5591
Cache-Control: max-age=85937
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:24:22 GMT
Etag: "63d40d40-1d7"
Expires: Sun, 29 Jan 2023 19:16:39 GMT
Last-Modified: Fri, 27 Jan 2023 17:43:28 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
a8e10b2b40b3ff28d1f7e2debdb5a034
1d4b58dfc666bb4000519ef71478aa0ee9655910
70743e2a8b8b80166ed7abe96d8565d1a2838015f0b032dd1f313693a019d019

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5002
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:24:22 GMT
Last-Modified: Sat, 28 Jan 2023 18:01:00 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 314

main.exoclick.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=53091976

95.211.229.246

200 OK

20 B

URL HTTP/1.1
main.exoclick.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=53091976
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=53091976 HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 19:24:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A44122%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-28%22%3B%7D%7D; expires=Sun, 28 Jan 2024 19:24:22 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

main.exosrv.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=2081940185

95.211.229.247

200 OK

20 B

URL HTTP/1.1
main.exosrv.com/tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=2081940185
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=1c866cbb2df9ad14941c2f7d1ee0b027&gtmcb=2081940185 HTTP/1.1
Host: main.exosrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 19:24:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A44122%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-28%22%3B%7D%7D; expires=Sun, 28 Jan 2024 19:24:22 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27815 bytes)
Hash
541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 672sn+zHn1vErWLp0u9NS1Vx99eWdaYzSj/mMzn6sCgeetT6hODjaQFkWoTpuUGHYBhS72D2SvAWEYFPjzcyOA==
content-length: 27815
x-fb-trip-id: 1904183273
date: Sat, 28 Jan 2023 19:24:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fab886d35a27f1ea89e95d08408e131c
ca2e7c94fa954aa477f1756d61ac9f94349bdc55
102b20858c47034b67115fcee25eb9c702e5a10119a3ee38bb1a6f1fe7cb5947

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5591
Cache-Control: max-age=85937
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:24:22 GMT
Etag: "63d40d40-1d7"
Expires: Sun, 29 Jan 2023 19:16:39 GMT
Last-Modified: Fri, 27 Jan 2023 17:43:28 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

ctrack.trafficjunky.net/ctrack?action=list&type=add&id=1&context=lwpsite&cookiename=lwp1&age=545600&maxcookiecount=10

66.254.114.89

200 OK

35 B

URL HTTP/1.1
ctrack.trafficjunky.net/ctrack?action=list&type=add&id=1&context=lwpsite&cookiename=lwp1&age=545600&maxcookiecount=10
IP
66.254.114.89:0
ASN
#29789 REFLECTED

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /ctrack?action=list&type=add&id=1&context=lwpsite&cookiename=lwp1&age=545600&maxcookiecount=10 HTTP/1.1
Host: ctrack.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
server: openresty
date: Sat, 28 Jan 2023 19:24:22 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=631cd2ee2b4f4cf89a98c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Mon, 27 Feb 2023 19:24:22 GMT; Secure; SameSite=None
tj_UUID_v2=631cd2ee-2b4f-4cf8-9a98-c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Mon, 27 Feb 2023 19:24:22 GMT; Secure; SameSite=None
0db867f3360042407d798478f88c39d7=1; Path=/; Domain=trafficjunky.net; Expires=Sun, 11 Feb 2024 16:44:22 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63D57666-42FE725901BB0EDF-440C38C

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:24:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-81004679-1&cid=1101918633.1674933866&jid=1803060288&gjid=1678760999&_gid=1960353279.1674933866&_u=YEBAAUAAAAAAACAAI~&z=392630763

