| www.sexotravieso.com/72961696431095370/latam-tiktok-1696431260950.png | 54.230.111.124 | 200 OK | 28 kB |
URL GET HTTP/2www.sexotravieso.com/72961696431095370/latam-tiktok-1696431260950.png IP54.230.111.124:443
Requested byhttps://www.sexotravieso.com/72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1 CertificateIssuerAmazon Subjectsexotravieso.com FingerprintBE:88:45:E8:2E:71:99:02:4B:14:AC:CA:6D:34:68:1B:C8:B7:87:84 ValidityMon, 25 Mar 2024 00:00:00 GMT - Wed, 23 Apr 2025 23:59:59 GMT
File typePNG image data, 600 x 300, 8-bit/color RGBA, non-interlaced Hash4c3a8d0192a4e833242f853fee6255a9 916d0da88962e5384b1564eda85dea1d82e617bb d8fe87dd0d7e1dd1a23fec7109370533ee1e353041be1dce7c66b3f86457a589
GET /72961696431095370/latam-tiktok-1696431260950.png HTTP/1.1
Host: www.sexotravieso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sexotravieso.com/72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 27810
date: Thu, 02 May 2024 10:51:57 GMT
last-modified: Wed, 04 Oct 2023 14:54:22 GMT
etag: "4c3a8d0192a4e833242f853fee6255a9"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iX81D0rSQh4Nr6q9JYdnODuiFczNfCoHdKLwWScSO3OafEGArwPxGw==
age: 188739
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-PKBDJ82 | 142.250.74.168 | 200 OK | 66 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-PKBDJ82 IP142.250.74.168:443
Requested byhttps://www.sexotravieso.com/72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1822) Hash11d75af8ca8aa16108cb6d5f0bfd096e 5b5a1c72c4117c4382e7557856625b40751a44db 22e988cb542a439b9db490914c1ca377ff199969e9cd5bb3a88395eee5b23f04
GET /gtm.js?id=GTM-PKBDJ82 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sexotravieso.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 15:17:35 GMT
expires: Sat, 04 May 2024 15:17:35 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65466
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.sexotravieso.com/72961696431095370/script.min.js | 54.230.111.124 | 200 OK | 410 B |
URL GET HTTP/2www.sexotravieso.com/72961696431095370/script.min.js IP54.230.111.124:443
Requested byhttps://www.sexotravieso.com/72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1 CertificateIssuerAmazon Subjectsexotravieso.com FingerprintBE:88:45:E8:2E:71:99:02:4B:14:AC:CA:6D:34:68:1B:C8:B7:87:84 ValidityMon, 25 Mar 2024 00:00:00 GMT - Wed, 23 Apr 2025 23:59:59 GMT
Hash0705d6fde7e3d06c816ca45a15afc334 5d2eff49d5210663a0a40eb8f10db30c5d57fcfe 04a030f7d5e8db47c53d566c5627f03deb9eea40d4121d731915797a90388f92
GET /72961696431095370/script.min.js HTTP/1.1
Host: www.sexotravieso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sexotravieso.com/72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 410
date: Sat, 04 May 2024 15:17:36 GMT
last-modified: Wed, 04 Oct 2023 14:54:22 GMT
etag: "0705d6fde7e3d06c816ca45a15afc334"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bwYdX-gOwyH9BJ8c_17RJzLDGKxLmmJTtnXyZhJOTa6uVNzQVHLmyQ==
X-Firefox-Spdy: h2
|
|
| notix.io/settings?appId=10050792262e1666ceea8f558386258&ver=0.16.4 | 139.45.197.227 | 200 OK | 318 B |
URL GET HTTP/2notix.io/settings?appId=10050792262e1666ceea8f558386258&ver=0.16.4 IP139.45.197.227:443
Requested byhttps://www.sexotravieso.com/72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1 CertificateIssuerLet's Encrypt Subjectnotix.io Fingerprint70:E0:2B:45:EC:B5:E5:FB:98:9E:D6:AF:6E:33:7C:FA:97:6C:5A:07 ValiditySat, 27 Apr 2024 20:59:56 GMT - Fri, 26 Jul 2024 20:59:55 GMT
Hash82b0c0f76512e60ea030da09ee18febf 2c4b11e5713c2f7e6a3da2ef87a1c0c78c3da195 a8ca49249ca90a131bba14405671cb243da2849145a3d8074b0b5c232c2b57d1
GET /settings?appId=10050792262e1666ceea8f558386258&ver=0.16.4 HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.sexotravieso.com/
Origin: https://www.sexotravieso.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 15:17:35 GMT
content-type: application/json; charset=utf-8
content-length: 318
access-control-allow-origin: https://www.sexotravieso.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| tsyndicate.com/api/v1/retargeting/set/31274e87-1118-4d7c-bc72-9007731936c3 | 213.174.157.105 | 200 OK | 43 B |
URL GET HTTP/2tsyndicate.com/api/v1/retargeting/set/31274e87-1118-4d7c-bc72-9007731936c3 IP213.174.157.105:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.sexotravieso.com/72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1 CertificateIssuerLet's Encrypt Subjecttsyndicate.com FingerprintF5:9F:1F:89:8F:08:CD:46:43:4B:55:0A:42:66:52:21:16:57:43:31 ValidityFri, 12 Apr 2024 09:06:37 GMT - Thu, 11 Jul 2024 09:06:36 GMT
File typeGIF image data, version 89a, 1 x 1 Hashba036c43037cfe89320d1ef7b64cd43f 88c72d3e26047eb1e45e5564a76427734f120efe 42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb
GET /api/v1/retargeting/set/31274e87-1118-4d7c-bc72-9007731936c3 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sexotravieso.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 15:17:35 GMT
content-type: image/gif
content-length: 43
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: c504e01a1a79efa8
set-cookie: ts_rt_31274e87-1118-4d7c-bc72-9007731936c3=AAMC; expires=Sun, 04 May 2025 15:17:35 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
|
|
| www.sexotravieso.com/72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1 | 54.230.111.124 | 200 OK | 1.1 MB |
URL User Request GET HTTP/2www.sexotravieso.com/72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1 IP54.230.111.124:443
CertificateIssuerAmazon Subjectsexotravieso.com FingerprintBE:88:45:E8:2E:71:99:02:4B:14:AC:CA:6D:34:68:1B:C8:B7:87:84 ValidityMon, 25 Mar 2024 00:00:00 GMT - Wed, 23 Apr 2025 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text Size1.1 MB (1114907 bytes) Hash6c8f87900c9056b0eaf47e7a9626db77 a2da9630c9bc98f89662d4942851ef663ab5268e a6bfee4fa8866fb6b51fc879f733725c0dc2cf920e6a15c7184c16f6970a59c3
GET /72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1 HTTP/1.1
Host: www.sexotravieso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
date: Sat, 04 May 2024 15:17:35 GMT
last-modified: Wed, 04 Oct 2023 14:54:22 GMT
etag: W/"6c8f87900c9056b0eaf47e7a9626db77"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7oP3eX9ifiKKT2nvumLbX7M1BNZbqaCSgRK6TcUlvy0aEX1Zro0dsA==
X-Firefox-Spdy: h2
|
|
| www.sexotravieso.com/favicon.ico | 54.230.111.124 | 404 Not Found | 346 B |
URL GET HTTP/2www.sexotravieso.com/favicon.ico IP54.230.111.124:443
Requested byhttps://www.sexotravieso.com/72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1 CertificateIssuerAmazon Subjectsexotravieso.com FingerprintBE:88:45:E8:2E:71:99:02:4B:14:AC:CA:6D:34:68:1B:C8:B7:87:84 ValidityMon, 25 Mar 2024 00:00:00 GMT - Wed, 23 Apr 2025 23:59:59 GMT
File typeHTML document, ASCII text Hashbb133ca35549ced12c4b74d2e86912ca 3ad4467c08fdaf249834922f4d851690496d775f 6e37b5991298160e6edd7ccb33beaa3de2302f2ee2980c214d1da8a578557e14
GET /favicon.ico HTTP/1.1
Host: www.sexotravieso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sexotravieso.com/72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
content-length: 346
date: Sat, 04 May 2024 15:17:35 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XUDz1yK0EDEFTbSVZLEgeAnfeYxEP04tQNmoFDICfJ-DpyDw3SW4Yw==
X-Firefox-Spdy: h2
|
|
| www.sexotravieso.com/72961696431095370/mx_600x600_gif_0709_37-1696431260946.gif | 54.230.111.124 | 200 OK | 1.1 MB |
URL GET HTTP/2www.sexotravieso.com/72961696431095370/mx_600x600_gif_0709_37-1696431260946.gif IP54.230.111.124:443
Requested byhttps://www.sexotravieso.com/72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1 CertificateIssuerAmazon Subjectsexotravieso.com FingerprintBE:88:45:E8:2E:71:99:02:4B:14:AC:CA:6D:34:68:1B:C8:B7:87:84 ValidityMon, 25 Mar 2024 00:00:00 GMT - Wed, 23 Apr 2025 23:59:59 GMT
File typeGIF image data, version 89a, 600 x 600 Size1.1 MB (1113115 bytes) Hashe28c03d6a726d435ef8825f9f9e97731 145912c5f749b146c41ab4bc275b3cc55054e07e c1ae600936727a04dc08f0fc8edbd3a200d407fd68e24ba4dffa5c54003bbfb4
GET /72961696431095370/mx_600x600_gif_0709_37-1696431260946.gif HTTP/1.1
Host: www.sexotravieso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sexotravieso.com/72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
content-length: 1113115
date: Sat, 04 May 2024 15:17:36 GMT
last-modified: Wed, 04 Oct 2023 14:54:22 GMT
etag: "8ba0ee6b2fb83ca9fa26e1200c81c399"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qXEqod2c2dGJBbRFd9d2JBQ2LNQtSWa7zek_DOS_ZuATbmS9WmgfbA==
X-Firefox-Spdy: h2
|
|
| notix.io/ent/current/enot.min.js | 139.45.197.227 | 200 OK | 145 kB |
URL GET HTTP/2notix.io/ent/current/enot.min.js IP139.45.197.227:443
Requested byhttps://www.sexotravieso.com/72961696431095370/?subid=57&uclick=uoktu3gh&uclickhash=uoktu3gh-uoktu3gh-g5-1m-2ta7-6ju3-6jqd-37b4b1 CertificateIssuerLet's Encrypt Subjectnotix.io Fingerprint70:E0:2B:45:EC:B5:E5:FB:98:9E:D6:AF:6E:33:7C:FA:97:6C:5A:07 ValiditySat, 27 Apr 2024 20:59:56 GMT - Fri, 26 Jul 2024 20:59:55 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size145 kB (145421 bytes) Hash9a3ae56c31a58c28e606e1e069a21059 ea3cdfcda002044373d2090e1745f83a15b82d17 6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55
Analyzer | Verdict | Alert | Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sexotravieso.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 15:17:35 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 11:17:39 GMT
etag: W/"65f18b53-2380d"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|