Report - ojnbee.abadit5rckd.com/c/63d5912d63f3f0b2

Report Overview

Submitted URL
ojnbee.abadit5rckd.com/c/63d5912d63f3f0b2
IP
52.51.27.131
ASN
#16509 AMAZON-02
Submitted
2023-05-22 08:49:06
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ojnbee.track4ref.com	unknown	2018-09-14	2023-05-21	2023-05-22	1.5 kB	1.2 kB	52.19.101.114
my.rtmark.net	9054	2014-10-29	2015-02-04	2023-05-22	400 B	681 B	139.45.195.8
ojnbee.abadit5rckd.com	unknown	2022-09-09	2023-05-21	2023-05-22	497 B	986 B	52.51.27.131
play-gamess.tk	unknown	unknown	2023-05-11	2023-05-11	547 B	451 B	198.187.31.167
cdn-adef.akamaized.net	125719	2014-03-18	2018-02-06	2023-05-22	3.7 kB	2.6 MB	23.36.76.96
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-22	1.7 kB	3.5 kB	142.250.74.131
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-05-22	428 B	43 kB	142.250.74.168
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-05-22	1.7 kB	4.8 kB	104.18.32.68
ak.roudoduor.com	unknown	2022-10-30	2022-10-31	2023-05-21	1.0 kB	2.1 kB	23.36.77.51
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-22	868 B	37 kB	216.58.211.3
www.mysexymatches.com	unknown	2022-02-14	2022-04-23	2023-05-22	1.8 kB	28 kB	52.17.88.125
syndication.realsrv.com	9112	2019-02-07	2019-07-03	2023-05-22	488 B	436 B	95.211.229.245
syndication.exdynsrv.com	34243	2015-10-20	2016-04-20	2023-05-22	490 B	437 B	95.211.229.247
s.exv6.com	unknown	2021-07-21	2022-03-16	2023-05-22	476 B	433 B	95.211.229.246
tsyndicate.com	13042	2017-03-08	2017-03-16	2023-05-22	954 B	1.3 kB	136.243.81.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-22 08:48:48	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-05-22 08:48:48	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-05-22	medium	www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js
2023-05-22	medium	www.mysexymatches.com/js/pushjs/1.0.0/utils.js

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	cdn-adef.akamaized.net/landings/277422/1669996016/js/main.js?1669996016	164 kB	2023-03-07	2024-04-21
Pretty URL cdn-adef.akamaized.net/landings/277422/1669996016/js/main.js?1669996016 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-04-21 23:30:57 Times Seen3930 Hash a0f4da40bd81c65d824afc106743d47f 55b2d4c57fdb017314f62ac2fe8a3e287dcadf7f e40e7cc368c897d6a3a5095fae6ccd6d9a3f88af5ef9c590f79b9fd22293ad10 Loading...

	cdn-adef.akamaized.net/landings/277422/1669996016/js/secondofferv2.js?1669996016	1.2 kB	2023-03-07	2024-04-21
Pretty URL cdn-adef.akamaized.net/landings/277422/1669996016/js/secondofferv2.js?1669996016 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-04-21 23:30:57 Times Seen3751 Hash 9bbe216b8e526fd98d219f2b91ccaa57 3f5d1be91ba58b6501c022155fe6778ce82b1663 1c83d2863f746a234e46c5578826ceeb8cbe126bc4c274ca679295441c44b948 Loading...

	www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js	9.4 kB	2023-03-07	2023-05-23
Pretty URL www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2023-05-23 11:55:13 Times Seen1847 Hash eaaa22632bcced1b4a2bad3c22bd618f c5bb4097ff0b252c19671985d5d431dfd6bb7281 20a2729b7c4f4c6a0dd2e80500284bd8c0e84e3e4076eb6a248e2951fec0c550 Loading...

	www.mysexymatches.com/c/sandbox%20eval%20code	123 B	2023-05-05	2024-04-23
Pretty URL www.mysexymatches.com/c/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38:25 Last Seen2024-04-23 12:46:47 Times Seen7415 Hash 239166f4d1bda569909c9af241098419 ad3987a93224de5c735c7c380daf5bfaecf60ac8 255566913e81e0587539abba68839777480779575271b734e817e7093f4dceec Loading...