209.85.233.154

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-81004679-1&cid=1101918633.1674933866&jid=1803060288&gjid=1678760999&_gid=1960353279.1674933866&_u=YEBAAUAAAAAAACAAI~&z=392630763
IP
209.85.233.154:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-81004679-1&cid=1101918633.1674933866&jid=1803060288&gjid=1678760999&_gid=1960353279.1674933866&_u=YEBAAUAAAAAAACAAI~&z=392630763 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.mysexymatches.com
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://www.mysexymatches.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 28 Jan 2023 19:24:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=472208351285888&ev=PageView&dl=http%3A%2F%2Fwww.mysexymatches.com%2Fc%2F68acbebbd7514cd9&rl=&if=false&ts=1674933866647&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674933866646.198398832&it=1674933866500&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=472208351285888&ev=PageView&dl=http%3A%2F%2Fwww.mysexymatches.com%2Fc%2F68acbebbd7514cd9&rl=&if=false&ts=1674933866647&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674933866646.198398832&it=1674933866500&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=472208351285888&ev=PageView&dl=http%3A%2F%2Fwww.mysexymatches.com%2Fc%2F68acbebbd7514cd9&rl=&if=false&ts=1674933866647&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674933866646.198398832&it=1674933866500&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Jan 2023 19:24:22 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:24:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2819
Expires: Sat, 28 Jan 2023 20:11:22 GMT
Date: Sat, 28 Jan 2023 19:24:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2819
Expires: Sat, 28 Jan 2023 20:11:22 GMT
Date: Sat, 28 Jan 2023 19:24:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2819
Expires: Sat, 28 Jan 2023 20:11:22 GMT
Date: Sat, 28 Jan 2023 19:24:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2819
Expires: Sat, 28 Jan 2023 20:11:22 GMT
Date: Sat, 28 Jan 2023 19:24:23 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7585 bytes)
Hash
ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:46:13 GMT
age: 74290
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12397 bytes)
Hash
0ed1a0bd725b2078b4cfe4ed83877901
62493ca03be9870aac2341e033611a6d56bd322a
706e84bc63fd98acaeb72789239af3210ae6e3910e6589d92a25899dc9059dfc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12397
x-amzn-requestid: e8436997-696d-483a-b03a-a84e7ca614ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T5HbzoAMFXsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-1c2ccd0a187d0a3e2f6a59cc;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lmLHc8fKQYUpq9B-GyOQ0FKzhxi0ToTEPA7cu6JnQftgDFDNV8USvw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:37 GMT
etag: "62493ca03be9870aac2341e033611a6d56bd322a"
content-type: image/jpeg
age: 77266
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13375 bytes)
Hash
b4afa01d2ffe17f8378e4c0b5afd4608
f5c7e2137efa07a207427a6b6fe1df541f85ea25
84fc0c05d25d674b5594b54720017332b86d391f66c7136d76cfce3e884e8e12

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13375
x-amzn-requestid: 372fcbe8-85a1-4be2-a006-31fb9289c5e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CxF6BoAMFyGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-4b9860545c612cc416cbe599;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: otEuPlfCL7DeVwGZiGJuMjxjVyGdMwxPWeCz5T_mpXboi-oRujKhBw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:58 GMT
age: 77725
etag: "f5c7e2137efa07a207427a6b6fe1df541f85ea25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4975 bytes)
Hash
c982569d070f24dba1259603091c22e3
0f93acb5bee53670cc4ef486922f7333d96a2f4e
9a5a2d8a181a763ee6f60c27b396a0e3d7b1527e5177b2aff8d511db250753ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4975
x-amzn-requestid: 633350b7-4686-40d5-8c9d-3c097f8e2d34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-EBGuaoAMFbSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b3-4201212c1a0eb2a65d3f494c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: M4VR-I89SGD0-FLzHhZ88PJJJmdWTEi0UrBnAmCBCQAdjRsssqnSzw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:49:06 GMT
age: 77717
etag: "0f93acb5bee53670cc4ef486922f7333d96a2f4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4475 bytes)
Hash
4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 77257
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ads.traffichunt.com/adv_ret/?adv_pixel_id=385&gtmcb=1097472876

54.162.88.88

200 OK

12 kB

URL HTTP/2
ads.traffichunt.com/adv_ret/?adv_pixel_id=385&gtmcb=1097472876
IP
54.162.88.88:0
ASN
#14618 AMAZON-AES

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11568 bytes)
Hash
b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549

HTTP Headers

GET /adv_ret/?adv_pixel_id=385&gtmcb=1097472876 HTTP/1.1
Host: ads.traffichunt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 19:24:22 GMT
server: nginx
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
set-cookie: new_adx_profile_guid=78695e55-2bd8-48e2-bb38-569080c232e8;Max-Age=7776000;Path=/;SameSite=None; Secure
new_3.adx_rt_0=385;Max-Age=7776000;Path=/;SameSite=None; Secure
new_3.adx_daily_rt_0=385;Max-Age=16537;Path=/;SameSite=None; Secure
new_3.adx_rt_0=385;Max-Age=7776000;Path=/;SameSite=None; Secure
adx_profile_guid=78695e55-2bd8-48e2-bb38-569080c232e8; Max-Age=7776000; Expires=Fri, 28 Apr 2023 19:24:22 GMT; Path=/
3.adx_rt_0=385; Max-Age=7776000; Expires=Fri, 28 Apr 2023 19:24:22 GMT; Path=/
3.adx_daily_rt_0=385; Max-Age=16537; Expires=Sat, 28 Jan 2023 23:59:59 GMT; Path=/
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML