urlscan.io logo urlscan.io
SecurityTrails logo

ogqggn.gayailiance.com Open in urlscan Pro
52.19.101.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://migays.com/
Effective URL: https://ogqggn.gayailiance.com/?utm_source=f82757e39b1a28a9&s1=226614&s2=2062915&ban=tiktok&j1=1&click_id=03d25scojd5twdz375&s3...
Submission Tags: @phish_report
Submission: On November 29 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 8 domains to perform 11 HTTP transactions. The main IP is 52.19.101.114, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is ogqggn.gayailiance.com.
TLS certificate: Issued by R11 on October 30th 2024. Valid for: 3 months.
This is the only time ogqggn.gayailiance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.64.119.133 22612 (NAMECHEAP...)
1 1 172.67.143.15 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
1 52.19.101.114 16509 (AMAZON-02)
6 23.207.210.94 20940 (AKAMAI-AS...)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.67 15169 (GOOGLE)
11 5
1    192.64.119.133 (United States)

ASN22612 (NAMECHEAP-NET, US)
migays.com
1    172.67.143.15 (United States)

ASN13335 (CLOUDFLARENET, US)
kexkex.net
1    2606:4700:3030::ac43:bc08 (United States)

ASN13335 (CLOUDFLARENET, US)
summert.top
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
05i.bikcc.top
1    52.19.101.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-101-114.eu-west-1.compute.amazonaws.com
ogqggn.gayailiance.com
6    23.207.210.94 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-207-210-94.deploy.static.akamaitechnologies.com
cdn-dimi.akamaized.net
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 akamaized.net
cdn-dimi.akamaized.net — Cisco Umbrella Rank: 276474
562 KB
2 gstatic.com
fonts.gstatic.com
60 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 gayailiance.com
ogqggn.gayailiance.com
5 KB
1 bikcc.top
05i.bikcc.top
940 B
1 summert.top
summert.top
8 KB
1 kexkex.net
kexkex.net
1019 B
1 migays.com
migays.com
241 B
11 8
Domain Requested by
6 cdn-dimi.akamaized.net ogqggn.gayailiance.com
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com cdn-dimi.akamaized.net
1 ogqggn.gayailiance.com summert.top
1 05i.bikcc.top 1 redirects
1 summert.top
1 kexkex.net 1 redirects
1 migays.com 1 redirects
11 8

This site contains no links.

Subject Issuer Validity Valid
summert.top
WE1		 2024-11-23 -
2025-02-21		 3 months crt.sh
*.gayailiance.com
R11		 2024-10-30 -
2025-01-28		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-18 -
2025-04-19		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ogqggn.gayailiance.com/?utm_source=f82757e39b1a28a9&s1=226614&s2=2062915&ban=tiktok&j1=1&click_id=03d25scojd5twdz375&s3=585
Frame ID: CE255F84BC35D77DE9D73506E9C25547
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://migays.com/ HTTP 307
    https://migays.com/ HTTP 307
    http://migays.com/ HTTP 302
    https://kexkex.net/M8kvZR HTTP 302
    https://summert.top/click?o=3&a=585&sub_id1=grindr&aff_click_id=3ktinu2foaldtcjk Page URL
  2. https://05i.bikcc.top/click.php?key=z852fk2nhhmodvyuhn81&externalid=692aecaa6b32f652cb9a4c13d00b4c... HTTP 302
    https://ogqggn.gayailiance.com/?utm_source=f82757e39b1a28a9&s1=226614&s2=2062915&ban=tiktok&j1=1&click_id=0... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

5
IPs

4
Countries

636 kB
Transfer

764 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://migays.com/ HTTP 307
    https://migays.com/ HTTP 307
    http://migays.com/ HTTP 302
    https://kexkex.net/M8kvZR HTTP 302
    https://summert.top/click?o=3&a=585&sub_id1=grindr&aff_click_id=3ktinu2foaldtcjk Page URL
  2. https://05i.bikcc.top/click.php?key=z852fk2nhhmodvyuhn81&externalid=692aecaa6b32f652cb9a4c13d00b4c67&a=585&sub_id1=grindr&scGeo=FI HTTP 302
    https://ogqggn.gayailiance.com/?utm_source=f82757e39b1a28a9&s1=226614&s2=2062915&ban=tiktok&j1=1&click_id=03d25scojd5twdz375&s3=585 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://migays.com/ HTTP 307
  • https://migays.com/ HTTP 307
  • http://migays.com/ HTTP 302
  • https://kexkex.net/M8kvZR HTTP 302
  • https://summert.top/click?o=3&a=585&sub_id1=grindr&aff_click_id=3ktinu2foaldtcjk

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
click
summert.top/
Redirect Chain
  • http://migays.com/
  • https://migays.com/
  • http://migays.com/
  • https://kexkex.net/M8kvZR
  • https://summert.top/click?o=3&a=585&sub_id1=grindr&aff_click_id=3ktinu2foaldtcjk
26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://summert.top/click?o=3&a=585&sub_id1=grindr&aff_click_id=3ktinu2foaldtcjk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:bc08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d241767d500190869a0388fe977c4a49029289f7b8b9bf16152adccfc5d8958

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea1f25498545696-OSL
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 29 Nov 2024 10:34:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJwTCg1cix2A0OCFu3RXJmJa9v6XGCu%2BDnjDeLSXjq12mSc7MQtrBmprOrwSVb6owhm4upeymaBr2EJCQn9DoInKavbYmkauyQfqHpSHbKvNz%2BBfZccpkMbkAeXKvvOJK7WZq6DYAERl2g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=41686&min_rtt=41626&rtt_var=5030&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4038&recv_bytes=2356&delivery_rate=97041&cwnd=254&unsent_bytes=0&cid=57d452cdc3d5f5ba&ts=425&x=0"

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
8ea1f24dac0fb209-WAW
content-type
text/html; charset=utf-8
date
Fri, 29 Nov 2024 10:34:40 GMT
expires
Thu, 21 Jul 1977 07:30:00 GMT
last-modified
Fri, 29 Nov 2024 10:34:39 GMT
location
https://summert.top/click?o=3&a=585&sub_id1=grindr&aff_click_id=3ktinu2foaldtcjk
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yh05lrUV8y4L%2BR7UXm5%2BIHQ937SqR2enP07gX%2BLCqgL6o3HKhyOpiBbD6JggvqmLz3PDEsTmwl0%2FRTIr5BYpGvEKYFEBtEQDMJ2nd%2BDkNlDze3fkaD3FTG%2BYK6xU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=48093&min_rtt=46832&rtt_var=9768&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4140&recv_bytes=4491&delivery_rate=345&cwnd=12000&unsent_bytes=0&cid=faaa5d6648b9a770&ts=473&x=1" cfExtPri cfHdrFlush;dur=0
x-powered-by
PHP/5.6.40
Primary Request /
ogqggn.gayailiance.com/
Redirect Chain
  • https://05i.bikcc.top/click.php?key=z852fk2nhhmodvyuhn81&externalid=692aecaa6b32f652cb9a4c13d00b4c67&a=585&sub_id1=grindr&scGeo=FI
  • https://ogqggn.gayailiance.com/?utm_source=f82757e39b1a28a9&s1=226614&s2=2062915&ban=tiktok&j1=1&click_id=03d25scojd5twdz375&s3=585
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ogqggn.gayailiance.com/?utm_source=f82757e39b1a28a9&s1=226614&s2=2062915&ban=tiktok&j1=1&click_id=03d25scojd5twdz375&s3=585
Requested by
Host: summert.top
URL: https://summert.top/click?o=3&a=585&sub_id1=grindr&aff_click_id=3ktinu2foaldtcjk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.101.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-101-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5f6965cab011fa0037f4ae21fcc3fe9b71cbbe2bf0528b3e10048839962ff45f

Request headers

Referer
https://summert.top/click?o=3&a=585&sub_id1=grindr&aff_click_id=3ktinu2foaldtcjk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 29 Nov 2024 10:34:42 GMT
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea1f25b9a88352e-WAW
content-type
text/html; charset=UTF-8
date
Fri, 29 Nov 2024 10:34:42 GMT
location
https://ogqggn.gayailiance.com/?utm_source=f82757e39b1a28a9&s1=226614&s2=2062915&ban=tiktok&j1=1&click_id=03d25scojd5twdz375&s3=585
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DqvXG0cO%2FK%2F20xhDp%2BzSfdzN9x%2Bz8GktH2oZ%2FjZidadheiAOB%2F4PaptvVNedbLW01132JAQz0C0NQOlP6X235kj4xlkgJEsYjMjAq5joiSuZPiYsrJh2llRbiubvIW9V"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=47375&min_rtt=47197&rtt_var=7642&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4196&recv_bytes=4553&delivery_rate=384&cwnd=12000&unsent_bytes=0&cid=35f9be51b246cffe&ts=267&x=1" cfExtPri cfHdrFlush;dur=0
style.css
cdn-dimi.akamaized.net/landings/287598/1711103697/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-dimi.akamaized.net/landings/287598/1711103697/css/style.css?1711103697
Requested by
Host: ogqggn.gayailiance.com
URL: https://ogqggn.gayailiance.com/?utm_source=f82757e39b1a28a9&s1=226614&s2=2062915&ban=tiktok&j1=1&click_id=03d25scojd5twdz375&s3=585
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.210.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-207-210-94.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b8c6f8bc0f6ba3c4e33bb9c16e33d7d500cbc29da60fbe35ffd9e8416e665000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ogqggn.gayailiance.com/

Response headers

x-amz-id-2
1gzrSf+djrfaffvAl99iEkghJ+zrZIENbgXWvkpCxpuhSPgEy/W6rJ2ayipA++aY7Yv4Kel8mzo=
Vary
Accept-Encoding
Content-Encoding
gzip
ETag
"237886b9e530d3d7c41403a7546c6738"
Connection
keep-alive
x-amz-request-id
A4FV79374SJ0NA6J
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2055
Date
Fri, 29 Nov 2024 10:34:43 GMT
Last-Modified
Fri, 22 Mar 2024 14:20:48 GMT
Content-Type
text/css
Server
AmazonS3
x-amz-server-side-encryption
AES256
safety-block.css
cdn-dimi.akamaized.net/landings/287598/1711103697/css/ 		1 KB
966 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-dimi.akamaized.net/landings/287598/1711103697/css/safety-block.css?1711103697
Requested by
Host: ogqggn.gayailiance.com
URL: https://ogqggn.gayailiance.com/?utm_source=f82757e39b1a28a9&s1=226614&s2=2062915&ban=tiktok&j1=1&click_id=03d25scojd5twdz375&s3=585
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.210.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-207-210-94.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4852e5c51f9a3703df4886fb70dbff44275a1b14d8377e08b8ef4fb395844b43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ogqggn.gayailiance.com/

Response headers

x-amz-id-2
EppZ2Mk8ZBSUDq6qObGh8JVifl01/6TkVmxUYGCOxUPmQ4lRRrm3NXsIOtvpHPn+EmEQMdjkxEA=
Vary
Accept-Encoding
Content-Encoding
gzip
ETag
"b8e01a2e89902fa6a4c15eb846dd5309"
Connection
keep-alive
x-amz-request-id
A4FNE1QHZWAQQNQ5
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
434
Date
Fri, 29 Nov 2024 10:34:43 GMT
Last-Modified
Fri, 22 Mar 2024 14:20:48 GMT
Content-Type
text/css
Server
AmazonS3
x-amz-server-side-encryption
AES256
jquery-2.2.4.min.js
cdn-dimi.akamaized.net/landings/287598/1711103697/js/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-dimi.akamaized.net/landings/287598/1711103697/js/jquery-2.2.4.min.js?1711103697
Requested by
Host: ogqggn.gayailiance.com
URL: https://ogqggn.gayailiance.com/?utm_source=f82757e39b1a28a9&s1=226614&s2=2062915&ban=tiktok&j1=1&click_id=03d25scojd5twdz375&s3=585
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.210.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-207-210-94.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ogqggn.gayailiance.com/

Response headers

x-amz-id-2
JtE/+TZ+KjebjK1cw/AKIeRg+v0z2FDurldRtIv6nAVUFDmHjdqD/VqU+6BBTFQTPmq91fpCkuE=
Vary
Accept-Encoding
Content-Encoding
gzip
ETag
"2f6b11a7e914718e0290410e85366fe9"
Connection
keep-alive
x-amz-request-id
A4FZ49XANVZ72320
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
29855
Date
Fri, 29 Nov 2024 10:34:43 GMT
Last-Modified
Fri, 22 Mar 2024 14:20:48 GMT
Content-Type
text/javascript
Server
AmazonS3
x-amz-server-side-encryption
AES256
translates.js
cdn-dimi.akamaized.net/landings/287598/1711103697/js/ 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-dimi.akamaized.net/landings/287598/1711103697/js/translates.js?1711103697
Requested by
Host: ogqggn.gayailiance.com
URL: https://ogqggn.gayailiance.com/?utm_source=f82757e39b1a28a9&s1=226614&s2=2062915&ban=tiktok&j1=1&click_id=03d25scojd5twdz375&s3=585
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.210.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-207-210-94.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a6de0b9a55528f4bd53c014c24088a0c634aa8d749302b7a22c7861ce3454bb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ogqggn.gayailiance.com/

Response headers

x-amz-id-2
hTxknk1R5N6fO00j7uz2mZ32TFOPfzaZmEv+xsp82DoQEzr19mdqYjVylgxZ1BBSZD7C+8uniyA=
Vary
Accept-Encoding
Content-Encoding
gzip
ETag
"eeacb0778f1624090f142c54be26f8f5"
Connection
keep-alive
x-amz-request-id
A4FKTESWHK13V40Y
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
18694
Date
Fri, 29 Nov 2024 10:34:43 GMT
Last-Modified
Fri, 22 Mar 2024 14:20:48 GMT
Content-Type
text/javascript
Server
AmazonS3
x-amz-server-side-encryption
AES256
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
Requested by
Host: cdn-dimi.akamaized.net
URL: https://cdn-dimi.akamaized.net/landings/287598/1711103697/css/style.css?1711103697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ccfbc891aaecf13c04d2b058a5cab45abda67aa056551c9eb10e677328c9c48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cdn-dimi.akamaized.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 10:34:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 10:34:43 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 10:07:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ogqggn.gayailiance.com
Referer
https://fonts.googleapis.com/

Response headers

age
185417
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 07:04:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 07:04:26 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v29/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
9a6dde39d72bcc6477eaf676d55fda00c5312bd7050d9e4f36e6dc7ca9b9e763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ogqggn.gayailiance.com
Referer
https://fonts.googleapis.com/

Response headers

age
270800
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 07:21:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 07:21:23 GMT
last-modified
Wed, 06 Nov 2024 17:30:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23836
x-xss-protection
0
server
sffe
1.mp4
cdn-dimi.akamaized.net/landings/287598/1711103697/images/ 		505 KB
505 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-dimi.akamaized.net/landings/287598/1711103697/images/1.mp4
Requested by
Host: ogqggn.gayailiance.com
URL: https://ogqggn.gayailiance.com/?utm_source=f82757e39b1a28a9&s1=226614&s2=2062915&ban=tiktok&j1=1&click_id=03d25scojd5twdz375&s3=585
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.210.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-207-210-94.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c552347dc43252eb40c2d15e925f80d045ae2e5d741e4db9c1b6ebebe4a82609

Request headers

Referer
https://ogqggn.gayailiance.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-amz-id-2
Myh/7/dT3gpRtdKdDvql48poNvH8qP6oV1z8jwHJiASsQc4zuA62PK7lSnwuJe1uWrb0F4KvK5o=
ETag
"85128b0edc0311a448a838e25ddec229"
Connection
keep-alive
Content-Range
bytes 0-517018/517019
x-amz-request-id
GCNED627JEKXBWA5
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
517019
Date
Fri, 29 Nov 2024 10:34:43 GMT
Last-Modified
Fri, 22 Mar 2024 14:20:48 GMT
Content-Type
video/mp4
Server
AmazonS3
x-amz-server-side-encryption
AES256
favicon.ico
cdn-dimi.akamaized.net/images/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn-dimi.akamaized.net/images/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.210.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-207-210-94.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ogqggn.gayailiance.com/

Response headers

ETag
"4cdf3256cd7b8ec3917adb79d6bf457e"
Connection
keep-alive
x-amz-request-id
33470SEP63MECTPP
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
4103
Date
Fri, 29 Nov 2024 10:34:43 GMT
Last-Modified
Wed, 07 Nov 2018 08:41:38 GMT
Content-Type
image/x-icon
Server
AmazonS3
x-amz-id-2
jCEW1JBUCDkt3WOBXo4dmIgl06dLUyd4FzWU1jpG2Xt7Anl221KHUE51yPpGUyCMIBlUWEB12Mo=

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| imiFinButClickSubscribe function| imiFinButSubscriberDone function| imiBBQAdd function| imiBB object| _rup function| $ function| jQuery object| langs object| ortbConf

10 Cookies

Domain/Path Name / Value
.kexkex.net/ Name: 847ba
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjc4XCI6MTczMjg3NjQ3OX0sXCJjYW1wYWlnbnNcIjp7XCI0MlwiOjE3MzI4NzY0Nzl9LFwidGltZVwiOjE3MzI4NzY0Nzl9In0.QG-wjAMES2p3ZjiAy5yPhFVkBpqSSE-lwn_lnmz9KBg
summert.top/ Name: U-eccbc87e4b5ce2fe28308fd9f2a7baf3
Value: unique
summert.top/ Name: o_eccbc87e4b5ce2fe28308fd9f2a7baf3
Value: 29a83c68-1080-4677-a213-7f0c1b914aa3
05i.bikcc.top/ Name: uclick
Value: scojd5twdz
05i.bikcc.top/ Name: uclickhash
Value: scojd5twdz-scojd5twdz-bl-17kt-q5a8-7vd5i4-7vd5fe-803387
ogqggn.gayailiance.com/ Name: unique_id
Value: 674998c20001ec24
ogqggn.gayailiance.com/ Name: unique_id2
Value: 674998c20003a438
ogqggn.gayailiance.com/ Name: 674998c20003a438_c
Value: 1
ogqggn.gayailiance.com/ Name: ref_token
Value: 226614
ogqggn.gayailiance.com/ Name: 674998c20003a438_sl
Value: [287598]

1 Console Messages

Source Level URL
Text
rendering warning URL: https://ogqggn.gayailiance.com/?utm_source=f82757e39b1a28a9&s1=226614&s2=2062915&ban=tiktok&j1=1&click_id=03d25scojd5twdz375&s3=585(Line 238)
Message:
The value "false" for key "user-scalable" is invalid, and has been ignored.