	www.mysexymatches.com/js/pushjs/1.0.0/utils.js	7.1 kB	2023-03-07	2024-04-21
Pretty URL www.mysexymatches.com/js/pushjs/1.0.0/utils.js IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-21 23:30:57 Times Seen4796 Hash 711c7ecda710a342d24faef1dec76ede d1b38489603a2aecc2be5edb4fa4cd8d442fe727 41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ	112 kB	2023-05-22	2023-05-22
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 09:29:44 Last Seen2023-05-22 10:56:34 Times Seen6 Hash c1b4cb4ad37d54346cc7ad35e2c63cdb 0f6accc1216055a9f4537b5afe5841e32fc6b79c ed08637c2613b25b1e0f986b1004b1b4b1dd658281f95821188fbd671bd324a2 Loading...

	www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782	391 B	2023-04-05	2024-01-22
Pretty URL www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782 IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 09:54:56 Last Seen2024-01-22 06:10:19 Times Seen1908 Hash 5309ed40ce506ad3835aaf9cdb58936e 7f28dc0bbdc514c5facdf048c7675d982d99f8f1 a708a632a45c8428d88229a757ef59a135f2706e6dff043f11a45c4e4dbbd9b6 Loading...

	www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782	0 B	2023-03-07	2024-04-24
Pretty URL www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782 IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 01:03:23 Times Seen37028264 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/shims/firebase.js	2.3 kB	2023-05-05	2024-04-23
Pretty URL moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/shims/firebase.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38:25 Last Seen2024-04-23 12:46:48 Times Seen9696 Hash 32d439c9ec8c789e843ae58b6774681c deb2c661dacf46eb3a1eacbba3e430dcf10cc395 f65e83801e16f98e150ae8843afb4c98c0b3ac0fa7fbe5a5ec687b08119732d6 Loading...

	unknown	1.8 kB	2023-03-07	2024-01-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-01-22 06:10:19 Times Seen1898 Hash f635f3356b851f81cd3544c628a404d7 1e5b2e303492351cb8e8de3c5569d69d005acce4 2d39b7df8163f76195f1f28e837d34a8de00f146db22be3ea3b91c925ea044fd Loading...

	cdn-adef.akamaized.net/landings/277422/1669996016/js/jquery.min.js?1669996016	86 kB	2023-03-07	2024-04-24
Pretty URL cdn-adef.akamaized.net/landings/277422/1669996016/js/jquery.min.js?1669996016 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-24 00:00:38 Times Seen383236 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-app.js	25 kB	2023-03-07	2024-04-21
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-app.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-21 23:30:58 Times Seen10994 Hash 9164d0e8a317eceb870cca88c9683127 4617c910005f7100b4ff26a458a8b4463e33cdc6 15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931 Loading...

	cdn-adef.akamaized.net/landings/277422/1669996016/js/backoffer.js?1669996016	430 B	2023-03-07	2024-04-21
Pretty URL cdn-adef.akamaized.net/landings/277422/1669996016/js/backoffer.js?1669996016 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-21 23:30:57 Times Seen5796 Hash 6d5aa83d23ce0b9f72d3b87d000d8fae 034fb8768eb58ffc0b5849e2c162989741a6cbec 89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800 Loading...

	cdn-adef.akamaized.net/landings/277422/1669996016/js/MB_push_NEW.js?1669996016	671 B	2023-03-07	2024-04-21
Pretty URL cdn-adef.akamaized.net/landings/277422/1669996016/js/MB_push_NEW.js?1669996016 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-04-21 23:30:57 Times Seen3708 Hash 533a9cb9c41907529c3d603edb25d5d9 222bee472465971cf71bfa210d04136eb765ccc0 45d257677164ebc2c1fd4ff44b4ee5a1ce9c87682f165836a3e38113d1e09eaf Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js	36 kB	2023-03-07	2024-04-21
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-21 23:30:58 Times Seen11070 Hash 0cb7a0eb328ea70ab360f861314c8820 e3e20eb50dae36f4cbcef1890b1cc7878acb537a 4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9 Loading...

HTTP Transactions (36)

URL IP Response Size

ocsp.sectigo.com/

104.18.32.68

472 B

URL
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
3f96e16662538dd8225ca7367bec3138
720004a38c57105fd2f57673193028911827877e
a3401e996a4df1aa67e048cba5dc6f2357407e9bb6957a30899b55426309072f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 08:48:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 20 May 2023 19:38:42 GMT
Expires: Sat, 27 May 2023 19:38:41 GMT
Etag: "720004a38c57105fd2f57673193028911827877e"
Cache-Control: max-age=470749,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cb3cd5c6bcd0b55-OSL

ojnbee.abadit5rckd.com/c/63d5912d63f3f0b2

52.51.27.131

236 B

URL
ojnbee.abadit5rckd.com/c/63d5912d63f3f0b2
IP
52.51.27.131:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
236 B (236 bytes)
Hash
973f592edacfecaa53c5f43778db1466
96694d0768f75632e61daf1ad19a10610f06b18a
8ad0084114515d5caf2b0740f6fc8cc6b51aace31b59e2e11a92a864664d8fb2

