Submitted URL: https://bit.ly/3OZNHjR
Effective URL: https://befjajh.hornydats.com/s/62cf1c2230951
Submission: On August 05 via api from BE — Scanned from DE

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 17 HTTP transactions. The main IP is 178.162.199.80, located in Germany and belongs to LEASEWEB-DE-FRA-10, DE. The main domain is befjajh.hornydats.com.
TLS certificate: Issued by R3 on June 7th 2022. Valid for: 3 months.
This is the only time befjajh.hornydats.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
10 hornydats.com
befjajh.hornydats.com
360 KB
2 loveandflirts.com
loveandflirts.com
1 KB
2 whisky-lab.com
whisky-lab.com
622 B
1 gstatic.com
fonts.gstatic.com
13 KB
1 googleapis.com
fonts.googleapis.com
1 KB
1 jsdelivr.net
cdn.jsdelivr.net
2 KB
1 jquery.com
code.jquery.com
30 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4554
282 B
17 8
Domain Requested by
10 befjajh.hornydats.com loveandflirts.com
befjajh.hornydats.com
2 loveandflirts.com loveandflirts.com
2 whisky-lab.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com befjajh.hornydats.com
1 cdn.jsdelivr.net befjajh.hornydats.com
1 code.jquery.com befjajh.hornydats.com
1 bit.ly 1 redirects
17 8

This site contains no links.

Subject Issuer Validity Valid
whisky-lab.com
R3
2022-05-26 -
2022-08-24
3 months crt.sh
hornydats.com
R3
2022-06-07 -
2022-09-05
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh

This page contains 1 frames:

Primary Page: https://befjajh.hornydats.com/s/62cf1c2230951
Frame ID: 87ED7F3DC6DF890D76161E45EFA3E1F8
Requests: 17 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://bit.ly/3OZNHjR HTTP 301
    http://whisky-lab.com/articles/wp-includes/customize/peripherically/spignet_deben.html?wr=86v6um HTTP 301
    https://whisky-lab.com/articles/wp-includes/customize/peripherically/spignet_deben.html?wr=86v6um Page URL
  2. http://loveandflirts.com/love1/index.html Page URL
  3. https://befjajh.hornydats.com/s/62cf1c2230951 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

17
Requests

88 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

408 kB
Transfer

470 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3OZNHjR HTTP 301
    http://whisky-lab.com/articles/wp-includes/customize/peripherically/spignet_deben.html?wr=86v6um HTTP 301
    https://whisky-lab.com/articles/wp-includes/customize/peripherically/spignet_deben.html?wr=86v6um Page URL
  2. http://loveandflirts.com/love1/index.html Page URL
  3. https://befjajh.hornydats.com/s/62cf1c2230951 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3OZNHjR HTTP 301
  • http://whisky-lab.com/articles/wp-includes/customize/peripherically/spignet_deben.html?wr=86v6um HTTP 301
  • https://whisky-lab.com/articles/wp-includes/customize/peripherically/spignet_deben.html?wr=86v6um

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
spignet_deben.html
whisky-lab.com/articles/wp-includes/customize/peripherically/
Redirect Chain
  • https://bit.ly/3OZNHjR
  • http://whisky-lab.com/articles/wp-includes/customize/peripherically/spignet_deben.html?wr=86v6um
  • https://whisky-lab.com/articles/wp-includes/customize/peripherically/spignet_deben.html?wr=86v6um
113 B
350 B
Document
General
Full URL
https://whisky-lab.com/articles/wp-includes/customize/peripherically/spignet_deben.html?wr=86v6um
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.254.127 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-254-127.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ae547aacec8769c3c26efa0f50de5ab8da569ba05a1dbed9313953ab3775b24e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
113
Content-Type
text/html
Date
Fri, 05 Aug 2022 06:43:49 GMT
ETag
"61bdb113-71"
Last-Modified
Sat, 18 Dec 2021 09:59:47 GMT
Server
nginx/1.18.0

Redirect headers

Connection
keep-alive
Content-Length
169
Content-Type
text/html
Date
Fri, 05 Aug 2022 06:43:48 GMT
Location
https://whisky-lab.com/articles/wp-includes/customize/peripherically/spignet_deben.html?wr=86v6um
Server
nginx/1.18.0
index.html
loveandflirts.com/love1/
124 B
473 B
Document
General
Full URL
http://loveandflirts.com/love1/index.html
Protocol
HTTP/1.1
Server
46.161.40.116 Kyiv, Ukraine, ASN209272 (AS-ALVIVA, NL),
Reverse DNS
hosting-by.ankas-group.net
Software
Apache/2 /
Resource Hash
b8dda5bb93956f0e7ed6648828517825c31cf1efc1d237631ea07670caefa13c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
114
Content-Type
text/html
Date
Fri, 05 Aug 2022 06:43:50 GMT
ETag
"7c-5c33f97483100-gzip"
Keep-Alive
timeout=2, max=100
Last-Modified
Wed, 26 May 2021 18:12:52 GMT
Server
Apache/2
Upgrade
h2,h2c
Vary
Accept-Encoding,User-Agent
obfuscated_redirect.js
loveandflirts.com/love1/
1 KB
980 B
Script
General
Full URL
http://loveandflirts.com/love1/obfuscated_redirect.js
Requested by
Host: loveandflirts.com
URL: http://loveandflirts.com/love1/index.html
Protocol
HTTP/1.1
Server
46.161.40.116 Kyiv, Ukraine, ASN209272 (AS-ALVIVA, NL),
Reverse DNS
hosting-by.ankas-group.net
Software
Apache/2 /
Resource Hash
a4ee9b5362c7fd6518138e14e557035d370bc8e907502bdc4e7bcffdde6c83f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://loveandflirts.com/love1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 06:43:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Aug 2022 18:28:24 GMT
Server
Apache/2
ETag
"4d1-5e55a65f62200-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
634
Primary Request 62cf1c2230951
befjajh.hornydats.com/s/
9 KB
3 KB
Document
General
Full URL
https://befjajh.hornydats.com/s/62cf1c2230951
Requested by
Host: loveandflirts.com
URL: http://loveandflirts.com/love1/obfuscated_redirect.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
f4103de3f6ef6b6fd70c18d52689f000d2a5d24ab7931a0239243325bf714304

