Report - now.thebestflowingtraff.co/?utm_medium=fa896b3e5982d82d5b07f28cfba3637d58768202&utm_campaign=Ad&1=35429&cid=b13fbacfca4d4b65bb8d7e8747d6170122b89

Report Overview

Visited public
2024-06-02 23:00:50
Tags
URL
now.thebestflowingtraff.co/?utm_medium=fa896b3e5982d82d5b07f28cfba3637d58768202&utm_campaign=Ad&1=35429&cid=b13fbacfca4d4b65bb8d7e8747d6170122b89
Finishing URL
sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
IP / ASN
67.212.184.150
#32475 SINGLEHOP-LLC
Title
sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
sweetiemeet.com	unknown	2022-01-28	2022-02-03 19:56:44	2024-02-29 01:02:49	22 kB	54 kB	54.240.174.30
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2024-06-01 20:40:54	676 B	1.9 kB	143.204.53.97
bts.insigit.com	unknown	2011-11-11	2022-10-04 15:14:32	2024-05-30 22:04:08	396 B	9.2 kB	52.28.103.238
cdn3reference.com	unknown	2022-03-17	2022-03-18 04:16:13	2024-02-23 22:45:43	1.9 kB	2.1 MB	54.240.174.80
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-06-02 03:42:15	455 B	7.6 kB	142.250.74.106
retarget2core.com	86164	2021-10-12	2021-10-14 09:26:59	2024-05-30 22:04:06	597 B	888 B	143.204.55.23
cartining-specute.com	unknown	2018-05-21	2021-02-01 00:37:43	2024-03-20 09:37:15	613 B	948 B	18.197.36.77
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-06-01 22:39:02	1.6 kB	50 kB	216.58.207.227
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-06-02 01:48:54	430 B	79 kB	142.250.74.72

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed
2024-06-02	medium	sweetiemeet.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	From	Size	First Seen	Last Seen
	sweetiemeet.com/bridge/intg.js	ScriptElement	339 B	2023-10-24	2025-06-23
Pretty URL sweetiemeet.com/bridge/intg.js IP 54.240.174.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 14:35 Last Seen2025-06-23 05:03 Times Seen834 Hash 0984735e7d9ea7efeccf7f8b98fde33b 3657ab09102c809a5b568d3d19fc36bc09c6a860 36765069dc707a1f004301bbc55ee5359b317ab1f2cb66ebfff536522c82fc78 Loading...

	sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D	ScriptElement	0 B	0001-01-01	2025-06-23
Pretty URL sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D IP 54.240.174.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-23 05:13 Times Seen5078480 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sweetiemeet.com/integration.js?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D	ScriptElement	2.4 kB	2024-08-19	2024-08-19
Pretty URL sweetiemeet.com/integration.js?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D IP 54.240.174.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 20:58 Last Seen2024-08-19 20:58 Times Seen1 Hash c79a1c2d3603e2d54602a5ea4f8ce072 08a30e469900229808ca80b14dfc2be8eea7175f b9c96156d5f6ffb82ecd00bc91ed5fdc27be537b0ebb5085ab5ecbe686d14070 Loading...

	sweetiemeet.com/ufis/main.js?dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsweetiemeet.com%2Fjump%3Fsubid%3D%26dci%3Dfb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3%26tds_id%3Db1727pos_jump_a_1598613018653%26tds_host%3Dsweetiemeet.com%26tds_ac_id%3Ds0792tok%26id%3D24401%26tds_campaign%3Db1727pos%26tds_cid%3D4563726fd02f8807562cbeeb2f4dec3a61856ce0%26utm_source%3Dint%26tds_ao%3D1%26clickid%3Dwq1af95sdf1t87o13fafrac2%26tds_oid%3D24401%26affid%3D497f5345%26s1%3Dps%26subid2%3Dwq1af95sdf1t87o13fafrac2%26_tgUrl%3DaHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%252FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%253D&uaDataValues={}	ScriptElement	199 B	2023-03-08	2025-01-07
Pretty URL sweetiemeet.com/ufis/main.js?dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsweetiemeet.com%2Fjump%3Fsubid%3D%26dci%3Dfb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3%26tds_id%3Db1727pos_jump_a_1598613018653%26tds_host%3Dsweetiemeet.com%26tds_ac_id%3Ds0792tok%26id%3D24401%26tds_campaign%3Db1727pos%26tds_cid%3D4563726fd02f8807562cbeeb2f4dec3a61856ce0%26utm_source%3Dint%26tds_ao%3D1%26clickid%3Dwq1af95sdf1t87o13fafrac2%26tds_oid%3D24401%26affid%3D497f5345%26s1%3Dps%26subid2%3Dwq1af95sdf1t87o13fafrac2%26_tgUrl%3DaHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%252FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%253D&uaDataValues={} IP 54.240.174.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:49 Last Seen2025-01-07 04:16 Times Seen250 Hash cd4ae55f3af545b5863f65b73a6a7b80 a85fca461d97f90eaf52246b95974eeabba27c20 ae4475effcb2e8533194b150ee30b2472c1cb7498b2c83a764718d962deaa84f Loading...

	sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D	ScriptElement	0 B	0001-01-01	2025-06-23
Pretty URL sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D IP 54.240.174.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-23 05:13 Times Seen5078480 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D	ScriptElement	0 B	0001-01-01	2025-06-23
Pretty URL sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D IP 54.240.174.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-23 05:13 Times Seen5078480 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sweetiemeet.com/bts.js	ScriptElement	8.9 kB	2024-04-05	2025-03-07
Pretty URL sweetiemeet.com/bts.js IP 54.240.174.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-05 18:00 Last Seen2025-03-07 11:21 Times Seen622 Hash 975eaea70ff4996a1f47591983e510bc 51e7e6dcef3d9bbe9e1fb9e27d014e59bf9fbc10 72e69358fa344f2bd1be00400a74600766cf4af15f71abf9b968b3fc3dfc9440 Loading...

	sweetiemeet.com/bridge/index.js	ScriptElement	19 kB	2024-04-30	2024-10-11
Pretty URL sweetiemeet.com/bridge/index.js IP 54.240.174.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 06:09 Last Seen2024-10-11 09:18 Times Seen140 Hash 31ac533b3ecf8a8b34d8c65a86ea65b1 2a835d8081e68bf8cb57335e9022ae8279ead394 5cf3585f2f040f381d74c4d23f4ba5b34ec30cf9301ff94774a1ce70c1be26bc Loading...

	cdn3reference.com/landings/24401/js/20dff8cf5ed8c45d47eca00751d44eb9.js	ScriptElement	97 kB	2023-03-07	2024-08-21
Pretty URL cdn3reference.com/landings/24401/js/20dff8cf5ed8c45d47eca00751d44eb9.js IP 54.240.174.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10 Last Seen2024-08-21 09:40 Times Seen186 Hash 20dff8cf5ed8c45d47eca00751d44eb9 209faa3f1a08dcb3c943fe8b6c344571005ef3b4 aaf2bc75c60776c40df9015d7f99cde0e9adb2f81e859276ed30d7c431d6a720 Loading...

	sweetiemeet.com/web-vitals@3.3.0/dist/web-vitals.iife.js	ScriptElement	7.1 kB	2023-03-26	2025-06-23
Pretty URL sweetiemeet.com/web-vitals@3.3.0/dist/web-vitals.iife.js IP 54.240.174.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:17 Last Seen2025-06-23 05:03 Times Seen876 Hash 377e79edeb1105b21d5e3020bb9a77a3 d8f86defae5c281efe72ea582ff03d23b0d86be0 b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer	ScriptElement	220 kB	2024-08-19	2024-08-19
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 20:58 Last Seen2024-08-19 20:58 Times Seen1 Hash 73c4fe67c96b3c30018d27e4ecfd6532 f68043557f82630cbf3cef8b437ecee315f20a28 474fda05101111574aedd2c58279aa3df945aed73ee2120c0cf9a4963f99c407 Loading...

		Size	First Seen	Last Seen
	#1 Eval - ca45c42226c1d974d33ba66f5fbec226	273 B	2023-03-07 01:31	2025-06-23 05:03
Pretty Observations First Seen2023-03-07 01:31 Last Seen2025-06-23 05:03 Times Seen851 Hash ca45c42226c1d974d33ba66f5fbec226 acdf858cb51509213a6b58ea26c99788ffa9ba51 8f61ee4a89b9d76a579f5ed446960dc9aba5dad5f67f5676bc5aab5f8fe726b3 Loading...

HTTP Transactions (33)

URL IP Response Size

GET cartining-specute.com/2c8047c4-066e-4834-a1b5-360c8c138f20?partner_id=951&click_cost=0&subid=M7376044652253675532