HTTP Headers

GET /c/63d5912d63f3f0b2 HTTP/1.1
Host: ojnbee.abadit5rckd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Mon, 22 May 2023 08:48:48 GMT
content-type: text/html; charset=utf-8
content-length: 236
location: https://ojnbee.track4ref.com/redirect/index?type=meta&to=aHR0cHM6Ly9vam5iZWUudHJhY2s0cmVmLmNvbQ==&data=aHR0cHM6Ly9wbGF5LWdhbWVzcy50ay8xLzEuaHRtbD89JnRpZD1sdmh0bzY0NmIyYzcwMDAwM2QwZTg=&action=action_tmp
set-cookie: unique_id=646b2c70000a0ce5; Path=/; Expires=Fri, 21 Jul 2023 08:48:48 GMT; Secure; SameSite=None
unique_id2=646b2c70000a14ae; Path=/; Expires=Sun, 20 Aug 2023 08:48:48 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Mon, 22 May 2023 08:48:48 GMT; Secure; SameSite=None
tid=lvhto646b2c700003d0e8; Path=/; Expires=Tue, 25 Apr 2028 08:48:48 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

472 B

URL
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
09002cd57d1a2fc10c7fb6625179c537
de05b52c9afbfaead4e70a99a8a0604531de12a9
a7780f105c42396aeb2b21289ae9304400f64cbf850155de3410d0c881ed8f93

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 08:48:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:54:56 GMT
Expires: Thu, 25 May 2023 22:54:55 GMT
Etag: "de05b52c9afbfaead4e70a99a8a0604531de12a9"
Cache-Control: max-age=309436,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cb3cd5dddf20b55-OSL

ojnbee.track4ref.com/redirect/index?type=meta&to=aHR0cHM6Ly9vam5iZWUudHJhY2s0cmVmLmNvbQ==&data=aHR0cHM6Ly9wbGF5LWdhbWVzcy50ay8xLzEuaHRtbD89JnRpZD1sdmh0bzY0NmIyYzcwMDAwM2QwZTg=&action=action_tmp

52.19.101.114

577 B

URL
ojnbee.track4ref.com/redirect/index?type=meta&to=aHR0cHM6Ly9vam5iZWUudHJhY2s0cmVmLmNvbQ==&data=aHR0cHM6Ly9wbGF5LWdhbWVzcy50ay8xLzEuaHRtbD89JnRpZD1sdmh0bzY0NmIyYzcwMDAwM2QwZTg=&action=action_tmp
IP
52.19.101.114:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (577), with no line terminators
Size
577 B (577 bytes)
Hash
8e3477bbe55bc5fec982edfd44629f82
ca521024410f42a9564c6abde1c2fa43d7d4a38c
07ac1a0d41a19abffddafda79dc62012f7ae0681d6c2234b9a48bdab169eb64c

HTTP Headers

GET /redirect/index?type=meta&to=aHR0cHM6Ly9vam5iZWUudHJhY2s0cmVmLmNvbQ==&data=aHR0cHM6Ly9wbGF5LWdhbWVzcy50ay8xLzEuaHRtbD89JnRpZD1sdmh0bzY0NmIyYzcwMDAwM2QwZTg=&action=action_tmp HTTP/1.1
Host: ojnbee.track4ref.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 22 May 2023 08:48:48 GMT
content-type: text/html; charset=utf-8
content-length: 577
X-Firefox-Spdy: h2

ojnbee.track4ref.com/redirect/index?type=meta&to=aHR0cHM6Ly9vam5iZWUudHJhY2s0cmVmLmNvbQ==&data=aHR0cHM6Ly9wbGF5LWdhbWVzcy50ay8xLzEuaHRtbD89JnRpZD1sdmh0bzY0NmIyYzcwMDAwM2QwZTg=&action=action_final

52.19.101.114

345 B

URL
ojnbee.track4ref.com/redirect/index?type=meta&to=aHR0cHM6Ly9vam5iZWUudHJhY2s0cmVmLmNvbQ==&data=aHR0cHM6Ly9wbGF5LWdhbWVzcy50ay8xLzEuaHRtbD89JnRpZD1sdmh0bzY0NmIyYzcwMDAwM2QwZTg=&action=action_final
IP
52.19.101.114:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (345), with no line terminators
Size
345 B (345 bytes)
Hash
49f5e297c98117ba824c7f69a65e7989
3dab0050ca2422c25850fe696784ed81fbc80103
0c74dcfa4109a693e616839141240f493e8c776b86df084df1fceb2282898395

HTTP Headers

GET /redirect/index?type=meta&to=aHR0cHM6Ly9vam5iZWUudHJhY2s0cmVmLmNvbQ==&data=aHR0cHM6Ly9wbGF5LWdhbWVzcy50ay8xLzEuaHRtbD89JnRpZD1sdmh0bzY0NmIyYzcwMDAwM2QwZTg=&action=action_final HTTP/1.1
Host: ojnbee.track4ref.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ojnbee.track4ref.com/redirect/index?type=meta&to=aHR0cHM6Ly9vam5iZWUudHJhY2s0cmVmLmNvbQ==&data=aHR0cHM6Ly9wbGF5LWdhbWVzcy50ay8xLzEuaHRtbD89JnRpZD1sdmh0bzY0NmIyYzcwMDAwM2QwZTg=&action=action_tmp
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 22 May 2023 08:48:48 GMT
content-type: text/html; charset=utf-8
content-length: 345
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

472 B

URL
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
3d3fb6d1f62c27f0f1b6282fa69df3dc
361eb3e8d449c9fd0736502f3201379405211232
5b4265087115ef446c41b10d2a65b8f0f3c2892ee676cc6f52f1f6a3e3d3aa3c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 08:48:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 19 May 2023 18:01:56 GMT
Expires: Fri, 26 May 2023 18:01:55 GMT
Etag: "361eb3e8d449c9fd0736502f3201379405211232"
Cache-Control: max-age=378185,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cb3cd641d420b55-OSL

play-gamess.tk/1/1.html?=&tid=lvhto646b2c700003d0e8

198.187.31.167

170 B

URL
play-gamess.tk/1/1.html?=&tid=lvhto646b2c700003d0e8
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
170 B (170 bytes)
Hash
4b80633e1715f3011e3eda504a773c30
b2540607d5bdbb1528bf4a6724071b44184f2da6
3b3eb1b9f681bcd18210b91d909686d525282afab316a6c1b6425590bcb956c7

HTTP Headers

GET /1/1.html?=&tid=lvhto646b2c700003d0e8 HTTP/1.1
Host: play-gamess.tk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ojnbee.track4ref.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
last-modified: Mon, 22 May 2023 07:41:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 170
date: Mon, 22 May 2023 08:48:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

471 B

URL
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2090492d74bbf197a5edb4b90b299be3
3c4235ce530d4fdeb3f6451ca1fd4adb4c75c305
b3894dcc216e8de411d49a8bf17bc79eb9282f5740277b815309bb8c83ecdd08

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 08:48:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 19 May 2023 02:53:14 GMT
Expires: Fri, 26 May 2023 02:53:13 GMT
Etag: "3c4235ce530d4fdeb3f6451ca1fd4adb4c75c305"
Cache-Control: max-age=324105,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cb3cd6bae1f0b55-OSL

ocsp.sectigo.com/

104.18.32.68

471 B

URL
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2090492d74bbf197a5edb4b90b299be3
3c4235ce530d4fdeb3f6451ca1fd4adb4c75c305
b3894dcc216e8de411d49a8bf17bc79eb9282f5740277b815309bb8c83ecdd08

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 08:48:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 19 May 2023 02:53:14 GMT
Expires: Fri, 26 May 2023 02:53:13 GMT
Etag: "3c4235ce530d4fdeb3f6451ca1fd4adb4c75c305"
Cache-Control: max-age=324105,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cb3cd6d29170b69-OSL

ak.roudoduor.com/afu.php?zoneid=5460782&ymid=168474533010000TNOTV415326358024Vb7&var=328272420__7006778

23.36.77.51

652 B

URL
ak.roudoduor.com/afu.php?zoneid=5460782&ymid=168474533010000TNOTV415326358024Vb7&var=328272420__7006778
IP
23.36.77.51:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
652 B (652 bytes)
Hash
d81c5f9e7151976f92d0c7ae1a2713dc
e19f8959cafe78fbf126c073d8df1a59983549fd
81b6e7d1d8b6161f9a0e6dcc0844acaa65de105ef9ea79ea30786135530650e4

HTTP Headers

GET /afu.php?zoneid=5460782&ymid=168474533010000TNOTV415326358024Vb7&var=328272420__7006778 HTTP/1.1
Host: ak.roudoduor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 6500c097ac53217b50b35054a464da09
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://www.mysexymatches.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
content-length: 652
vary: Accept-Encoding
expires: Mon, 22 May 2023 08:48:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 22 May 2023 08:48:51 GMT
set-cookie: OAID=408c846ca6ae4758b25b343b65397432; expires=Tue, 21 May 2024 08:48:51 GMT; path=/; secure; SameSite=None
oaidts=1684745331; expires=Tue, 21 May 2024 08:48:51 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
X-Firefox-Spdy: h2

ak.roudoduor.com/favicon.ico

23.36.77.51

0 B

URL
ak.roudoduor.com/favicon.ico
IP
23.36.77.51:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ak.roudoduor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=408c846ca6ae4758b25b343b65397432; oaidts=1684745331
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
expires: Mon, 22 May 2023 08:48:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 22 May 2023 08:48:51 GMT
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=merge&userId=408c846ca6ae4758b25b343b65397432

139.45.195.8

43 B

URL
my.rtmark.net/img.gif?f=merge&userId=408c846ca6ae4758b25b343b65397432
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

POST /img.gif?f=merge&userId=408c846ca6ae4758b25b343b65397432 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Mon, 22 May 2023 08:48:51 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=408c846ca6ae4758b25b343b65397432; expires=Tue, 21 May 2024 08:48:51 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/277422/1669996016/js/backoffer.js?1669996016

23.36.76.96

200 OK

430 B

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277422/1669996016/js/backoffer.js?1669996016
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text, with very long lines (430), with no line terminators
Size
430 B (430 bytes)
Hash
6d5aa83d23ce0b9f72d3b87d000d8fae
034fb8768eb58ffc0b5849e2c162989741a6cbec
89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800

HTTP Headers

GET /landings/277422/1669996016/js/backoffer.js?1669996016 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: XCpO6qnWQNwpKW/lymwAqLPds3dnsJiHM5BE/GTRJQaGnTL5HEd3tDnDOWw0vTTrgVAymnYh0nE=
x-amz-request-id: QAWWA85WFKY5SCNN
Last-Modified: Fri, 02 Dec 2022 15:46:59 GMT
ETag: "6d5aa83d23ce0b9f72d3b87d000d8fae"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 430
Date: Mon, 22 May 2023 08:48:52 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277422/1669996016/css/stylesheet.css?1669996016

23.36.76.96

200 OK

1.3 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277422/1669996016/css/stylesheet.css?1669996016
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text
Size
1.3 kB (1266 bytes)
Hash
6d0aebf30d9ef5842762ff607c9c8a02
6a2fb23e344bfecee235066059a85211a9523238
c1a9430ab7e0269dcb307fb391f2371fd027d7cf4c20ec3ed3e62f96e964a1d1

HTTP Headers

GET /landings/277422/1669996016/css/stylesheet.css?1669996016 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: ZaUyqGnMlj5+l3XfldzHvHuZcc31o2mrEH/oUwGnOJynG5CxD7jhAr5sC2CA7yNYb0+VJh0MVpQ=
x-amz-request-id: QAWVGNBV73KBC2H1
Last-Modified: Fri, 02 Dec 2022 15:46:59 GMT
ETag: "6d0aebf30d9ef5842762ff607c9c8a02"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 22 May 2023 08:48:52 GMT
Content-Length: 1266
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277422/1669996016/js/MB_push_NEW.js?1669996016

23.36.76.96

200 OK

671 B

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277422/1669996016/js/MB_push_NEW.js?1669996016
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
671 B (671 bytes)
Hash
533a9cb9c41907529c3d603edb25d5d9
222bee472465971cf71bfa210d04136eb765ccc0
45d257677164ebc2c1fd4ff44b4ee5a1ce9c87682f165836a3e38113d1e09eaf

HTTP Headers

GET /landings/277422/1669996016/js/MB_push_NEW.js?1669996016 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: A2Q9u7TGywEexC1lgxO65AvSXeTFsE7spVjeMB9i7WBfByo+IRvlc5/pFG17owkyGQnJWlV3OTg=
x-amz-request-id: QAWNS4XM3TQVPKHN
Last-Modified: Fri, 02 Dec 2022 15:46:59 GMT
ETag: "533a9cb9c41907529c3d603edb25d5d9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 671
Date: Mon, 22 May 2023 08:48:52 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277422/1669996016/js/secondofferv2.js?1669996016

23.36.76.96

200 OK

454 B

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277422/1669996016/js/secondofferv2.js?1669996016
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text
Size
454 B (454 bytes)
Hash
9bbe216b8e526fd98d219f2b91ccaa57
3f5d1be91ba58b6501c022155fe6778ce82b1663
1c83d2863f746a234e46c5578826ceeb8cbe126bc4c274ca679295441c44b948

HTTP Headers

GET /landings/277422/1669996016/js/secondofferv2.js?1669996016 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 4aLo9cPRap+GS49RPh5oam1cV58+hA0dsDIXn8NhdvOjxuByFIMXKYBHxz3LeqglCzSVwp934Y0=
x-amz-request-id: QAWV9TDK6Q8YGTN4
Last-Modified: Fri, 02 Dec 2022 15:46:59 GMT
ETag: "9bbe216b8e526fd98d219f2b91ccaa57"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 22 May 2023 08:48:52 GMT
Content-Length: 454
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277422/1669996016/js/jquery.min.js?1669996016

23.36.76.96

200 OK

30 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277422/1669996016/js/jquery.min.js?1669996016
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text, with very long lines (32065)
Size
30 kB (29855 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /landings/277422/1669996016/js/jquery.min.js?1669996016 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 0c+kRQ3keXqZU5fUA39iD9SGXb81goAAkJ41aXc67xJtg4eCLkiPko8RsywvY8sk5OVxLDSPvbQ=
x-amz-request-id: QAWKV34Z1XG2YJD2
Last-Modified: Fri, 02 Dec 2022 15:46:59 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 22 May 2023 08:48:52 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277422/1669996016/js/main.js?1669996016

23.36.76.96

200 OK

40 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277422/1669996016/js/main.js?1669996016
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text, with very long lines (568), with CRLF line terminators
Size
40 kB (40511 bytes)
Hash
a0f4da40bd81c65d824afc106743d47f
55b2d4c57fdb017314f62ac2fe8a3e287dcadf7f
e40e7cc368c897d6a3a5095fae6ccd6d9a3f88af5ef9c590f79b9fd22293ad10

HTTP Headers

GET /landings/277422/1669996016/js/main.js?1669996016 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: efGstnz6kbpZSKwtDl7FMXRQlz1sHs+GChMYKiOIOhabPtBvhAYIbgTcl6wtyThRyiblyEcrQ5I=
x-amz-request-id: QAWV2MV154TBDTYD
Last-Modified: Fri, 02 Dec 2022 15:46:59 GMT
ETag: "a0f4da40bd81c65d824afc106743d47f"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 22 May 2023 08:48:52 GMT
Content-Length: 40511
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277422/1669996016/images/bg.gif

23.36.76.96

200 OK

2.5 MB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277422/1669996016/images/bg.gif
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
GIF image data, version 89a, 360 x 640\012- data
Size
2.5 MB (2480912 bytes)
Hash
10f7961bab5ce76b9fb8ae7ba1d0a63f
9eba9de4e0881d3aab67806e0cc87101950364aa
fd0c52b484b4df01a14515b44ce82d20d4eb747647e3805156a102cea06498dd

HTTP Headers

GET /landings/277422/1669996016/images/bg.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/landings/277422/1669996016/css/stylesheet.css?1669996016
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: J1A9bsAFF7HXUWQmtbjZQq51n7fZ8snNeiLAxRwfcH3WhB9/PfIA6wUQYErVgWX2hseHSYqIYuU=
x-amz-request-id: QAWHN5833EDWV0FQ
Last-Modified: Fri, 02 Dec 2022 15:46:58 GMT
ETag: "10f7961bab5ce76b9fb8ae7ba1d0a63f"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 2480912
Date: Mon, 22 May 2023 08:48:52 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8fe4fdacb4bc7ddc187ed527a4044d21
40d4f9abbccfecadc35e9b78d0a9af7bc39e60b2
406cd7d402626ed9e9fbf3fc35aef21d76e7b8c1b122b26c3aaf390e62bccd40

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 08:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ

142.250.74.168

200 OK

43 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with very long lines (4691)
Size
43 kB (42744 bytes)
Hash
c1b4cb4ad37d54346cc7ad35e2c63cdb
0f6accc1216055a9f4537b5afe5841e32fc6b79c
ed08637c2613b25b1e0f986b1004b1b4b1dd658281f95821188fbd671bd324a2

HTTP Headers

GET /gtm.js?id=GTM-MLVPDTJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 22 May 2023 08:48:52 GMT
expires: Mon, 22 May 2023 08:48:52 GMT
cache-control: private, max-age=900
last-modified: Mon, 22 May 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42744
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/images/favicon.ico

23.36.76.96

200 OK

4.1 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/images/favicon.ico
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: mzbDFFn0Yhqdz4XL9s4sX6yByljdNVrKhKiK+UtK4DVRgNzfBI6OtL7EakQiGwqEsC19uC++cQI=
x-amz-request-id: 78F19547EBC3B810
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 4103
Server: AmazonS3
Unused62: 8096267
Date: Mon, 22 May 2023 08:48:52 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e704e964bb5b3041d29c68fb02cb8543
ba61630a2b52c8218e035207224a176c8ea70710
b327e7e251d144f45d6f57d50444343e7dc666dedfeea217c65b1b32943995f6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 08:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d34f0af5cb22586cc436ab96da5df7cc
91c7686c859dd34556de215681e7124a8af7cb70
3e6027d2501218ce83cd136b33af94417d03c38330873e6d80570f00c6c0c8e8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 08:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js

216.58.211.3

200 OK

10 kB

URL GET HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (35547)
Size
10 kB (10017 bytes)
Hash
0cb7a0eb328ea70ab360f861314c8820
e3e20eb50dae36f4cbcef1890b1cc7878acb537a
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9

HTTP Headers

GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 07:32:28 GMT
expires: Sun, 19 May 2024 07:32:28 GMT
cache-control: public, max-age=31536000
age: 177384
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8ab94d7259411fe8a216956474b19511
48c63eaff708604c5f7af9514c3e77109a1f3f73
1dfd960074784d17f2fab64fab44d8aa41c1a794a7000980b428f6ab6392439a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 08:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js

52.17.88.125

200 OK

15 kB

URL GET HTTP/2
www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js
IP
52.17.88.125:443
ASN
#16509 AMAZON-02

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerLet's Encrypt
Subject*.mysexymatches.com
Fingerprint7D:35:18:C7:41:6B:DC:68:1E:F2:FB:E0:71:F3:96:D3:FE:1A:B7:7C
ValiditySat, 20 May 2023 00:31:45 GMT - Fri, 18 Aug 2023 00:31:44 GMT

File type
C source, ASCII text, with very long lines (32159)
Size
15 kB (15288 bytes)
Hash
7354486b547e26d976482ad021b3b150
ebf69f3bbf870949e97cdedee4c42372ef066787
5d445ad3aa6891affddddb37a106fb4d5b2f1cbfc9e47bbcec52dd57148893f3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Cookie: unique_id=646b2c7300080b78; unique_id2=646b2c7300081400; 646b2c7300081400_sl=[277422]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 22 May 2023 08:48:52 GMT
content-type: application/javascript
expires: Mon, 29 May 2023 08:48:52 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

syndication.realsrv.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=701697330

95.211.229.245

200 OK

20 B

URL GET HTTP/1.1
syndication.realsrv.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=701697330
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintDA:82:DD:C1:53:3F:CA:F0:02:97:FF:72:0C:91:7E:D4:08:8E:0A:64
ValidityTue, 09 May 2023 12:55:24 GMT - Mon, 07 Aug 2023 12:55:23 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=701697330 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 08:48:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A71748%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-05-22%22%3B%7D%7D; expires=Tue, 21 May 2024 08:48:52 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

syndication.exdynsrv.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1949248802

95.211.229.247

200 OK

20 B

URL GET HTTP/1.1
syndication.exdynsrv.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1949248802
IP
95.211.229.247:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerLet's Encrypt
Subjectexdynsrv.com
Fingerprint88:9B:CC:F7:80:AC:5C:5A:6E:76:34:08:8B:FE:79:1A:CE:1F:8E:D6
ValidityTue, 09 May 2023 12:38:11 GMT - Mon, 07 Aug 2023 12:38:10 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1949248802 HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 08:48:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A71748%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-05-22%22%3B%7D%7D; expires=Tue, 21 May 2024 08:48:52 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8ab94d7259411fe8a216956474b19511
48c63eaff708604c5f7af9514c3e77109a1f3f73
1dfd960074784d17f2fab64fab44d8aa41c1a794a7000980b428f6ab6392439a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 08:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

s.exv6.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1193836691

95.211.229.246

200 OK

20 B

URL GET HTTP/1.1
s.exv6.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1193836691
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerLet's Encrypt
Subjectexv6.com
Fingerprint95:DF:82:34:08:E0:F8:A7:24:C5:64:DB:75:CB:C7:E5:8D:E1:4D:6E
ValidityTue, 09 May 2023 12:39:36 GMT - Mon, 07 Aug 2023 12:39:35 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1193836691 HTTP/1.1
Host: s.exv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 08:48:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A71748%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-05-22%22%3B%7D%7D; expires=Tue, 21 May 2024 08:48:53 GMT; path=/; domain=.exv6.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

tsyndicate.com/api/v1/retargeting/set/57bd9f77-0f27-4a59-a866-cfcb44429b1d

136.243.81.150

200 OK

35 B

URL GET HTTP/2
tsyndicate.com/api/v1/retargeting/set/57bd9f77-0f27-4a59-a866-cfcb44429b1d
IP
136.243.81.150:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint65:46:F2:D7:A3:CC:E8:43:98:8C:E3:BE:EC:0D:A8:2B:E6:9B:AE:1A
ValidityFri, 12 May 2023 09:06:40 GMT - Thu, 10 Aug 2023 09:06:39 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /api/v1/retargeting/set/57bd9f77-0f27-4a59-a866-cfcb44429b1d HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 22 May 2023 08:48:53 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: b3a6358c3608ed4b
set-cookie: ts_rt_57bd9f77-0f27-4a59-a866-cfcb44429b1d=AAMC; expires=Tue, 21 May 2024 08:48:53 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

tsyndicate.com/api/v2/retargeting/set/57bd9f77-0f27-4a59-a866-cfcb44429b1d

136.243.81.150

200 OK

35 B

URL GET HTTP/2
tsyndicate.com/api/v2/retargeting/set/57bd9f77-0f27-4a59-a866-cfcb44429b1d
IP
136.243.81.150:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint65:46:F2:D7:A3:CC:E8:43:98:8C:E3:BE:EC:0D:A8:2B:E6:9B:AE:1A
ValidityFri, 12 May 2023 09:06:40 GMT - Thu, 10 Aug 2023 09:06:39 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /api/v2/retargeting/set/57bd9f77-0f27-4a59-a866-cfcb44429b1d HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 22 May 2023 08:48:53 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
x-request-id: a30c3cec4f2b2573
set-cookie: ts_rt_57bd9f77-0f27-4a59-a866-cfcb44429b1d=AAMC; expires=Tue, 21 May 2024 08:48:53 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

www.gstatic.com/firebasejs/5.0.2/firebase-app.js

216.58.211.3

200 OK

25 kB

URL GET HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (25088)
Size
25 kB (25130 bytes)
Hash
9164d0e8a317eceb870cca88c9683127
4617c910005f7100b4ff26a458a8b4463e33cdc6
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931

HTTP Headers

GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:46 GMT
expires: Thu, 16 May 2024 00:16:46 GMT
cache-control: public, max-age=31536000
age: 462726
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.mysexymatches.com/js/pushjs/1.0.0/utils.js

52.17.88.125

200 OK

7.1 kB

URL GET HTTP/2
www.mysexymatches.com/js/pushjs/1.0.0/utils.js
IP
52.17.88.125:443
ASN
#16509 AMAZON-02

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Certificate
IssuerLet's Encrypt
Subject*.mysexymatches.com
Fingerprint7D:35:18:C7:41:6B:DC:68:1E:F2:FB:E0:71:F3:96:D3:FE:1A:B7:7C
ValiditySat, 20 May 2023 00:31:45 GMT - Fri, 18 Aug 2023 00:31:44 GMT

File type
C source, ASCII text, with very long lines (7334), with no line terminators
Size
7.1 kB (7071 bytes)
Hash
7df62062a027cd25d5a179c520f38668
0ddaa8cd9090908d987e0299cef74fbf7f118738
cdf93aff990bae251f609ef00d7d2bdbb56a35f003c7184ba067b5948629faa3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
Cookie: unique_id=646b2c7300080b78; unique_id2=646b2c7300081400; 646b2c7300081400_sl=[277422]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 22 May 2023 08:48:52 GMT
content-type: application/javascript
expires: Mon, 29 May 2023 08:48:52 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782

52.17.88.125

200 OK

4.4 kB

URL User Request GET HTTP/2
www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782
IP
52.17.88.125:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.mysexymatches.com
Fingerprint7D:35:18:C7:41:6B:DC:68:1E:F2:FB:E0:71:F3:96:D3:FE:1A:B7:7C
ValiditySat, 20 May 2023 00:31:45 GMT - Fri, 18 Aug 2023 00:31:44 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4478), with no line terminators
Size
4.4 kB (4372 bytes)
Hash
f4a8341390935f5d34d7d5973cf89114
444d39fcb2d003e1ffc07892fc8dd92933364c53
e4dca9a6f7392d3801f8f44895ddacb5e1108ec719e970c7991804a9e7ff45ba

HTTP Headers

GET /c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5460782 HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 22 May 2023 08:48:51 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=646b2c7300080b78; Path=/; Expires=Fri, 21 Jul 2023 08:48:51 GMT; Secure; SameSite=None
unique_id2=646b2c7300081400; Path=/; Expires=Sun, 20 Aug 2023 08:48:51 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Mon, 22 May 2023 08:48:51 GMT; Secure; SameSite=None
646b2c7300081400_sl=[277422]; Path=/; Expires=Mon, 05 Jun 2023 08:48:51 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML