chattydates.net Open in urlscan Pro
172.67.169.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3kIB6Wj#ytrytuyuy.html/b2Q9MXN5aTYxNmIyMmQyNmYwYTRfdmxfaW50ZXJ2bF8xMXI0LjV2NTFqcmkuTzAwMDByZ3U1a...
Effective URL:
https://chattydates.net/1666/
Submission: On October 19 via api (October 19th 2021, 4:37:10 am UTC) from BE — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 10 domains to perform 9 HTTP transactions. The main IP is 172.67.169.159, located in United States and belongs to CLOUDFLARENET, US. The main domain is chattydates.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 22nd 2021. Valid for: a year.

This is the only time chattydates.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 2	104.149.150.242 104.149.150.242	40676 (AS40676) (AS40676)
1	162.251.5.90 162.251.5.90	46841 (FORKNETWO...) (FORKNETWORKING)
1 1	172.67.216.183 172.67.216.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.49.178 104.21.49.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.198.87 172.67.198.87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	94.237.99.118 94.237.99.118	202053 (UPCLOUD) (UPCLOUD)
1 1	51.75.225.141 51.75.225.141	16276 (OVH) (OVH)
1 1	212.32.250.34 212.32.250.34	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	172.67.169.159 172.67.169.159	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	6

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.149.150.242 (Walnut, United States) 1 redirects

ASN40676 (AS40676, US)
PTR: knowther.com

knowther.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.251.5.90 (United States)

ASN46841 (FORKNETWORKING, US)

gratifyingpick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.216.183 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tulac.ngunsen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.49.178 (United States)

ASN13335 (CLOUDFLARENET, US)

fallback2.zimbromix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.198.87 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.237.99.118 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-99-118.de-fra1.upcloud.host

1d6926e0801.traff1c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.225.141 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip141.ip-51-75-225.eu

offers.backstreetaffiliates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.250.34 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

s3.afflist.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.169.159 (United States)

ASN13335 (CLOUDFLARENET, US)

chattydates.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	chattydates.net chattydates.net	71 KB
2	zimbromix.com fallback2.zimbromix.com	16 KB
2	knowther.com 1 redirects knowther.com	1 KB
1	afflist.net 1 redirects s3.afflist.net	325 B
1	backstreetaffiliates.com 1 redirects offers.backstreetaffiliates.com	235 B
1	traff1c.net 1d6926e0801.traff1c.net	1 KB
1	addlnk.com cdn.addlnk.com	1 KB
1	ngunsen.com 1 redirects tulac.ngunsen.com	928 B
1	gratifyingpick.com gratifyingpick.com	448 B
1	bit.ly 1 redirects bit.ly	251 B
9	10

	Domain	Requested by
3	chattydates.net	chattydates.net
2	fallback2.zimbromix.com	gratifyingpick.com fallback2.zimbromix.com
2	knowther.com	1 redirects
1	s3.afflist.net	1 redirects
1	offers.backstreetaffiliates.com	1 redirects
1	1d6926e0801.traff1c.net	fallback2.zimbromix.com
1	cdn.addlnk.com	fallback2.zimbromix.com
1	tulac.ngunsen.com	1 redirects
1	gratifyingpick.com	knowther.com
1	bit.ly	1 redirects
9	10

This site contains no links.

Subject Issuer	Validity	Valid
gratifyingpick.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-16` - `2022-06-16`	a year	crt.sh
*.zimbromix.com R3	`2021-09-23` - `2021-12-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
*.traff1c.net R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://chattydates.net/1666/
Frame ID: 3372DE3CB22FE85D82347034BC88542C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page URL History Show full URLs

https://bit.ly/3kIB6Wj HTTP 301
http://knowther.com/short/ Page URL
http://knowther.com/ytrytuyuy.html/b2Q9MXN5aTYxNmIyMmQyNmYwYTRfdmxfaW50ZXJ2bF8xMXI0LjV2NTFqcmkuT... HTTP 302
https://gratifyingpick.com/176434fa42c026f9000/annnnnnnnnnnnnnnnnooo_11r616b22d298eb8/yi11r%7CM21unJj=%... Page URL
https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1198390278&pubid=690393 HTTP 302
https://fallback2.zimbromix.com/rc/4fae28eb48?af5=pubid-not-valid Page URL
https://1d6926e0801.traff1c.net/?p=4379&media_type=mainstream&sub_id=puba7f8de851fb94332b2727e2efcffc8ad&pi=... Page URL
https://offers.backstreetaffiliates.com/?offer=657&uid=8ca4c86f-25ca-48d0-9f59-e1d32d37503b&lp=936&subid=5slbyve8g7w... HTTP 302
https://s3.afflist.net/click?pid=1650&offer_id=1147&l=1622810787&ref_id=BSAa878b664e9af0cfa23e6d171... HTTP 302
https://chattydates.net/1666/ Page URL

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

6
IPs

4
Countries

91 kB
Transfer

179 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3kIB6Wj HTTP 301
http://knowther.com/short/ Page URL
http://knowther.com/ytrytuyuy.html/b2Q9MXN5aTYxNmIyMmQyNmYwYTRfdmxfaW50ZXJ2bF8xMXI0LjV2NTFqcmkuTzAwMDByZ3U1a2IxYmFwMnV6X3gxMTM1OS5ndTVrYg==MjRzMGthLTMwMDA3b2I=1n4dTb HTTP 302
https://gratifyingpick.com/176434fa42c026f9000/annnnnnnnnnnnnnnnnooo_11r616b22d298eb8/yi11r%7CM21unJj=%7Cgu5kb%7C24s0ka%7C30007ob%7C61297%7C0000rgu5kb%7CO%7CM21unJj=%7CPC%7C3c86sl9/p3ycAwR2LwVlMQV2MwOuAS92oS9coaEypaMfKmRkpwD= Page URL
https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1198390278&pubid=690393 HTTP 302
https://fallback2.zimbromix.com/rc/4fae28eb48?af5=pubid-not-valid Page URL
https://1d6926e0801.traff1c.net/?p=4379&media_type=mainstream&sub_id=puba7f8de851fb94332b2727e2efcffc8ad&pi=&pubid= Page URL
https://offers.backstreetaffiliates.com/?offer=657&uid=8ca4c86f-25ca-48d0-9f59-e1d32d37503b&lp=936&subid=5slbyve8g7wqc8pg65f0ok848,15885326,5,4379&utm_source=4379 HTTP 302
https://s3.afflist.net/click?pid=1650&offer_id=1147&l=1622810787&ref_id=BSAa878b664e9af0cfa23e6d171071ac20d&sub1=305 HTTP 302
https://chattydates.net/1666/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/3kIB6Wj HTTP 301
http://knowther.com/short/

Request Chain 1

http://knowther.com/ytrytuyuy.html/b2Q9MXN5aTYxNmIyMmQyNmYwYTRfdmxfaW50ZXJ2bF8xMXI0LjV2NTFqcmkuTzAwMDByZ3U1a2IxYmFwMnV6X3gxMTM1OS5ndTVrYg==MjRzMGthLTMwMDA3b2I=1n4dTb HTTP 302
https://gratifyingpick.com/176434fa42c026f9000/annnnnnnnnnnnnnnnnooo_11r616b22d298eb8/yi11r%7CM21unJj=%7Cgu5kb%7C24s0ka%7C30007ob%7C61297%7C0000rgu5kb%7CO%7CM21unJj=%7CPC%7C3c86sl9/p3ycAwR2LwVlMQV2MwOuAS92oS9coaEypaMfKmRkpwD=

Request Chain 2

https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1198390278&pubid=690393 HTTP 302
https://fallback2.zimbromix.com/rc/4fae28eb48?af5=pubid-not-valid

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ knowther.com/short/ Redirect Chain https://bit.ly/3kIB6Wj http://knowther.com/short/	578 B 908 B	315ms 153ms	Document text/html	104.149.150.242 AS40676
General Check archive.org Show headers Download Go to Full URL http://knowther.com/short/ Protocol HTTP/1.1 Server 104.149.150.242 Walnut, United States, ASN40676 (AS40676, US), Reverse DNS knowther.com Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash Request headers Host knowther.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Tue, 19 Oct 2021 04:37:02 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 Last-Modified Mon, 22 Jul 2019 15:07:57 GMT ETag "242-58e4670ed2d40" Accept-Ranges bytes Content-Length 578 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Redirect headers server nginx date Tue, 19 Oct 2021 04:37:02 GMT content-type text/html; charset=utf-8 content-length 113 cache-control private, max-age=90 content-security-policy referrer always; location http://knowther.com/short/ referrer-policy unsafe-url set-cookie _bit=l9j4B2-fb195f59f42fab6e5c-00H; Domain=bit.ly; Expires=Sun, 17 Apr 2022 04:37:02 GMT via 1.1 google alt-svc clear
GET H/1.1	200 OK	Cookie set p3ycAwR2LwVlMQV2MwOuAS92oS9coaEypaMfKmRkpwD= gratifyingpick.com/176434fa42c026f9000/annnnnnnnnnnnnnnnnooo_11r616b22d298eb8/yi11r%7CM21unJj=%7Cgu5kb%7C24s0ka%7C30007ob%7C61297%7C0000rgu5kb%7CO%7CM21unJj=%7CPC%7C3c86sl9/ Redirect Chain http://knowther.com/ytrytuyuy.html/b2Q9MXN5aTYxNmIyMmQyNmYwYTRfdmxfaW50ZXJ2bF8xMXI0LjV2NTFqcmkuTzAwMDByZ3U1a2IxYmFwMnV6X3gxMTM1OS5ndTVrYg==MjRzMGthLTMwMDA3b2I=1n4dTb https://gratifyingpick.com/176434fa42c026f9000/annnnnnnnnnnnnnnnnooo_11r616b22d298eb8/yi11r%7CM21unJj=%7Cgu5kb%7C24s0ka%7C30007ob%7C61297%7C0000rgu5kb%7CO%7CM21unJj=%7CPC%7C3c86sl9/p3ycAwR2LwVlMQV2...	135 B 448 B	868ms 299ms	Document text/html	162.251.5.90 FORKNETWORKING
General Check archive.org Show headers Download Go to Full URL https://gratifyingpick.com/176434fa42c026f9000/annnnnnnnnnnnnnnnnooo_11r616b22d298eb8/yi11r%7CM21unJj=%7Cgu5kb%7C24s0ka%7C30007ob%7C61297%7C0000rgu5kb%7CO%7CM21unJj=%7CPC%7C3c86sl9/p3ycAwR2LwVlMQV2MwOuAS92oS9coaEypaMfKmRkpwD= Requested by Host: knowther.com URL: http://knowther.com/short/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.251.5.90 , United States, ASN46841 (FORKNETWORKING, US), Reverse DNS Software Apache / Resource Hash Request headers Host gratifyingpick.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer http://knowther.com/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://knowther.com/short/#ytrytuyuy.html/b2Q9MXN5aTYxNmIyMmQyNmYwYTRfdmxfaW50ZXJ2bF8xMXI0LjV2NTFqcmkuTzAwMDByZ3U1a2IxYmFwMnV6X3gxMTM1OS5ndTVrYg==MjRzMGthLTMwMDA3b2I=1n4dTb Response headers Date Tue, 19 Oct 2021 04:37:05 GMT Server Apache Set-Cookie uid15295=1198390278-20211019003705-bafbb226c6f9daf1365b33ba3727b892-; domain=; expires=Thu, 18-Nov-2021 04:37:05 GMT; path=/; SameSite=None; Secure Content-Length 135 Connection close Content-Type text/html; charset=UTF-8 Redirect headers Date Tue, 19 Oct 2021 04:37:02 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 X-Powered-By PHP/5.4.16 Location https://gratifyingpick.com/176434fa42c026f9000/annnnnnnnnnnnnnnnnooo_11r616b22d298eb8/yi11r\|M21unJj=\|gu5kb\|24s0ka\|30007ob\|61297\|0000rgu5kb\|O\|M21unJj=\|PC\|3c86sl9/p3ycAwR2LwVlMQV2MwOuAS92oS9coaEypaMfKmRkpwD= Content-Length 0 Keep-Alive timeout=5, max=99 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H2	200	4fae28eb48 Show response fallback2.zimbromix.com/rc/ Redirect Chain https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1198390278&pubid=690393 https://fallback2.zimbromix.com/rc/4fae28eb48?af5=pubid-not-valid	2 KB 2 KB	141ms 104ms	Document text/html	104.21.49.178 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fallback2.zimbromix.com/rc/4fae28eb48?af5=pubid-not-valid Requested by Host: gratifyingpick.com URL: https://gratifyingpick.com/176434fa42c026f9000/annnnnnnnnnnnnnnnnooo_11r616b22d298eb8/yi11r%7CM21unJj=%7Cgu5kb%7C24s0ka%7C30007ob%7C61297%7C0000rgu5kb%7CO%7CM21unJj=%7CPC%7C3c86sl9/p3ycAwR2LwVlMQV2MwOuAS92oS9coaEypaMfKmRkpwD= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.49.178 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f51455a4abdac239cc09df79ef38f76697e0ba024171a5c359d33ec4482fa572` Request headers :method GET :authority fallback2.zimbromix.com :scheme https :path /rc/4fae28eb48?af5=pubid-not-valid pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://gratifyingpick.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://gratifyingpick.com/176434fa42c026f9000/annnnnnnnnnnnnnnnnooo_11r616b22d298eb8/yi11r%7CM21unJj=%7Cgu5kb%7C24s0ka%7C30007ob%7C61297%7C0000rgu5kb%7CO%7CM21unJj=%7CPC%7C3c86sl9/p3ycAwR2LwVlMQV2MwOuAS92oS9coaEypaMfKmRkpwD= Response headers date Tue, 19 Oct 2021 04:37:05 GMT content-type text/html; charset=utf-8 set-cookie AWSALB=5QXXmm6oE/kyWvse0SlR9QoqUrgkSDbczybeFrbPS2BQTtcj1cG8qLdi7Txm22P/bJavMO2fSsQMszsoRvVU8YgmFQa5Azg6BSdOVw6JYRW9n7FQEtEfaUyN0d7i; Expires=Tue, 26 Oct 2021 04:37:05 GMT; Path=/ AWSALBCORS=5QXXmm6oE/kyWvse0SlR9QoqUrgkSDbczybeFrbPS2BQTtcj1cG8qLdi7Txm22P/bJavMO2fSsQMszsoRvVU8YgmFQa5Azg6BSdOVw6JYRW9n7FQEtEfaUyN0d7i; Expires=Tue, 26 Oct 2021 04:37:05 GMT; Path=/; SameSite=None vary Accept-Encoding, Accept-Language, Cookie content-language en-us cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jciOvj779fZPL7UWUngiR48kvV68WVdEf7eQJdXEFa2ksVKddJ%2B322Yd56ugmY2hGuRkqOOiGFqeEniR7LginvRxvCAyX7%2F3wzh7cd%2Bwe4Nuo5zKOb1f3H7sAEmkwvrjXS6iUz8izFqqzg%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a074f24ffb32b4d-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers date Tue, 19 Oct 2021 04:37:05 GMT content-type text/html; charset=utf-8 set-cookie AWSALB=1EcFNNZM4xsQNYxWnh77ap/lS2ti3u/nRIsdqrtfbOGvqw+yeX979ZPBhLe2HMcDLyHEz2Tz3ebud3vjNT2uinVO8jCGtVYFjxYHhKbaw5isg4lh4xYicP8v5vpk; Expires=Tue, 26 Oct 2021 04:37:05 GMT; Path=/ AWSALBCORS=1EcFNNZM4xsQNYxWnh77ap/lS2ti3u/nRIsdqrtfbOGvqw+yeX979ZPBhLe2HMcDLyHEz2Tz3ebud3vjNT2uinVO8jCGtVYFjxYHhKbaw5isg4lh4xYicP8v5vpk; Expires=Tue, 26 Oct 2021 04:37:05 GMT; Path=/; SameSite=None location https://fallback2.zimbromix.com/rc/4fae28eb48?af5=pubid-not-valid vary Accept-Language, Cookie content-language en-us cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODiX%2BULCaZetO7eQV0R4UiWRpN8%2Bd%2FHAPAuPr%2BVpQS5qcrFmxk%2F5W3rNXnz0xwl%2BGP6hFiG7bWldYu9RudYe%2BD0hAyQxruDrv8ybQAcKxSaM0RJVleBTW%2FP6c49b6Y%2B%2F9Keotw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a074f2418a32780-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	redirect.css cdn.addlnk.com/	1 KB 1 KB	226ms 22ms	Stylesheet text/css	172.67.198.87 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.addlnk.com/redirect.css Requested by Host: fallback2.zimbromix.com URL: https://fallback2.zimbromix.com/rc/4fae28eb48?af5=pubid-not-valid Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.198.87 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 04:37:05 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2593 cf-polished origSize=1680 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id C0MZEK71BT52TXHH x-amz-id-2 1ZQlYnIN8qU1AmdHCjNRCnkY7zBcUSoI2NRLOwDwAsWkzfaStpTAX0Wxzi1E95xaQ5dVOfolJqA= last-modified Wed, 13 Mar 2019 00:03:12 GMT server cloudflare etag W/"3ae56d32551602b41f9046c14d1cfde2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmbBqK3f24eetBCh%2BGjChHcJ%2FL3a0Jlrhj2u%2F4XYlHHYWN%2FNZg0PvSmjk23IP3xZ5BczMEcO9OcnsTj%2BCUCDFfkby5pbtV0MYush8W2RB63lQ%2BpQRlk%2BybFXdP%2F5WYRarg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 6a074f270bc8f9e6-PRG cf-bgj minify
GET H2	200	invisible.js Show response fallback2.zimbromix.com/cdn-cgi/challenge-platform/h/b/scripts/	40 KB 14 KB	57ms 56ms	Script text/javascript	104.21.49.178 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fallback2.zimbromix.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js Requested by Host: fallback2.zimbromix.com URL: https://fallback2.zimbromix.com/rc/4fae28eb48?af5=pubid-not-valid Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.49.178 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `888f9faa3826c6ea5f27178f54de6d698450c87e6d042aec2e71daed4387b8b1` Request headers :path /cdn-cgi/challenge-platform/h/b/scripts/invisible.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority fallback2.zimbromix.com cookie AWSALB=5QXXmm6oE/kyWvse0SlR9QoqUrgkSDbczybeFrbPS2BQTtcj1cG8qLdi7Txm22P/bJavMO2fSsQMszsoRvVU8YgmFQa5Azg6BSdOVw6JYRW9n7FQEtEfaUyN0d7i :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 04:37:05 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4A6xwwDpgnmd%2F9q1XX0gs3i8%2F9XmAw0arr375VbkNfIHoQrz8CALUf8BgqixMHzT0H41uYbO1HJ5RKshqGQs%2BTGM7%2B0IR6rNa7Yjqe5KeXr5DYCjt5gUl6kcA91deWY1rAxZFDBpntw5A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=604800, public x-control-type-options nosniff cf-ray 6a074f25b8582b4d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ Show response 1d6926e0801.traff1c.net/	986 B 1 KB	115ms 84ms	Document text/html	94.237.99.118 UPCLOUD
General Check archive.org Show headers Download Go to Full URL https://1d6926e0801.traff1c.net/?p=4379&media_type=mainstream&sub_id=puba7f8de851fb94332b2727e2efcffc8ad&pi=&pubid= Requested by Host: fallback2.zimbromix.com URL: https://fallback2.zimbromix.com/rc/4fae28eb48?af5=pubid-not-valid Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.237.99.118 , Finland, ASN202053 (UPCLOUD, FI), Reverse DNS 94-237-99-118.de-fra1.upcloud.host Software / Resource Hash `e12b4deeb20d997bc45bccacc3d8ff4b0a98022451599521a640d8371b91e9a5` Request headers :method GET :authority 1d6926e0801.traff1c.net :scheme https :path /?p=4379&media_type=mainstream&sub_id=puba7f8de851fb94332b2727e2efcffc8ad&pi=&pubid= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 19 Oct 2021 04:37:06 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding set-cookie rts-trck=1; expires=Tue, 19-Oct-2021 04:47:06 GMT; Max-Age=600; path=/; domain=1d6926e0801.traff1c.net t-uuid=5slbyve8oeay66001gi040wgs; expires=Sun, 19-Oct-2031 04:37:06 GMT; Max-Age=315532800; path=/; domain=.traff1c.net rts-trck=1; expires=Tue, 19-Oct-2021 04:47:06 GMT; Max-Age=600; path=/; domain=1d6926e0801.traff1c.net traffic-visited-offers=158962%7C1634618226%7C158962%7Cunspecified; expires=Wed, 20-Oct-2021 04:37:06 GMT; Max-Age=86400; path=/; domain=.traff1c.net traffic-back=ok; expires=Tue, 19-Oct-2021 04:37:36 GMT; Max-Age=30; path=/; domain=.traff1c.net last-modified Tue, 19 Oct 2021 04:37:06 GMT expires Tue, 19 Oct 2021 04:37:06 GMT cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 pragma no-cache x-robots-tag noindex, nofollow content-encoding gzip
GET H2	200	Primary Request / Show response chattydates.net/1666/ Redirect Chain https://offers.backstreetaffiliates.com/?offer=657&uid=8ca4c86f-25ca-48d0-9f59-e1d32d37503b&lp=936&subid=5slbyve8g7wqc8pg65f0ok848,15885326,5,4379&utm_source=4379 https://s3.afflist.net/click?pid=1650&offer_id=1147&l=1622810787&ref_id=BSAa878b664e9af0cfa23e6d171071ac20d&sub1=305 https://chattydates.net/1666/	102 KB 37 KB	246ms 173ms	Document text/html	172.67.169.159 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://chattydates.net/1666/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.169.159 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `aae5f964bb19723fc010e302c4f75aaecb10de21a601fcf403a9083381ad7b18` Request headers :method GET :authority chattydates.net :scheme https :path /1666/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://1d6926e0801.traff1c.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://1d6926e0801.traff1c.net/?p=4379&media_type=mainstream&sub_id=puba7f8de851fb94332b2727e2efcffc8ad&pi=&pubid= Response headers date Tue, 19 Oct 2021 04:37:06 GMT content-type text/html last-modified Tue, 12 Oct 2021 16:00:40 GMT cache-control max-age=14400 cf-cache-status MISS expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkJMPEc3QLFz8Wp1uw2yoeJAZO1CrGdU2N%2B0JBO52goYZ7887Yd9Lr882E0LLQvl30ThatYE27vspUg2DJjaI5zO%2BjAd1dTglt6vs12QAzxnC0%2F7rVt5xeqnCG8fLtY8nYA%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 6a074f2a7cc327b8-PRG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers server nginx date Tue, 19 Oct 2021 04:37:06 GMT content-length 0 location https://chattydates.net/1666/#b=1147&v=616e4b72c3881700013446c8&a=1650&sub1=305&sub2=&platform=affise&affcountry=DE&noRedir=true set-cookie afclick=616e4b72c3881700013446c8; expires=Wed, 19 Oct 2022 04:37:06 GMT; secure; SameSite=None afoffers={"1147":1634618226}; expires=Wed, 19 Oct 2022 04:37:06 GMT; secure; SameSite=None access-control-allow-origin *
GET H3	200	main.jpg chattydates.net/1666/img/	32 KB 33 KB	225ms 182ms	Image image/jpeg	172.67.169.159 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://chattydates.net/1666/img/main.jpg Requested by Host: chattydates.net URL: https://chattydates.net/1666/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.169.159 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `12c7d1866cd7cfcdcfc0a21eb77852f1aeb2b82be143b5d78b9340e5f38e3327` Request headers :path /1666/img/main.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority chattydates.net referer https://chattydates.net/1666/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://chattydates.net/1666/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 04:37:06 GMT cf-cache-status MISS last-modified Tue, 12 Oct 2021 16:00:40 GMT server cloudflare etag "6165b128-80a9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XajOxXFYzYjSButQrd4bHpv3YmKy54K9iXNcxzLMVsZOioWik9yJ1DYZ%2FDYNIhjLPQWSeQ9RL9pISFP8ZS9DiZVsjUoHawZhF%2BM%2BaaFeZDlxoDSwxAYv%2FYz8ESksH6oPviI%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6a074f2c188c2784-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 32937
POST H3	201	assignation Show response chattydates.net/api/voice/	311 B 896 B	2152ms 2131ms	XHR application/json	172.67.169.159 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://chattydates.net/api/voice/assignation Requested by Host: chattydates.net URL: https://chattydates.net/1666/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.169.159 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `14711e494335bd681af20cea37294309dca71ae6f8a7fdb57329852d49a6ff6e` Request headers sec-fetch-mode cors origin https://chattydates.net accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest empty x-requested-with XMLHttpRequest content-length 106 :path /api/voice/assignation pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/x-www-form-urlencoded; charset=UTF-8 accept application/json, text/javascript, /; q=0.01 cache-control no-cache :authority chattydates.net referer https://chattydates.net/1666/ :scheme https sec-fetch-site same-origin :method POST Accept application/json, text/javascript, /; q=0.01 Referer https://chattydates.net/1666/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Tue, 19 Oct 2021 04:37:08 GMT etag W/"137-n+VVSTu2IP/5mcpfajeDapRdhNY" cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCEF74aD9KGwGy4OtrRiCTV%2BeV%2Fe5iKKh2TXXRKYN%2BlBiWX7XdKa9m34Vwrhg3VAfghxqZVf3uipDnVWUg5V7uXp3Laqk49W7s%2BLpo2TMfSawa9qXocBEzPfY91jJDSP%2B1g%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 cf-ray 6a074f2c188b2784-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 311

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 02:22:50	Name: _bit Value: l9j4B2-fb195f59f42fab6e5c-00H
gratifyingpick.com/	1970-01-19 22:46:50	Name: uid15295 Value: 1198390278-20211019003705-bafbb226c6f9daf1365b33ba3727b892-
tulac.ngunsen.com/	1970-01-19 22:13:43	Name: AWSALB Value: 1EcFNNZM4xsQNYxWnh77ap/lS2ti3u/nRIsdqrtfbOGvqw+yeX979ZPBhLe2HMcDLyHEz2Tz3ebud3vjNT2uinVO8jCGtVYFjxYHhKbaw5isg4lh4xYicP8v5vpk
fallback2.zimbromix.com/	1970-01-19 22:13:43	Name: AWSALB Value: 5QXXmm6oE/kyWvse0SlR9QoqUrgkSDbczybeFrbPS2BQTtcj1cG8qLdi7Txm22P/bJavMO2fSsQMszsoRvVU8YgmFQa5Azg6BSdOVw6JYRW9n7FQEtEfaUyN0d7i
.1d6926e0801.traff1c.net/	1970-01-19 22:03:38	Name: rts-trck Value: 1
.traff1c.net/	1970-01-23 13:42:31	Name: t-uuid Value: 5slbyve8oeay66001gi040wgs
.traff1c.net/	1970-01-19 22:05:04	Name: traffic-visited-offers Value: 158962%7C1634618226%7C158962%7Cunspecified
.traff1c.net/	1970-01-19 22:03:38	Name: traffic-back Value: ok
offers.backstreetaffiliates.com/	1970-01-19 22:04:21	Name: BSA-offer657 Value: 1
s3.afflist.net/	1970-01-20 06:49:14	Name: afclick Value: 616e4b72c3881700013446c8
s3.afflist.net/	1970-01-20 06:49:14	Name: afoffers Value: {"1147":1634618226}
chattydates.net/	1970-01-19 22:03:38	Name: allocatedNumber Value: 21655201842

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d6926e0801.traff1c.net
bit.ly
cdn.addlnk.com
chattydates.net
fallback2.zimbromix.com
gratifyingpick.com
knowther.com
offers.backstreetaffiliates.com
s3.afflist.net
tulac.ngunsen.com
104.149.150.242
104.21.49.178
162.251.5.90
172.67.169.159
172.67.198.87
172.67.216.183
212.32.250.34
51.75.225.141
67.199.248.10
94.237.99.118
12c7d1866cd7cfcdcfc0a21eb77852f1aeb2b82be143b5d78b9340e5f38e3327
14711e494335bd681af20cea37294309dca71ae6f8a7fdb57329852d49a6ff6e
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
888f9faa3826c6ea5f27178f54de6d698450c87e6d042aec2e71daed4387b8b1
aae5f964bb19723fc010e302c4f75aaecb10de21a601fcf403a9083381ad7b18
e12b4deeb20d997bc45bccacc3d8ff4b0a98022451599521a640d8371b91e9a5
f51455a4abdac239cc09df79ef38f76697e0ba024171a5c359d33ec4482fa572

chattydates.net Open in urlscan Pro 172.67.169.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

89 %HTTPS

0 %IPv6

10 Domains

10 Subdomains

6 IPs

4 Countries

91 kBTransfer

179 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

12 Cookies

Indicators

chattydates.net Open in urlscan Pro
172.67.169.159 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

6
IPs

4
Countries

91 kB
Transfer

179 kB
Size

12
Cookies

9 HTTP transactions
0 data transactions