18.197.36.77

302 Found

0 B

URL User Request GET HTTP/2
cartining-specute.com/2c8047c4-066e-4834-a1b5-360c8c138f20?partner_id=951&click_cost=0&subid=M7376044652253675532
IP
18.197.36.77:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectcartining-specute.com
FingerprintB6:04:AB:EA:BA:DD:ED:85:BC:EC:38:B8:B7:16:0C:6A:37:F6:F4:34
ValidityFri, 24 May 2024 06:49:22 GMT - Thu, 22 Aug 2024 06:49:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2c8047c4-066e-4834-a1b5-360c8c138f20?partner_id=951&click_cost=0&subid=M7376044652253675532 HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://now.thebestflowingtraff.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sun, 02 Jun 2024 23:00:24 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sweetiemeet.com/tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_source=int&affid=497f5345&subid=&clickid=wq1af95sdf1t87o13fafrac2&subid2=wq1af95sdf1t87o13fafrac2
pragma: no-cache
set-cookie: 2c8047c4-066e-4834-a1b5-360c8c138f20-v4=8OOp47msq-t9nfN8LyAoT5bviOnIqR4apqtfL54o-8g; Max-Age=86400; Expires=Mon, 03-Jun-2024 23:00:24 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=dLs8nv%2Foz7quPhFDdrzgmBrUgw9QwA1BV8goF4cUakvXiLM12Uh9AXnBg2Jt8XmGcNvITkCYw1r8fUcZ5U0kTM4L7zJ48xk6f51UZQXskpaeWbKmAIQBIZsky0keHcRx%2BETWY81e3F9UtuR0WNxZXg%3D%3D; Max-Age=31536000; Expires=Mon, 02-Jun-2025 23:00:24 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

GET sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D

54.240.174.30

200 OK

11 kB

URL User Request GET HTTP/2
sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (526)
Size
11 kB (10570 bytes)
Hash
165ac9e29c08faae98afed3556b34e71
72f68725ccc6f94324d07984697203ee6c5fe77d
0d4ea9aa4d9861b76bf6df92ef932aab3b93ad88d8816b78af48e057f94783ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://now.thebestflowingtraff.co/
DNT: 1
Connection: keep-alive
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sun, 02 Jun 2024 23:00:25 GMT
server: nginx
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZPu15GQEDxtxxMVHJT6XUrj9x87xT1y4oJZE-TyhbCpHp4y7bqWRGQ==
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e6b5dd93c4dce577425140c63e0e594c
7fa2d456298df8b47a7765c2d40e2b919709f2e8
a33b27c8d63b25c4ec0f2833b3705452155ca515d8a79b5c08928f86e711c0fa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 02 Jun 2024 23:00:25 GMT
Last-Modified: Sun, 02 Jun 2024 22:44:52 GMT
Server: ECAcc (amb/6B38)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4yApX2bUr_pltiV6Tt1KrbQLVPAVxdWznUVMC30P8dmRD3Fnp5NIxQ==
Age: 933

GET sweetiemeet.com/bridge/intg.js

54.240.174.30

200 OK

666 B

URL GET HTTP/2
sweetiemeet.com/bridge/intg.js
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (338)
Size
666 B (666 bytes)
Hash
0984735e7d9ea7efeccf7f8b98fde33b
3657ab09102c809a5b568d3d19fc36bc09c6a860
36765069dc707a1f004301bbc55ee5359b317ab1f2cb66ebfff536522c82fc78

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bridge/intg.js HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sun, 02 Jun 2024 23:00:25 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=3600
last-modified: Wed, 29 May 2024 08:40:59 GMT
etag: W/"153-18fc3827978"
vary: Accept-Encoding, Accept-Encoding
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: EKkO4l_WjR4gLxu3foudIHXMvwRvhzydIKGuI1IZql1M3ic6vBKhlg==
X-Firefox-Spdy: h2

GET sweetiemeet.com/bridge/index.js

54.240.174.30

200 OK

7.6 kB

URL GET HTTP/3
sweetiemeet.com/bridge/index.js
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
7.6 kB (7597 bytes)
Hash
d5b4dd279d264c5b49e012ff5e4d51b5
dcebcb83f6cb7580fdfc8fd0d5674d2889191198
fb54413a5b4e9bd8a3019f4e8afe35ae1de3eb9c29970e9484a81fc670d11029

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bridge/index.js HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Sun, 02 Jun 2024 23:00:25 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Wed, 29 May 2024 08:40:59 GMT
etag: W/"4986-18fc3827978"
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-id: ccqTWmNUXAABubzpZj5a-rIr_z_b3KEOy9bVFrnfCI_nq7otPYgXHg==

GET sweetiemeet.com/integration.js?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D

54.240.174.30

200 OK

1.8 kB

URL GET HTTP/3
sweetiemeet.com/integration.js?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
1.8 kB (1750 bytes)
Hash
c5b47891848486e61615dfe733fae428
6347dc15dbff84c59d73bf9dfc26f08fbb3a0f22
7ec2aa1823f7d5a1f1ec0c72e3dd8132911567ef9f85d240241e6818837fdef0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /integration.js?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Sun, 02 Jun 2024 23:00:25 GMT
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"966-CKMORpkAIpgIyoCxTfwr6O6nF18"
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-id: sAiQDlbXQKEieWwGzIB61tp8V34kTJuY8VN2PDCjml8MwzbC0vFr5Q==

POST sweetiemeet.com/tds/interlayer?handler=FrodiData

54.240.174.30

200 OK

847 B

URL POST HTTP/3
sweetiemeet.com/tds/interlayer?handler=FrodiData
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type
gzip compressed data, max compression
Size
847 B (847 bytes)
Hash
db6a633bd0c6aa4e035e25095e44a14c
de2ed0864d139de9bb56e2015d395f1c2334dbb5
46eacb66069b12d3a9e1c23b989cc08ef5581f8e267ea71090ed5f1f0a727bab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /tds/interlayer?handler=FrodiData HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 1775
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Sun, 02 Jun 2024 23:00:25 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-id: tOT1x_xQ7h7PVbNXm_lPfc7HHCR7f6vqF5Fr9RLyDcct04XNWFOT0g==

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint58:31:72:3C:50:20:A6:E5:54:6A:03:86:57:71:48:CB:E7:EF:75:55
ValidityMon, 13 May 2024 07:31:25 GMT - Mon, 05 Aug 2024 07:31:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 31 May 2024 19:20:05 GMT
expires: Sat, 31 May 2025 19:20:05 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 186021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint58:31:72:3C:50:20:A6:E5:54:6A:03:86:57:71:48:CB:E7:EF:75:55
ValidityMon, 13 May 2024 07:31:25 GMT - Mon, 05 Aug 2024 07:31:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Jun 2024 08:27:17 GMT
expires: Sun, 01 Jun 2025 08:27:17 GMT
cache-control: public, max-age=31536000
age: 138789
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint58:31:72:3C:50:20:A6:E5:54:6A:03:86:57:71:48:CB:E7:EF:75:55
ValidityMon, 13 May 2024 07:31:25 GMT - Mon, 05 Aug 2024 07:31:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Jun 2024 08:28:58 GMT
expires: Sun, 01 Jun 2025 08:28:58 GMT
cache-control: public, max-age=31536000
age: 138688
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
db16304fa9cf86d5d500948105a8cf21
6d33f7a4a184c0880ed849a565d2abf8b79cffc8
3998f3de971fa1e012a9a695f8c6043c39fd9053265d45ee42f844e3823a774a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 02 Jun 2024 23:00:26 GMT
Last-Modified: Sun, 02 Jun 2024 22:23:24 GMT
Server: ECAcc (amb/6B61)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LDyyK2GywVEtKSLJLHHhD66rXiMkMw55qwukb0uzhyEiVxlS6QjLYA==
Age: 2222

GET www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer

142.250.74.72

200 OK

78 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint44:90:16:0A:70:BD:B4:DF:9D:30:32:B2:3E:31:F4:BD:D4:E3:F8:91
ValidityMon, 13 May 2024 06:34:48 GMT - Mon, 05 Aug 2024 06:34:47 GMT

File type
JavaScript source, ASCII text, with very long lines (4073)
Size
78 kB (78495 bytes)
Hash
73c4fe67c96b3c30018d27e4ecfd6532
f68043557f82630cbf3cef8b437ecee315f20a28
474fda05101111574aedd2c58279aa3df945aed73ee2120c0cf9a4963f99c407

HTTP Headers

GET /gtm.js?id=GTM-KMSJRW&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Jun 2024 23:00:26 GMT
expires: Sun, 02 Jun 2024 23:00:26 GMT
cache-control: private, max-age=900
last-modified: Sun, 02 Jun 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78495
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET bts.insigit.com/bts.js

52.28.103.238

200 OK

8.9 kB

URL GET HTTP/2
bts.insigit.com/bts.js
IP
52.28.103.238:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectbts.insigit.com
FingerprintCE:F2:1B:70:1B:D1:E2:1A:82:E6:CC:0C:5A:46:F7:29:BA:F5:B6:7B
ValidityMon, 04 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (8877)
Size
8.9 kB (8878 bytes)
Hash
975eaea70ff4996a1f47591983e510bc
51e7e6dcef3d9bbe9e1fb9e27d014e59bf9fbc10
72e69358fa344f2bd1be00400a74600766cf4af15f71abf9b968b3fc3dfc9440

HTTP Headers

GET /bts.js HTTP/1.1
Host: bts.insigit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sweetiemeet.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 02 Jun 2024 23:00:26 GMT
content-type: application/javascript
content-length: 8878
server: nginx
last-modified: Mon, 01 Apr 2024 08:23:54 GMT
etag: "660a6f1a-22ae"
cache-control: public, max-age=3600
accept-ranges: bytes
X-Firefox-Spdy: h2

POST sweetiemeet.com/b/tr

54.240.174.30

202 Accepted

0 B

URL POST HTTP/3
sweetiemeet.com/b/tr
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 849
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=f73bdb78ec3e442baefaf4c523eed138
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Sun, 02 Jun 2024 23:00:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: izCtHeSqbn5ZX2DzWHGkP8wdELdULLyqia-TQraOexZRaxh9PyXWZA==

POST sweetiemeet.com/b/tr

54.240.174.30

202 Accepted

0 B

URL POST HTTP/3
sweetiemeet.com/b/tr
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 950
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=f73bdb78ec3e442baefaf4c523eed138
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Sun, 02 Jun 2024 23:00:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rDSx4CObHZSeNnRkMFMhJ5jocjDuDEn15-culbonFdYi5EtQyPvYSg==

POST sweetiemeet.com/b/tr

54.240.174.30

202 Accepted

0 B

URL POST HTTP/3
sweetiemeet.com/b/tr
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 946
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=f73bdb78ec3e442baefaf4c523eed138
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Sun, 02 Jun 2024 23:00:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VMQyKZ1xTY4Hb7rigybI9VaVsT5l2wO74YkNECFtKK92BfOmXI0rZg==

POST sweetiemeet.com/b/tr

54.240.174.30

202 Accepted

0 B

URL POST HTTP/3
sweetiemeet.com/b/tr
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 846
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=f73bdb78ec3e442baefaf4c523eed138
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Sun, 02 Jun 2024 23:00:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rK1Y7SGwspqwls78QdEsEm5YKKG1BMYaU8-t7umsdXfN4MzSdYzMgQ==

POST sweetiemeet.com/b/tr

54.240.174.30

202 Accepted

0 B

URL POST HTTP/3
sweetiemeet.com/b/tr
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 850
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=f73bdb78ec3e442baefaf4c523eed138
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Sun, 02 Jun 2024 23:00:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5ZqfloTZUe0gsVmrBYAqxvRB8rmRVOUcGcxk_hwmYQI_Y7dZmKf0lA==

POST sweetiemeet.com/b/tr

54.240.174.30

202 Accepted

0 B

URL POST HTTP/3
sweetiemeet.com/b/tr
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 849
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=f73bdb78ec3e442baefaf4c523eed138
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Sun, 02 Jun 2024 23:00:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cj5isrmGQzZeAh511qbHIDC8Ab3dKf1q12v3LcEZ7JGPpL8E4Oh5rQ==

POST sweetiemeet.com/b/tr

54.240.174.30

202 Accepted

0 B

URL POST HTTP/3
sweetiemeet.com/b/tr
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 843
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=f73bdb78ec3e442baefaf4c523eed138
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Sun, 02 Jun 2024 23:00:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Mn0ryJ0qxRy36RAc1Yu0jZuUhn93fCeApx-XUuWFZbuQ0T_mEResaA==

POST sweetiemeet.com/b/tr

54.240.174.30

202 Accepted

0 B

URL POST HTTP/3
sweetiemeet.com/b/tr
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 848
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=f73bdb78ec3e442baefaf4c523eed138
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Sun, 02 Jun 2024 23:00:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WiLn32QJJr_IAx5-3kin4Pc0xZKJZJEa_Oyt1mT2VViWIQphjZai-Q==

POST sweetiemeet.com/b/tr

54.240.174.30

202 Accepted

0 B

URL POST HTTP/3
sweetiemeet.com/b/tr
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 839
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=f73bdb78ec3e442baefaf4c523eed138
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Sun, 02 Jun 2024 23:00:26 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XdeCpZQXyzACr_F0V3LnvLnMUwweN47jSdiuzxWCyXWEPtksm7CZLg==

GET cdn3reference.com/landings/24401/js/20dff8cf5ed8c45d47eca00751d44eb9.js

54.240.174.80

200 OK

1.0 MB

URL GET HTTP/2
cdn3reference.com/landings/24401/js/20dff8cf5ed8c45d47eca00751d44eb9.js
IP
54.240.174.80:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectcdn3reference.com
Fingerprint68:6A:A1:F6:FE:1A:5F:E6:C3:5E:6E:F8:DE:09:60:05:AC:97:56:FC
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
1.0 MB (1033669 bytes)
Hash
fbcf23ea937c16c7162b7a3ae0ec63cc
731e681b9d5dea446b1b7430951bd6280a933ed0
cb3ae199919706132f325be0932ccf4ff0100fd67e37d42787cb3586a3449141

HTTP Headers

GET /landings/24401/js/20dff8cf5ed8c45d47eca00751d44eb9.js HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 02 Jun 2024 23:00:26 GMT
last-modified: Thu, 25 Aug 2022 15:53:12 GMT
etag: W/"17b45-5e712cb6e8a00"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: l_8ADCEUAevgX51fkg40aNZqE78TJOVtYzY6K40k_df2HCYJjG7J6g==
X-Firefox-Spdy: h2

POST sweetiemeet.com/b/tr

54.240.174.30

202 Accepted

0 B

URL POST HTTP/3
sweetiemeet.com/b/tr
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /b/tr HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 947
Origin: https://sweetiemeet.com
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42; __bts_cid=f73bdb78ec3e442baefaf4c523eed138
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 202 Accepted
content-type: application/octet-stream
content-length: 0
alt-svc: h3=":443"; ma=86400
date: Sun, 02 Jun 2024 23:00:27 GMT
server: nginx
cache-control: no-store
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nHflXAnoZvjeI0pS9Mb_1hibvU6S4iJvAZXVNMPaQMPClG31g4mQIQ==

GET cdn3reference.com/landings/24401/css/d7e99b00a0d1712ee633f352316f2200.css

54.240.174.80

200 OK

9.1 kB

URL GET HTTP/2
cdn3reference.com/landings/24401/css/d7e99b00a0d1712ee633f352316f2200.css
IP
54.240.174.80:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectcdn3reference.com
Fingerprint68:6A:A1:F6:FE:1A:5F:E6:C3:5E:6E:F8:DE:09:60:05:AC:97:56:FC
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
9.1 kB (9096 bytes)
Hash
0d8107c6dbdf47c6ec56b84ca2d9e081
138cabc3a5ca0209f1d5056b73661d2bc92f7574
1cbc0ddcaf0aa86c454d6ceedb57225bcc27ec27fd081319321a51a23725c366

HTTP Headers

GET /landings/24401/css/d7e99b00a0d1712ee633f352316f2200.css HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sun, 02 Jun 2024 23:00:26 GMT
last-modified: Thu, 25 Aug 2022 15:53:12 GMT
etag: W/"bde-5e712cb6e8a00"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0UqbIcpcaoeseAPzwl8ppCsJOx8jQJrYaNgyzFOkfSi1HI05GetnWQ==
X-Firefox-Spdy: h2

GET cdn3reference.com/images/jump-favicon.ico

54.240.174.80

8.0 kB

URL GET
cdn3reference.com/images/jump-favicon.ico
IP
54.240.174.80:0
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectcdn3reference.com
Fingerprint68:6A:A1:F6:FE:1A:5F:E6:C3:5E:6E:F8:DE:09:60:05:AC:97:56:FC
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
8.0 kB (8010 bytes)
Hash
5110d9313ef24e044d2cf36111ad1e49
0f2f532bc0b5104f0bc3e1445fec973350f2c829
cfbd7d175865ac3fc707f02a17b4a5a20f66f0387789002c2cb03b2a32771b32

HTTP Headers

GET /images/jump-favicon.ico HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
server: nginx
last-modified: Fri, 05 Dec 2014 08:28:50 GMT
content-encoding: gzip
date: Sun, 02 Jun 2024 23:00:27 GMT
cache-control: public, max-age=604800
etag: W/"47e-50973ddc33480"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wk6E26Nr2Q4CbZ0osIYhiXiASXvrCnvGxzH8GM8QGK4aphJ0hSpAZg==
X-Firefox-Spdy: h2

GET cdn3reference.com/landings/24401/images/2.gif

54.240.174.80

200 OK

1000 kB

URL GET HTTP/2
cdn3reference.com/landings/24401/images/2.gif
IP
54.240.174.80:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectcdn3reference.com
Fingerprint68:6A:A1:F6:FE:1A:5F:E6:C3:5E:6E:F8:DE:09:60:05:AC:97:56:FC
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT

File type
GIF image data, version 89a, 350 x 350
Size
1000 kB (999922 bytes)
Hash
b6b27f38cd115cf71f4a78cd5ef2a95f
94d2bb66eec706db9cb5660c58208a92c3464b93
60a79cc5475537d4126be3448f0bd7faacafdc09482241a7fb195fffbe03b281

HTTP Headers

GET /landings/24401/images/2.gif HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn3reference.com/landings/24401/css/d7e99b00a0d1712ee633f352316f2200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 999922
server: nginx
date: Sun, 02 Jun 2024 23:00:26 GMT
last-modified: Tue, 03 Dec 2019 13:56:45 GMT
etag: "f41f2-598cd1107e140"
accept-ranges: bytes
cache-control: public, max-age=604800
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XsdWlK5NxiNRiZ-cWpXcrtMLbNcqUngazNyx09xjha6YUfLy5I4cKQ==
X-Firefox-Spdy: h2

GET sweetiemeet.com/web-vitals@3.3.0/dist/web-vitals.iife.js

54.240.174.30

200 OK

7.1 kB

URL GET HTTP/3
sweetiemeet.com/web-vitals@3.3.0/dist/web-vitals.iife.js
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7180), with no line terminators
Size
7.1 kB (7051 bytes)
Hash
c9c97c32b2a58ce5eb14cbd684631e0b
c41313cf88c7b4e7b2aa8d5a6cde575d76c4310b
4b84cf440a00fd8f8c4855eb73ad8b1cf90acacd592d2ac15b6dae78a26cb659

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-vitals@3.3.0/dist/web-vitals.iife.js HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
age: 15954422
date: Fri, 01 Dec 2023 18:20:42 GMT
access-control-allow-origin: *
content-encoding: gzip
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1b8b-2Pht765cKB7+cupYL/A9I7DYa+A"
via: 1.1 fly.io, 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
fly-request-id: 01HGJ3K6CGTYF0ZSHVHKXP89KJ-fra
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82ed587d0ba4373e-FRA
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nGcPLpIzRTy-pzWKrNZeYranS7fWeEYBax6c5pSwc-RkANZEPXLs2w==

GET sweetiemeet.com/tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_source=int&affid=497f5345&subid=&clickid=wq1af95sdf1t87o13fafrac2&subid2=wq1af95sdf1t87o13fafrac2

54.240.174.30

302 Found

6.5 kB

URL User Request GET HTTP/2
sweetiemeet.com/tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_source=int&affid=497f5345&subid=&clickid=wq1af95sdf1t87o13fafrac2&subid2=wq1af95sdf1t87o13fafrac2
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type

Size
6.5 kB (6521 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_source=int&affid=497f5345&subid=&clickid=wq1af95sdf1t87o13fafrac2&subid2=wq1af95sdf1t87o13fafrac2 HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://now.thebestflowingtraff.co/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
date: Sun, 02 Jun 2024 23:00:25 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
set-cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; Max-Age=31536000; Domain=.sweetiemeet.com; Path=/; Expires=Mon, 02 Jun 2025 23:00:25 GMT; Secure; SameSite=None
dm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Fri, 07 Jun 2024 23:00:25 GMT
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: lI7y_tFzSVoqa1t1VQlIK6WEuBWqXXtp4uJpaYaIORW60DyHk46QRA==
X-Firefox-Spdy: h2

GET sweetiemeet.com/ufis/main.js?dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsweetiemeet.com%2Fjump%3Fsubid%3D%26dci%3Dfb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3%26tds_id%3Db1727pos_jump_a_1598613018653%26tds_host%3Dsweetiemeet.com%26tds_ac_id%3Ds0792tok%26id%3D24401%26tds_campaign%3Db1727pos%26tds_cid%3D4563726fd02f8807562cbeeb2f4dec3a61856ce0%26utm_source%3Dint%26tds_ao%3D1%26clickid%3Dwq1af95sdf1t87o13fafrac2%26tds_oid%3D24401%26affid%3D497f5345%26s1%3Dps%26subid2%3Dwq1af95sdf1t87o13fafrac2%26_tgUrl%3DaHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%252FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%253D&uaDataValues={}

54.240.174.30

200 OK

199 B

URL GET HTTP/3
sweetiemeet.com/ufis/main.js?dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsweetiemeet.com%2Fjump%3Fsubid%3D%26dci%3Dfb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3%26tds_id%3Db1727pos_jump_a_1598613018653%26tds_host%3Dsweetiemeet.com%26tds_ac_id%3Ds0792tok%26id%3D24401%26tds_campaign%3Db1727pos%26tds_cid%3D4563726fd02f8807562cbeeb2f4dec3a61856ce0%26utm_source%3Dint%26tds_ao%3D1%26clickid%3Dwq1af95sdf1t87o13fafrac2%26tds_oid%3D24401%26affid%3D497f5345%26s1%3Dps%26subid2%3Dwq1af95sdf1t87o13fafrac2%26_tgUrl%3DaHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%252FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%253D&uaDataValues={}
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
199 B (199 bytes)
Hash
34da7c5ca056925017c6b515151b56fb
62c837d70fef5df6cd32a98d394d0a4da484ec81
d1e75a1ab55540bae67aedae90c7b4aca491728d98f4a2da8b8070f0af3c37c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ufis/main.js?dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsweetiemeet.com%2Fjump%3Fsubid%3D%26dci%3Dfb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3%26tds_id%3Db1727pos_jump_a_1598613018653%26tds_host%3Dsweetiemeet.com%26tds_ac_id%3Ds0792tok%26id%3D24401%26tds_campaign%3Db1727pos%26tds_cid%3D4563726fd02f8807562cbeeb2f4dec3a61856ce0%26utm_source%3Dint%26tds_ao%3D1%26clickid%3Dwq1af95sdf1t87o13fafrac2%26tds_oid%3D24401%26affid%3D497f5345%26s1%3Dps%26subid2%3Dwq1af95sdf1t87o13fafrac2%26_tgUrl%3DaHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%252FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%253D&uaDataValues={} HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Sun, 02 Jun 2024 23:00:26 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"c7-qF/KRh2X+Q6vUiRrlZdO6ruifCA"
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-id: MtJ_ksFvblc2uquoR40V3cL8R7bhxjcdUtc6ajE4SIeeRaJNfulejg==

GET fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

142.250.74.106

200 OK

7.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint8E:9C:6E:70:61:4E:A0:D8:4A:BD:CA:F0:BF:75:60:FE:A2:36:FB:7A
ValidityMon, 13 May 2024 07:31:30 GMT - Mon, 05 Aug 2024 07:31:29 GMT

File type
ASCII text, with very long lines (7193), with no line terminators
Size
7.0 kB (7004 bytes)
Hash
79cd7cd1cadc1ca5448ecf2a39abb598
207c2428f747b5b92bb58fbcee9e4a346049cb82
b61c6fd07676b7d995377646f3b437dadf319ec707e935b3d287da3ac2b848c6

HTTP Headers

GET /css?family=Roboto:400,500,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn3reference.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Jun 2024 23:00:26 GMT
date: Sun, 02 Jun 2024 23:00:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET sweetiemeet.com/bts.js

54.240.174.30

301 Moved Permanently

8.9 kB

URL GET HTTP/3
sweetiemeet.com/bts.js
IP
54.240.174.30:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectsweetiemeet.com
Fingerprint80:E6:97:26:7D:B8:83:D8:A4:2D:FE:05:B5:C6:2A:D1:3A:C3:D8:E0
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type

Size
8.9 kB (8878 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bts.js HTTP/1.1
Host: sweetiemeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Cookie: dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 301 Moved Permanently
content-type: text/html
content-length: 134
age: 1240
server: awselb/2.0
date: Sun, 02 Jun 2024 22:39:46 GMT
location: https://bts.insigit.com:443/bts.js
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: LxcgzOjnrzlPeVR1oLSal_w3NoX40cgTIOmlcEfuydzk9S4OWbB6rA==

GET retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?j_type=open&jump=24401&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3

143.204.55.23

200 OK

35 B

URL GET HTTP/2
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?j_type=open&jump=24401&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3
IP
143.204.55.23:443
ASN
#16509 AMAZON-02

Requested by
https://sweetiemeet.com/jump?subid=&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3&tds_id=b1727pos_jump_a_1598613018653&tds_host=sweetiemeet.com&tds_ac_id=s0792tok&id=24401&tds_campaign=b1727pos&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&utm_source=int&tds_ao=1&clickid=wq1af95sdf1t87o13fafrac2&tds_oid=24401&affid=497f5345&s1=ps&subid2=wq1af95sdf1t87o13fafrac2&_tgUrl=aHR0cHM6Ly9zd2VldGllbWVldC5jb20vdGRzL2FlL3RnL3MvYWQwZjI2Yzg4ODgzOGVjZmIwM2ZiMDNhMjcyZTM0MDM%2FX190PTE3MTczNjkyMjUyMDkmX19sPTM2MDAmX19jPTQ1NjM3MjZmZDAyZjg4MDc1NjJjYmVlYjJmNGRlYzNhNjE4NTZjZTA%3D
Certificate
IssuerAmazon
Subjectretarget2core.com
FingerprintAC:15:CC:37:0E:B3:F2:08:95:E0:FC:52:46:A2:9A:06:02:11:B5:F5
ValidityThu, 02 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?j_type=open&jump=24401&tds_cid=4563726fd02f8807562cbeeb2f4dec3a61856ce0&dci=fb30dcebd3e85c9e8f72ff66f35c610fffe7e2e3 HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sweetiemeet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
date: Sun, 02 Jun 2024 23:00:26 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
set-cookie: dci=47295360d510309b1082198362cbd33b171afbde; Max-Age=31536000; Domain=.retarget2core.com; Path=/; Expires=Mon, 02 Jun 2025 23:00:26 GMT; Secure; SameSite=None
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _UUmHhLu7jPX40QbKFQpmmtQkAG7qGdcwAI3buGhW1ZOMmd2U-7GRQ==
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by