Report - gotdate.xyz/tds?tdsId=s6394rie_r&s1=rs&utm_source=jump&utm_campaign={utm

Report Overview

Submitted URL
gotdate.xyz/tds?tdsId=s6394rie_r&s1=rs&utm_source=jump&utm_campaign={utm_campaign}&p1=your-meet.com
IP
3.122.92.146
ASN
#16509 AMAZON-02
Submitted
2022-12-10 15:46:09
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.249
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.213.121.129
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	499 B	46 kB	216.58.207.227
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
retarget2core.com	86164	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	937 B	979 B	18.184.95.183
gotdate.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	7.3 kB	3.69.246.149
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	2.9 kB	54.230.245.39
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	15 kB	104.17.25.14
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	216.58.211.3
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	746 B	142.250.74.74
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	796 B	93.184.220.29
cdn3reference.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	297 kB	54.230.111.111
cdn.gen-ref.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	53 kB	54.230.111.54

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-10	medium	gotdate.xyz/bridge/ao_loader.js	Phishing
2022-12-10	medium	gotdate.xyz/bridge/frodi_data.js	Phishing
2022-12-10	medium	gotdate.xyz/integration.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js	41 kB	2023-03-07	2024-03-15
Pretty URL www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2024-03-15 04:59:29 Times Seen198 Hash 52b93c8b7bb7aef40485730815c2740e 255cf5423f46a8ab94f42afa2df47db7ebac8e5c fe26228f1a864cab3d5ec46c99bed380a8194c2c3ec19ad0f82b2910e901ca54 Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	48 kB	2023-03-07	2024-04-24
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2024-04-24 09:47:21 Times Seen45972 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	gotdate.xyz/bridge/frodi_data.js	6.6 kB	2023-03-07	2023-12-25
Pretty URL gotdate.xyz/bridge/frodi_data.js IP 3.69.246.149 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-12-25 02:16:58 Times Seen154 Hash acba46edbe151b3ac5b3a3ad6adb6852 967fc6c8942a27986534f16a8a5ae2f71b0481bf 544d040fe3985f2f3f2f519c6db58110b24d23c8b13e794a988ec90a05b48658 Loading...

	gotdate.xyz/bridge/ao_loader.js	836 B	2023-03-08	2023-03-17
Pretty URL gotdate.xyz/bridge/ao_loader.js IP 3.69.246.149 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:00:33 Last Seen2023-03-17 23:34:04 Times Seen1 Hash 9c129816fdafb5e9525563ba64018bd7 79dfb5a385a3583a597716ac4b1e1649e9b9994d 43d06cd88d872d0f1ab73eda7cf55805382dfd0d56bb90aad3398c72a5bb4acf Loading...

	gotdate.xyz/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001&uaDataValues={}	141 kB	2023-03-09	2023-03-09
Pretty URL gotdate.xyz/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001&uaDataValues={} IP 3.69.246.149 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:33:05 Last Seen2023-03-09 01:33:05 Times Seen1 Hash 0fa5e4a49a57456991d8c2080637a88d 0dfb14b82f5f814f22d3d67f0504d07a2d1625ca 7ab36fbebcdd710398aa6354529206a508f57599d9c58b1216a737fae4579182 Loading...

	cdn3reference.com/landings/20001/js/9201c561338075754b824dbd541b9980.js	97 kB	2023-03-09	2023-05-23
Pretty URL cdn3reference.com/landings/20001/js/9201c561338075754b824dbd541b9980.js IP 54.230.111.111 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:33:05 Last Seen2023-05-23 23:34:48 Times Seen7 Hash 9201c561338075754b824dbd541b9980 9a702039ee2c4b6f86e869a92897bafcc8c5ed43 3bafa472480fedff8628366a47895602003e1e1cee3b27bc3c0cbcb5bf18f2ac Loading...

	retarget2core.com/fp/fp_ec.js	1.2 kB	2023-03-07	2023-03-29
Pretty URL retarget2core.com/fp/fp_ec.js IP 18.184.95.183 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-03-29 23:19:33 Times Seen17 Hash 6faaf5b255433abc88fbe4a547ac7784 c60ab4a050864bbd815922e5abade6d5af4333a6 7eda108904da9c98eeeeab666426197e6738b78dfd103a653897d14366e2cd20 Loading...