Request headers

Referer
http://loveandflirts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Aug 2022 06:43:54 GMT
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
style.css
befjajh.hornydats.com/bundle/465/assets/css/
8 KB
8 KB
Stylesheet
General
Full URL
https://befjajh.hornydats.com/bundle/465/assets/css/style.css
Requested by
Host: befjajh.hornydats.com
URL: https://befjajh.hornydats.com/s/62cf1c2230951
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
f9feaaf5ed194052bb788f58eefaaad11c17100e6b660978337c51869fb46d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://befjajh.hornydats.com/s/62cf1c2230951
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 06:43:54 GMT
Last-Modified
Thu, 09 Sep 2021 07:34:37 GMT
Server
openresty/1.19.3.1
ETag
"6139b90d-1ff6"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8182
jquery-3.3.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: befjajh.hornydats.com
URL: https://befjajh.hornydats.com/s/62cf1c2230951
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://befjajh.hornydats.com/
Origin
https://befjajh.hornydats.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 06:43:54 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1538f"
vary
Accept-Encoding
x-hw
1659681834.dop150.fr8.t,1659681834.cds230.fr8.hn,1659681834.cds057.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
lazyload.js
cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/
6 KB
2 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/lazyload.js
Requested by
Host: befjajh.hornydats.com
URL: https://befjajh.hornydats.com/s/62cf1c2230951
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://befjajh.hornydats.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 06:43:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11827335
x-jsd-version
2.0.0-rc.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19177-FRA, cache-hhn4077-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2B87KTZoaKLhsMmSk7wvciJF4hoAaEZ0lOgVE%2Fnd6vguDLtnjE%2FBGM%2BX0n3ahg65dyW39llDyDVZbJjhSx5KCU%2BmZJu7tWBedIZDzUpQGL%2BmLElKG3hIpYZzXgQDSg%2FshDseSQWO%2F5e%2FvK%2BxDYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
735d8fac68fc9963-FRA
functions.js
befjajh.hornydats.com/bundle/465/assets/js/
650 B
930 B
Script
General
Full URL
https://befjajh.hornydats.com/bundle/465/assets/js/functions.js
Requested by
Host: befjajh.hornydats.com
URL: https://befjajh.hornydats.com/s/62cf1c2230951
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
0f83d0b7eef4b4ca0789d370b41527e5147b478300e790c58513560acf5cad67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://befjajh.hornydats.com/s/62cf1c2230951
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 06:43:54 GMT
Last-Modified
Thu, 09 Sep 2021 07:34:40 GMT
Server
openresty/1.19.3.1
ETag
"6139b910-28a"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
650
click.js
befjajh.hornydats.com/js/
5 KB
5 KB
Script
General
Full URL
https://befjajh.hornydats.com/js/click.js
Requested by
Host: befjajh.hornydats.com
URL: https://befjajh.hornydats.com/s/62cf1c2230951
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
21796d03b31b6f7f1be149aa71b5a56a25de6003291b6950b51bc862452ded49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://befjajh.hornydats.com/s/62cf1c2230951
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 06:43:55 GMT
Last-Modified
Thu, 28 Jul 2022 12:41:42 GMT
Server
openresty/1.19.3.1
ETag
"62e28406-1208"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4616
css
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
Requested by
Host: befjajh.hornydats.com
URL: https://befjajh.hornydats.com/bundle/465/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://befjajh.hornydats.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 05 Aug 2022 05:55:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 05 Aug 2022 06:43:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Aug 2022 06:43:54 GMT
1.jpg
befjajh.hornydats.com/bundle/465/assets/images/
71 KB
71 KB
Image
General
Full URL
https://befjajh.hornydats.com/bundle/465/assets/images/1.jpg
Requested by
Host: befjajh.hornydats.com
URL: https://befjajh.hornydats.com/s/62cf1c2230951
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
b4c3367358a65186253cc8ee082019c52dc11170c1cfe9ef818fb761de1d4568

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://befjajh.hornydats.com/s/62cf1c2230951
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 06:43:55 GMT
Last-Modified
Thu, 09 Sep 2021 07:34:38 GMT
Server
openresty/1.19.3.1
ETag
"6139b90e-11ae9"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72425
2.jpg
befjajh.hornydats.com/bundle/465/assets/images/
95 KB
95 KB
Image
General
Full URL
https://befjajh.hornydats.com/bundle/465/assets/images/2.jpg
Requested by
Host: befjajh.hornydats.com
URL: https://befjajh.hornydats.com/s/62cf1c2230951
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
0a936be762040e1db975fe97bb34caa9b08264a2c7760ee94f374fe93fc0ded6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://befjajh.hornydats.com/s/62cf1c2230951
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 06:43:55 GMT
Last-Modified
Thu, 09 Sep 2021 07:34:38 GMT
Server
openresty/1.19.3.1
ETag
"6139b90e-17c61"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97377
3.jpg
befjajh.hornydats.com/bundle/465/assets/images/
87 KB
87 KB
Image
General
Full URL
https://befjajh.hornydats.com/bundle/465/assets/images/3.jpg
Requested by
Host: befjajh.hornydats.com
URL: https://befjajh.hornydats.com/s/62cf1c2230951
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
674cc1d4ebf6d21eee7c82a55d54a86215fb1bd20717eee7ef22fa7e6be9155f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://befjajh.hornydats.com/s/62cf1c2230951
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 06:43:55 GMT
Last-Modified
Thu, 09 Sep 2021 07:34:38 GMT
Server
openresty/1.19.3.1
ETag
"6139b90e-15cf1"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89329
4.jpg
befjajh.hornydats.com/bundle/465/assets/images/
27 KB
27 KB
Image
General
Full URL
https://befjajh.hornydats.com/bundle/465/assets/images/4.jpg
Requested by
Host: befjajh.hornydats.com
URL: https://befjajh.hornydats.com/s/62cf1c2230951
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
249d0a0506c36d9694584b7430d45e0852482838c769f78b92f26cd8e38e3628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://befjajh.hornydats.com/s/62cf1c2230951
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 06:43:55 GMT
Last-Modified
Thu, 09 Sep 2021 07:34:38 GMT
Server
openresty/1.19.3.1
ETag
"6139b90e-6cfb"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27899
5.jpg
befjajh.hornydats.com/bundle/465/assets/images/
32 KB
32 KB
Image
General
Full URL
https://befjajh.hornydats.com/bundle/465/assets/images/5.jpg
Requested by
Host: befjajh.hornydats.com
URL: https://befjajh.hornydats.com/s/62cf1c2230951
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
8b66ecb26b1a8eedb431ed584ba124432d0d382614e74026065babc096d4b14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://befjajh.hornydats.com/s/62cf1c2230951
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 06:43:55 GMT
Last-Modified
Thu, 09 Sep 2021 07:34:38 GMT
Server
openresty/1.19.3.1
ETag
"6139b90e-7e66"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32358
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://befjajh.hornydats.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 03:53:06 GMT
x-content-type-options
nosniff
age
96649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Aug 2023 03:53:06 GMT
fp2.min.js
befjajh.hornydats.com/js/
30 KB
30 KB
Script
General
Full URL
https://befjajh.hornydats.com/js/fp2.min.js
Requested by
Host: befjajh.hornydats.com
URL: https://befjajh.hornydats.com/js/click.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://befjajh.hornydats.com/s/62cf1c2230951
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 06:43:55 GMT
Last-Modified
Thu, 28 Jul 2022 12:41:42 GMT
Server
openresty/1.19.3.1
ETag
"62e28406-77dd"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30685

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

2 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m756HL-7b78e18831d67292bb-00R
.hornydats.com/ Name: SID
Value: d97de9f5825f1e6410e8b18e72789777

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

befjajh.hornydats.com
bit.ly
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
loveandflirts.com
whisky-lab.com
13.112.254.127
178.162.199.80
2001:4de0:ac18::1:a:2a
2606:4700::6810:5914
2a00:1450:4001:801::2003
2a00:1450:4001:812::200a
46.161.40.116
67.199.248.10
0a936be762040e1db975fe97bb34caa9b08264a2c7760ee94f374fe93fc0ded6
0f83d0b7eef4b4ca0789d370b41527e5147b478300e790c58513560acf5cad67
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
21796d03b31b6f7f1be149aa71b5a56a25de6003291b6950b51bc862452ded49
249d0a0506c36d9694584b7430d45e0852482838c769f78b92f26cd8e38e3628
674cc1d4ebf6d21eee7c82a55d54a86215fb1bd20717eee7ef22fa7e6be9155f
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
8b66ecb26b1a8eedb431ed584ba124432d0d382614e74026065babc096d4b14a
a4ee9b5362c7fd6518138e14e557035d370bc8e907502bdc4e7bcffdde6c83f7
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
ae547aacec8769c3c26efa0f50de5ab8da569ba05a1dbed9313953ab3775b24e
b4c3367358a65186253cc8ee082019c52dc11170c1cfe9ef818fb761de1d4568
b8dda5bb93956f0e7ed6648828517825c31cf1efc1d237631ea07670caefa13c
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
f4103de3f6ef6b6fd70c18d52689f000d2a5d24ab7931a0239243325bf714304
f9feaaf5ed194052bb788f58eefaaad11c17100e6b660978337c51869fb46d51