	gotdate.xyz/bridge/intg.js?v=8	317 B	2023-03-08	2023-03-17
Pretty URL gotdate.xyz/bridge/intg.js?v=8 IP 3.69.246.149 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:30:48 Last Seen2023-03-17 23:34:04 Times Seen1 Hash d9bd6d4fe07232e0fcae03c7e68d4e81 4a7e1c2e8cc35c2ff31c71175095f4b1a2b8c17b 0ad2eb2d6a74f3d18026ab24c088ca7c561a742fd870e44045db9d823ac0a3c6 Loading...

	gotdate.xyz/integration.js	1.8 kB	2023-03-09	2023-03-09
Pretty URL gotdate.xyz/integration.js IP 3.69.246.149 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:33:05 Last Seen2023-03-09 01:33:05 Times Seen1 Hash af44eeedf201e0ae5d213602030fb745 60aab38d81b6fe62dcdebb352741c9bac32ba4a7 21d2d3f1bbcb7a5179e2e5295613083347537bdb7c5db79a9fadf880489a558c Loading...

	gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001	446 B	2023-03-09	2023-03-09
Pretty URL gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001 IP 3.69.246.149 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:33:05 Last Seen2023-03-09 01:33:05 Times Seen1 Hash 35fdd7e9edd1d00c118aa8207b73cadd 9a89ca876bbcc205e8e94eaa3953af0ee2faa7ff 981981121a0257e678989c730ce912bdcad9009e087d8be4787e6deb54f7858b Loading...

	gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001	336 B	2023-03-09	2023-03-13
Pretty URL gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001 IP 3.69.246.149 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:33:05 Last Seen2023-03-13 16:01:47 Times Seen1 Hash c9df7b1d1088ef300e3de8c70d5c7b05 deb6c57f281a4dbcba8dd556d1b5d145cbd03e9a 2d2de1b8970e4b307ec7c3f7a1849c3c3c5bd2c4b340ede921a4f803c8acef99 Loading...

	cdn3reference.com/js/dc_img.js?v=8	488 B	2023-03-07	2023-05-14
Pretty URL cdn3reference.com/js/dc_img.js?v=8 IP 54.230.111.111 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-05-14 11:44:44 Times Seen18 Hash 866e1e7da88eb0918114ea04e4379f40 cb9ed6b52f93bead89eb5da6d618c9b58b34a2b5 ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53 Loading...

HTTP Transactions (54)

URL IP Response Size

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6736
Expires: Sat, 10 Dec 2022 17:38:14 GMT
Date: Sat, 10 Dec 2022 15:45:58 GMT
Connection: keep-alive

gotdate.xyz/tds?tdsId=s6394rie_r&s1=rs&utm_source=jump&utm_campaign={utm_campaign}&p1=your-meet.com

3.69.246.149

302 Found

0 B

URL HTTP/1.1
gotdate.xyz/tds?tdsId=s6394rie_r&s1=rs&utm_source=jump&utm_campaign={utm_campaign}&p1=your-meet.com
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?tdsId=s6394rie_r&s1=rs&utm_source=jump&utm_campaign={utm_campaign}&p1=your-meet.com HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Sat, 10 Dec 2022 15:45:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch
Set-Cookie: dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131; Max-Age=31536000; Domain=.gotdate.xyz; Path=/; Expires=Sun, 10 Dec 2023 15:45:58 GMT; Secure; SameSite=None
dm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Thu, 15 Dec 2022 15:45:58 GMT
Location: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2261
Expires: Sat, 10 Dec 2022 16:23:39 GMT
Date: Sat, 10 Dec 2022 15:45:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9833
Expires: Sat, 10 Dec 2022 18:29:51 GMT
Date: Sat, 10 Dec 2022 15:45:58 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 15:08:24 GMT
content-type: application/json
age: 2254
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: QOmndlCd8hJB0K5wZSksAmpAfdwi3LNxW0UDI9oEcY/rdwvBkeeZoUwARqVKLDrFHt6YHG5NtLw=
x-amz-request-id: BAEQQA1PKMMJ015J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 14:48:50 GMT
age: 3429
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
291dbd96d4a7d5659d557ff89379c7f3
990bdc5ca038ca562e3a67ad65d1717186e1be87
5c7147ce6c668b47cad7bf983fc04f3f3ad5e867586e695c7d87232727b54157

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111799
Date: Sat, 10 Dec 2022 15:45:59 GMT
Etag: "6393bb6e-1d7"
Expires: Sun, 11 Dec 2022 22:49:18 GMT
Last-Modified: Fri, 09 Dec 2022 22:49:18 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oFcTLU8r-ozi6ZevMzngbUP-mKjBaZjWtNEfj0LB44uKsn4O3KJ8KA==

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 15:33:14 GMT
age: 765
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
44d4574b46375a2d215ae74bc5eae610
5257ed3edeb56231a9bee921671bb2e0c566000e
923454b28e4fa10085df809768a75c2d9f58f104afa016c06ccca7a26479073b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 813
Cache-Control: max-age=149664
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:45:59 GMT
Etag: "63944c2a-1d7"
Expires: Mon, 12 Dec 2022 09:20:23 GMT
Last-Modified: Sat, 10 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:45:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gotdate.xyz/bridge/intg.js?v=8

3.69.246.149

200 OK

317 B

URL HTTP/2
gotdate.xyz/bridge/intg.js?v=8
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (316)
Size
317 B (317 bytes)
Hash
d9bd6d4fe07232e0fcae03c7e68d4e81
4a7e1c2e8cc35c2ff31c71175095f4b1a2b8c17b
0ad2eb2d6a74f3d18026ab24c088ca7c561a742fd870e44045db9d823ac0a3c6

HTTP Headers

GET /bridge/intg.js?v=8 HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: application/javascript; charset=UTF-8
content-length: 317
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Tue, 06 Dec 2022 23:13:59 GMT
etag: W/"13d-184e9b7aad8"
vary: Accept-Encoding
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.25.14

200 OK

14 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (48316), with no line terminators
Size
14 kB (13972 bytes)
Hash
2e46e3b0807c19e0ee85603dd4ba3f72
cb55679976d9a5d9933f291218b8ff0f95ebdc17
87a3f839cfc8bca3368a7dec7c5ff14e5f613928e899b601292b5a1f1bd5dc05

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2067521
expires: Thu, 30 Nov 2023 15:45:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cx4gbzAddBHpnojjzTYxS2S3iekaEpcRvR7fo2ttpRS7vjt6VwFFGbJ2ZktsZCcB3mZblPApiRdXPw8L4cL2nRb7788goZ%2FdXVAhC3mzhQ1DEr28GKn7Lza39eIZtI02%2BqKGdeES"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77771c5c39feb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
260c3fb796ad9a4f2f09a4074de5a0d2
ee71498ca8254c112b3494043fe4307bebe9d4b9
17fff3556686fce2f7820a5fef53b0bef79d3473e0bae286c2159c08b8ebdef9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126599
Date: Sat, 10 Dec 2022 15:45:59 GMT
Etag: "6393dff6-1d7"
Expires: Mon, 12 Dec 2022 02:55:58 GMT
Last-Modified: Sat, 10 Dec 2022 01:25:10 GMT
Server: ECS (dcb/7F82)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tq9ivyvgcrg6ERKvkb39CShh74KAREp84CiyUxS5x1G_1bmTlz9cVg==
Age: 5448

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:45:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn3reference.com/landings/20001/images/3.gif

54.230.111.111

200 OK

295 kB

URL HTTP/2
cdn3reference.com/landings/20001/images/3.gif
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 620 x 327\012- data
Size
295 kB (295428 bytes)
Hash
4fc012fd91ac40389304b8b5cb05a6c3
6a03861bd1ddfe5d4ae047ff9625c8b62add65ae
8b8a4097806f810bf7a1371fc109e047b377f3dffc8df72b70de9e279aa737ed

HTTP Headers

GET /landings/20001/images/3.gif HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 295428
server: nginx
last-modified: Tue, 20 Sep 2016 12:40:24 GMT
accept-ranges: bytes
date: Sat, 10 Dec 2022 15:45:59 GMT
cache-control: public, max-age=604800
etag: "48204-53cefbb7dfe00"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X1ufmnzjATnAMzChwd70TdMQdUKM7vVOH6jG14mE0tyBdh-6LCyKuw==
X-Firefox-Spdy: h2

gotdate.xyz/bridge/ao_loader.js

3.69.246.149

200 OK

836 B

URL HTTP/2
gotdate.xyz/bridge/ao_loader.js
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (835)
Size
836 B (836 bytes)
Hash
9c129816fdafb5e9525563ba64018bd7
79dfb5a385a3583a597716ac4b1e1649e9b9994d
43d06cd88d872d0f1ab73eda7cf55805382dfd0d56bb90aad3398c72a5bb4acf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bridge/ao_loader.js HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: application/javascript; charset=UTF-8
content-length: 836
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Tue, 06 Dec 2022 23:13:59 GMT
etag: W/"344-184e9b7aad8"
vary: Accept-Encoding
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.213.121.129

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.121.129:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9F5IWbgWsPKbLOOEJ/rRXQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qHgBLCsMjWmau8tSm/xERJIaUjg=

gotdate.xyz/ufis/rtr?referer=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001

3.69.246.149

200 OK

10 B

URL HTTP/2
gotdate.xyz/ufis/rtr?referer=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
10 B (10 bytes)
Hash
c2db64f99c6ebc0162f2ff0a32704299
d483e5dbd40c7600c97357394ebe7c7e747aee9f
0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6

HTTP Headers

GET /ufis/rtr?referer=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001 HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: application/json; charset=utf-8
content-length: 10
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"a-1IPl29QMdgDJc1c5Tr58fnR67p8"
vary: Accept-Encoding
X-Firefox-Spdy: h2

gotdate.xyz/ufis/recaptcha/inject/gotdate.xyz?placement=default&doc_location=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001

3.69.246.149

200 OK

27 B

URL HTTP/2
gotdate.xyz/ufis/recaptcha/inject/gotdate.xyz?placement=default&doc_location=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
c7f55b876f962b6dc8dc3b2145a13315
aef7bcbe00d506bf8ae34b4f469ccc69b701fdb4
341891286e02aad359716b2976363f926c510a574f3ec042f10fb056f629f9af

HTTP Headers

GET /ufis/recaptcha/inject/gotdate.xyz?placement=default&doc_location=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001 HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: application/json; charset=utf-8
content-length: 27
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1b-rve8vgDVBr+K40tPRpzMabcB/bQ"
vary: Accept-Encoding
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:46:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:46:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gotdate.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 420799
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:46:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b1f9aa9f1030aa318b0573312c4d3096
b4db7b18885eeedd2addb84f46e139405f3a7fe5
85b83bfbfdad799d9a9b76086af7b87515f2322c5e7c78aa8b81dc0b7abfd47d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 10 Dec 2022 15:46:00 GMT
Last-Modified: Sat, 10 Dec 2022 14:11:04 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 97p1Cuwy83Hv795jpdCVm56V0gKfXHTOClFUelH0JUKJJI3xWZDI0g==
Age: 5696

gotdate.xyz/ufis/ipp/track?uaDataValues={}&networkGroup=

3.69.246.149

200 OK

20 B

URL HTTP/2
gotdate.xyz/ufis/ipp/track?uaDataValues={}&networkGroup=
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

HTTP Headers

POST /ufis/ipp/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Content-Type: application/json
Origin: https://gotdate.xyz
Content-Length: 410
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:00 GMT
content-type: application/json; charset=utf-8
content-length: 20
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
vary: Accept-Encoding
X-Firefox-Spdy: h2

gotdate.xyz/ufis/ipp/track?uaDataValues={}&networkGroup=

3.69.246.149

200 OK

20 B

URL HTTP/2
gotdate.xyz/ufis/ipp/track?uaDataValues={}&networkGroup=
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

HTTP Headers

POST /ufis/ipp/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Content-Type: application/json
Origin: https://gotdate.xyz
Content-Length: 420
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:00 GMT
content-type: application/json; charset=utf-8
content-length: 20
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
vary: Accept-Encoding
X-Firefox-Spdy: h2

gotdate.xyz/ufis/webpush/track?uaDataValues={}&networkGroup=

3.69.246.149

200 OK

30 B

URL HTTP/2
gotdate.xyz/ufis/webpush/track?uaDataValues={}&networkGroup=
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64

HTTP Headers

POST /ufis/webpush/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1137
Origin: https://gotdate.xyz
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:00 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2

gotdate.xyz/ufis/webpush/track?uaDataValues={}&networkGroup=

3.69.246.149

200 OK

30 B

URL HTTP/2
gotdate.xyz/ufis/webpush/track?uaDataValues={}&networkGroup=
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64

HTTP Headers

POST /ufis/webpush/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1198
Origin: https://gotdate.xyz
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:01 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Sat, 10 Dec 2022 16:54:27 GMT
Date: Sat, 10 Dec 2022 15:46:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Sat, 10 Dec 2022 16:54:27 GMT
Date: Sat, 10 Dec 2022 15:46:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Sat, 10 Dec 2022 16:54:27 GMT
Date: Sat, 10 Dec 2022 15:46:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Sat, 10 Dec 2022 16:54:27 GMT
Date: Sat, 10 Dec 2022 15:46:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Sat, 10 Dec 2022 16:54:27 GMT
Date: Sat, 10 Dec 2022 15:46:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9084 bytes)
Hash
2e8e86712ca485e90f958dc16ec8dbff
78de6033ca9bca46953483801f19591c2ff47bbe
2984d8b533e095654d5e1c5fa826dc93cbd16ac8bdb5d974fd2d283a86f44874

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9084
x-amzn-requestid: 80dfc074-73f4-4b47-95fb-57169d32cf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNbHhYoAMF2Kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-6f54d0bf6d9246cd48d44352;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8aHbgs9DELCrVY_4QHSKpScXzzCW7bdBlNh_YEUGaas-bJTd9nsSVg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:07 GMT
age: 64374
etag: "78de6033ca9bca46953483801f19591c2ff47bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7811 bytes)
Hash
052b61a3bd1c839e1f5ce37834cad817
1fbbf8fb328a1406904d6346004e2c89c6ba2419
96dcb266eaec98f6305071598df3b49ca93234e0e8b1c8c9801a1a99d7f5c817

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7811
x-amzn-requestid: dc97f86e-a29c-4139-887a-e775a0327280
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4EH_oAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-3a38086160ac180b3f8cf5d8;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TM_0Q_GmJDuXth6JpRvm_JAZXwT-xFZEjzuMeIzfzBu1J5jQ_Tng9A==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:15:38 GMT
etag: "1fbbf8fb328a1406904d6346004e2c89c6ba2419"
content-type: image/jpeg
age: 63023
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gotdate.xyz/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=

3.69.246.149

200 OK

30 B

URL HTTP/2
gotdate.xyz/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64

HTTP Headers

POST /ufis/webpush/track?uaDataValues=%7B%7D&networkGroup= HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gotdate.xyz/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
content-type: application/json; charset=UTF-8
Origin: https://gotdate.xyz
Content-Length: 1154
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:01 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12743 bytes)
Hash
0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YTqJN92gTy04q3obEXe4P1gmG2h9b2IQjjSkkUXyqnfFOL67uobN4Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:58:18 GMT
age: 64063
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8841 bytes)
Hash
9051770b3587c195bea670f8820e8cfe
abf58087f0e345202da088238daea85d177b431b
f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bVrZoVci4YfYCRAZqXhH60jeZdSTx3uS0lLKZB9DOfHBiqFvyAAkfw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:17 GMT
age: 64364
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9948 bytes)
Hash
a0cb823bf2991a7047962ee388f00dc0
4a0377cd21b6ab69f7e45392a547c9846e607464
86e8e629ffd2efe7c4c86a7e140412dae81a35376cb7f03ee511c6e1d023c788

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9948
x-amzn-requestid: 0b1400a6-7791-468f-a1d5-b46836e7b164
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMEGNZoAMF7ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4d-124f9a6f03db01a67784657f;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oTKfu5W6CwOWjb8xOm9ZTu_X_w4JXU7uz4BstlwXZ9k8strPr9H4vg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:22 GMT
age: 64359
etag: "4a0377cd21b6ab69f7e45392a547c9846e607464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7557 bytes)
Hash
5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 05:47:56 GMT
age: 35885
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.gen-ref.com/image/en1lok9l.png

54.230.111.54

200 OK

52 kB

URL HTTP/2
cdn.gen-ref.com/image/en1lok9l.png
IP
54.230.111.54:0
ASN
#16509 AMAZON-02

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
52 kB (52144 bytes)
Hash
3e46cea23fb66c015f2ad91789ee87c4
ab6ac43ea5cceaacc17a8f80c9c171757f0211cd
ab4c8d75000f1ad0f9df9810edc7ca283a7d05207e81b33a2dccc9ac793fe1b6

HTTP Headers

GET /image/en1lok9l.png HTTP/1.1
Host: cdn.gen-ref.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 52144
last-modified: Wed, 24 Nov 2021 17:12:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Dec 2022 15:46:02 GMT
etag: "3e46cea23fb66c015f2ad91789ee87c4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: STBhZ0ZHFY6MgOriwwDYyqqFvfe8XnGsMuWtzEQsLHGGuyTWAHNFLw==
X-Firefox-Spdy: h2

cdn3reference.com/landings/20001/css/92482b4504e1654b7654135c7442aa4e.css

54.230.111.111

200 OK

0 B

URL HTTP/2
cdn3reference.com/landings/20001/css/92482b4504e1654b7654135c7442aa4e.css
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /landings/20001/css/92482b4504e1654b7654135c7442aa4e.css HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sat, 10 Dec 2022 15:45:59 GMT
last-modified: Tue, 29 Mar 2022 11:55:03 GMT
content-encoding: gzip
etag: W/"70a-5db5a1962d3c0"
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M87GO-65soT82-z3vI5FAS9JZ2fyv_XSiirIHePnMl31eRRsASte4w==
X-Firefox-Spdy: h2

gotdate.xyz/bridge/frodi_data.js

3.69.246.149

200 OK

0 B

URL HTTP/2
gotdate.xyz/bridge/frodi_data.js
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bridge/frodi_data.js HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Tue, 06 Dec 2022 23:13:59 GMT
etag: W/"19f8-184e9b7aad8"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

retarget2core.com/fp/fp_ec.js

18.184.95.183

200 OK

0 B

URL HTTP/2
retarget2core.com/fp/fp_ec.js
IP
18.184.95.183:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fp/fp_ec.js HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:00 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Tue, 06 Dec 2022 23:13:59 GMT
etag: W/"4bd-184e9b7aad8"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,700

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Dec 2022 15:45:59 GMT
date: Sat, 10 Dec 2022 15:45:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn3reference.com/js/dc_img.js?v=8

54.230.111.111

200 OK

0 B

URL HTTP/2
cdn3reference.com/js/dc_img.js?v=8
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/dc_img.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 10 Dec 2022 15:45:59 GMT
last-modified: Thu, 29 Oct 2020 09:22:15 GMT
content-encoding: gzip
etag: W/"1e8-5b2cbd0d9620d"
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5l35Q3n0n5tlPY8YIrxTiKTbhM8mEqTSZRDCNSR2OAYslrZBfBfR-w==
X-Firefox-Spdy: h2

gotdate.xyz/integration.js

3.69.246.149

200 OK

0 B

URL HTTP/2
gotdate.xyz/integration.js
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /integration.js HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"70e-YKqzjYG2/mLc3rs1J0HJusMrpKc"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

gotdate.xyz/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001&uaDataValues={}

3.69.246.149

200 OK

0 B

URL HTTP/2
gotdate.xyz/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001&uaDataValues={}
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001&uaDataValues={} HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"22710-DfsUuC9fgU8i09Z/BQTQei0WJco"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

gotdate.xyz/ufis/webpush/sw.js?uaDataValues={}&networkGroup=

3.69.246.149

200 OK

0 B

URL HTTP/2
gotdate.xyz/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ufis/webpush/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:01 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"35e5-ggvNzPbrS4iAvrqVuh7HqGhzYqo"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001

3.69.246.149

200 OK

0 B

URL HTTP/2
gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001 HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: text/html; charset=UTF-8
server: nginx
content-encoding: br
X-Firefox-Spdy: h2

cdn3reference.com/landings/20001/js/9201c561338075754b824dbd541b9980.js

54.230.111.111

200 OK

0 B

URL HTTP/2
cdn3reference.com/landings/20001/js/9201c561338075754b824dbd541b9980.js
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /landings/20001/js/9201c561338075754b824dbd541b9980.js HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 10 Dec 2022 15:46:00 GMT
last-modified: Tue, 29 Mar 2022 11:55:03 GMT
content-encoding: gzip
etag: W/"17ba7-5db5a1962d3c0"
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rxmcVogU1dHAodhVnmXIuHbZ0FwjE_KgLz4xemvF-Ncp0riYKNdtJw==
X-Firefox-Spdy: h2

gotdate.xyz/ufis/pwa/sw.js?uaDataValues={}&networkGroup=

3.69.246.149

200 OK

0 B

URL HTTP/2
gotdate.xyz/ufis/pwa/sw.js?uaDataValues={}&networkGroup=
IP
3.69.246.149:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ufis/pwa/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:00 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"8a5-jxVx3HNgm8c2Bvxd6GQ6e3r2rSU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&j_type=open&jump=20001&jump_name=

18.184.95.183

200 OK

0 B

URL HTTP/2
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&j_type=open&jump=20001&jump_name=
IP
18.184.95.183:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&j_type=open&jump=20001&jump_name= HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:00 GMT
content-type: image/gif
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
set-cookie: dci=84f4572a52daead571f299c071cb01c4e1e90e42; Max-Age=31536000; Domain=.retarget2core.com; Path=/; Expires=Sun, 10 Dec 2023 15:46:00 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations