urlscan.io logo urlscan.io
SecurityTrails logo

sexaag.com Open in urlscan Pro
62.4.22.236  Public Scan

Go To Rescan Add Verdict Report
URL: http://sexaag.com/
Submission: On June 10 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 13 domains to perform 21 HTTP transactions. The main IP is 62.4.22.236, located in France and belongs to AS12876, FR. The main domain is sexaag.com.
This is the only time sexaag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 62.4.22.236 12876 (AS12876)
3 4 205.147.93.131 393676 (ZENEDGE)
1 1 205.147.93.132 393676 (ZENEDGE)
1 2 194.187.97.215 35415 (WEBZILLA)
3 109.206.164.148 50245 (SERVEREL-AS)
2 104.236.14.237 14061 (DIGITALOC...)
1 89.255.250.54 60626 (LEASEWEBCDN)
1 1 67.199.248.10 395224 (BITLY-AS)
1 67.199.248.14 395224 (BITLY-AS)
6 188.72.215.102 35415 (WEBZILLA)
1 31.220.24.95 39572 (ADVANCEDH...)
1 188.42.160.80 35415 (WEBZILLA)
21 11
4    62.4.22.236 (France)

ASN12876 (AS12876, FR)
PTR: 62-4-22-236.rev.poneytelecom.eu
sexaag.com
4    205.147.93.131 (United States)

ASN393676 (ZENEDGE - Oracle Corporation, US)
perzhru.com
taladraten.com
1    205.147.93.132 (United States)

ASN393676 (ZENEDGE - Oracle Corporation, US)
licantrum.com
2    194.187.97.215 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: v-6-08-35-d4583-215.webazilla.com
clickadu.com
3    109.206.164.148 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.164.148.serverel.net
syndapop.com
instantresp.com
2    104.236.14.237 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: gostats.com-main
gostats.com
c4.gostats.com
1    89.255.250.54 (Germany)

ASN60626 (LEASEWEBCDN, NL)
cdn.taladraten.com
1    67.199.248.10 (United States)

ASN395224 (BITLY-AS - Bitly Inc, US)
PTR: bit.ly
bit.ly
1    67.199.248.14 (United States)

ASN395224 (BITLY-AS - Bitly Inc, US)
PTR: bitly.com
bitly.com
6    188.72.215.102 (Netherlands)

ASN35415 (WEBZILLA, NL)
pushance.com
1    31.220.24.95 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
tslomhfys.com
1    188.42.160.80 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)
my.rtmark.net
Domain Requested by
6 pushance.com syndapop.com
pushance.com
4 sexaag.com sexaag.com
2 syndapop.com sexaag.com
syndapop.com
2 clickadu.com 1 redirects sexaag.com
2 taladraten.com 1 redirects sexaag.com
2 perzhru.com 2 redirects
1 my.rtmark.net pushance.com
1 tslomhfys.com syndapop.com
1 instantresp.com syndapop.com
1 c4.gostats.com sexaag.com
1 bitly.com sexaag.com
1 bit.ly 1 redirects
1 cdn.taladraten.com sexaag.com
1 gostats.com sexaag.com
1 licantrum.com 1 redirects
21 15

This site contains links to these domains. Also see Links.

Domain
taladraten.com
Subject Issuer Validity Valid

1970-01-01 -
1970-01-01		 a few seconds crt.sh
clickadu.com
COMODO RSA Domain Validation Secure Server CA		 2018-01-15 -
2021-01-20		 3 years crt.sh
*.bitly.com
DigiCert SHA2 High Assurance Server CA		 2018-08-27 -
2020-09-08		 2 years crt.sh
syndapop.com
Let's Encrypt Authority X3		 2019-04-15 -
2019-07-14		 3 months crt.sh
instantresp.com
Let's Encrypt Authority X3		 2019-05-31 -
2019-08-29		 3 months crt.sh
pushance.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-05 -
2019-12-01		 a year crt.sh
tslomhfys.com
Let's Encrypt Authority X3		 2019-05-17 -
2019-08-15		 3 months crt.sh
my.rtmark.net
Let's Encrypt Authority X3		 2019-04-22 -
2019-07-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://sexaag.com/
Frame ID: DCFA24BE2D52CEFACA5C67ADE45477A0
Requests: 21 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0DAC97FADC57DED120BD4F20B0BD464D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^_go(?:stats|_track)/i

Page Statistics

21
Requests

57 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

11
IPs

4
Countries

152 kB
Transfer

297 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://perzhru.com/get/tpi/1-1681-38a953ce6ea2020a294e9682918c942e/lib.js?cl=BANNER_300x50_1 HTTP 302
  • http://taladraten.com/lag/led/widget/1-1681-38a953ce6ea2020a294e9682918c942e/atx.js?cl=BANNER_300x50_1
Request Chain 3
  • http://perzhru.com/get/tpi/1-1681-941c27779e07c50d2a9bd829cdfc04b2/lib.js?cl=BANNER_300x100_2 HTTP 302
  • http://licantrum.com/lag/led/widget/1-1681-941c27779e07c50d2a9bd829cdfc04b2/atx.js?cl=BANNER_300x100_2 HTTP 302
  • http://clickadu.com/afu.php?zoneid=723740 HTTP 301
  • https://clickadu.com/afu.php?zoneid=723740
Request Chain 7
  • http://taladraten.com/lag/led/widget/1-1681-38a953ce6ea2020a294e9682918c942e/5cfea5669b6c36.42501358/unforeseen?jdu=BANNER_300x50_1&ori=3x HTTP 302
  • http://cdn.taladraten.com/lag/hyper-config/rdram/upload/2016/07/20/20160720115028-80be2476.gif
Request Chain 8
  • http://bit.ly/2sfC4wg HTTP 302
  • https://bitly.com/a/warning?hash=2sfC4wg&url=http%3A%2F%2Fmobile.juicyads.com%2Fservice_async.php%2FserveAd%3FJSON-response-callback%3Drpc.callbacks.r1%26id%3D1%26c%3D107158%26s%3D196089

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sexaag.com/ 		79 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sexaag.com/
Protocol
HTTP/1.1
Server
62.4.22.236 , France, ASN12876 (AS12876, FR),
Reverse DNS
62-4-22-236.rev.poneytelecom.eu
Software
nginx / PHP/5.4.41
Resource Hash
88ca442cef702956b9abea863f92e69da0199d106c765286c6b39f95a84e6e6f

Request headers

Host
sexaag.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Mon, 10 Jun 2019 18:45:58 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.4.41
Content-Encoding
gzip
style.css
sexaag.com/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sexaag.com/style.css
Requested by
Host: sexaag.com
URL: http://sexaag.com/
Protocol
HTTP/1.1
Security
, ,
Server
62.4.22.236 , France, ASN12876 (AS12876, FR),
Reverse DNS
62-4-22-236.rev.poneytelecom.eu
Software
nginx /
Resource Hash
3ab5b76930319f6343ebfff8781e3cfcc7f3ae3e5ab73918d77103fc7c6eacef

Request headers

Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Jun 2019 18:45:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Jun 2017 17:09:54 GMT
Server
nginx
ETag
W/"5942bf62-1e4f"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 11 Jun 2019 06:45:58 GMT
logohieng.png
sexaag.com/data/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sexaag.com/data/logohieng.png
Requested by
Host: sexaag.com
URL: http://sexaag.com/
Protocol
HTTP/1.1
Security
, ,
Server
62.4.22.236 , France, ASN12876 (AS12876, FR),
Reverse DNS
62-4-22-236.rev.poneytelecom.eu
Software
nginx /
Resource Hash
f34a639a682244338507547c8dbb122dc00cdbc57d32450ae2c076d59e288b0a

Request headers

Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Jun 2019 18:45:58 GMT
Last-Modified
Fri, 12 Jul 2013 22:00:00 GMT
Server
nginx
ETag
"51e07c60-2b32"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11058
Expires
Wed, 10 Jul 2019 18:45:58 GMT
atx.js
taladraten.com/lag/led/widget/1-1681-38a953ce6ea2020a294e9682918c942e/
Redirect Chain
  • http://perzhru.com/get/tpi/1-1681-38a953ce6ea2020a294e9682918c942e/lib.js?cl=BANNER_300x50_1
  • http://taladraten.com/lag/led/widget/1-1681-38a953ce6ea2020a294e9682918c942e/atx.js?cl=BANNER_300x50_1
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://taladraten.com/lag/led/widget/1-1681-38a953ce6ea2020a294e9682918c942e/atx.js?cl=BANNER_300x50_1
Requested by
Host: sexaag.com
URL: http://sexaag.com/
Protocol
HTTP/1.1
Security
, ,
Server
205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
2600f173cad937afc4095be66eedbe9443f8ce1f142984aa83eb8155264d73ba

Request headers

Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Zen-Fury
06a5f858f217d50f6795985e115098b233a03a92
Date
Mon, 10 Jun 2019 18:45:58 GMT
Content-Encoding
gzip
Server
ZENEDGE
X-Cache-Status
NOTCACHED
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-control
private
Transfer-Encoding
chunked
Connection
keep-alive
X-Cdn
Served-By-Zenedge

Redirect headers

X-Zen-Fury
8b68720504d6e5cfa41c41f99e5444c428727b0d
Date
Mon, 10 Jun 2019 18:45:58 GMT
Server
ZENEDGE
X-Cache-Status
NOTCACHED
Vary
Accept-Encoding
Content-Type
text/html;charset=utf-8
Location
http://taladraten.com/lag/led/widget/1-1681-38a953ce6ea2020a294e9682918c942e/atx.js?cl=BANNER_300x50_1
Transfer-Encoding
chunked
Connection
keep-alive
afu.php
clickadu.com/
Redirect Chain
  • http://perzhru.com/get/tpi/1-1681-941c27779e07c50d2a9bd829cdfc04b2/lib.js?cl=BANNER_300x100_2
  • http://licantrum.com/lag/led/widget/1-1681-941c27779e07c50d2a9bd829cdfc04b2/atx.js?cl=BANNER_300x100_2
  • http://clickadu.com/afu.php?zoneid=723740
  • https://clickadu.com/afu.php?zoneid=723740
0
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clickadu.com/afu.php?zoneid=723740
Requested by
Host: sexaag.com
URL: http://sexaag.com/
Protocol
HTTP/1.1
Security
TLS 1.0, ECDHE_RSA, AES_128_CBC
Server
194.187.97.215 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
v-6-08-35-d4583-215.webazilla.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Jun 2019 18:45:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream

Redirect headers

Location
https://clickadu.com/afu.php?zoneid=723740
Date
Mon, 10 Jun 2019 18:45:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
apu.php
syndapop.com/ 		59 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://syndapop.com/apu.php?zoneid=1585039
Requested by
Host: sexaag.com
URL: http://sexaag.com/
Protocol
HTTP/1.1
Security
, ,
Server
109.206.164.148 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.164.148.serverel.net
Software
nginx /
Resource Hash
6d15c739b9e7096baf37d373f133fe908c75c8299c03a7e4722988417d81c998

Request headers

Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Jun 2019 18:45:58 GMT
Last-Modified
Mon, 13 May 2019 12:00:31 GMT
Server
nginx
ETag
W/"5cd95c5f-eb91"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
Timing-Allow-Origin
*
counter.js
gostats.com/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://gostats.com/js/counter.js
Requested by
Host: sexaag.com
URL: http://sexaag.com/
Protocol
HTTP/1.1
Security
, ,
Server
104.236.14.237 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
gostats.com-main
Software
nginx /
Resource Hash
27523b3ee68080791d0a0f1c223de76810f7e644841e599eab85d6c116633022

Request headers

Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Jun 2019 18:45:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Aug 2016 14:13:41 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 10 Jul 2019 18:45:58 GMT
bg.png
sexaag.com/images/ 		142 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sexaag.com/images/bg.png
Requested by
Host: sexaag.com
URL: http://sexaag.com/
Protocol
HTTP/1.1
Security
, ,
Server
62.4.22.236 , France, ASN12876 (AS12876, FR),
Reverse DNS
62-4-22-236.rev.poneytelecom.eu
Software
nginx /
Resource Hash
3a7ca09aa6040f7ff76aa11ff1886c5b3506566bfdaae1b7b0c4429be12b7512

Request headers

Referer
http://sexaag.com/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Jun 2019 18:45:58 GMT
Last-Modified
Fri, 12 Jul 2013 22:00:00 GMT
Server
nginx
ETag
"51e07c60-8e"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
142
Expires
Wed, 10 Jul 2019 18:45:58 GMT
20160720115028-80be2476.gif
cdn.taladraten.com/lag/hyper-config/rdram/upload/2016/07/20/
Redirect Chain
  • http://taladraten.com/lag/led/widget/1-1681-38a953ce6ea2020a294e9682918c942e/5cfea5669b6c36.42501358/unforeseen?jdu=BANNER_300x50_1&ori=3x
  • http://cdn.taladraten.com/lag/hyper-config/rdram/upload/2016/07/20/20160720115028-80be2476.gif
12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taladraten.com/lag/hyper-config/rdram/upload/2016/07/20/20160720115028-80be2476.gif
Requested by
Host: sexaag.com
URL: http://sexaag.com/
Protocol
HTTP/1.1
Security
, ,
Server
89.255.250.54 , Germany, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
a1ac2a0a4298d58fc777386ac26cbcc130003a6902cc2f0440b5385e8868caf5

Request headers

Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Jun 2019 18:45:59 GMT
CDN-Cache-Hit
1
Last-Modified
Wed, 20 Jul 2016 09:51:06 GMT
Server
leasewebcdn/5.4.2
X-Cache-Status
HIT
Content-Type
image/gif
CDN-Cache
HIT
Cache-Control
max-age=604800
CDN-Node
FRA1-SO03022
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12701
Expires
Sat, 06 Apr 2019 00:39:06 GMT

Redirect headers

X-Zen-Fury
06a5f858f217d50f6795985e115098b233a03a92
Date
Mon, 10 Jun 2019 18:45:58 GMT
Server
ZENEDGE
X-Cache-Status
NOTCACHED
Vary
Accept-Encoding
Content-Type
text/html;charset=utf-8
Location
http://cdn.taladraten.com/lag/hyper-config/rdram/upload/2016/07/20/20160720115028-80be2476.gif
Transfer-Encoding
chunked
Connection
keep-alive
X-Cdn
Served-By-Zenedge
warning
bitly.com/a/
Redirect Chain
  • http://bit.ly/2sfC4wg
  • https://bitly.com/a/warning?hash=2sfC4wg&url=http%3A%2F%2Fmobile.juicyads.com%2Fservice_async.php%2FserveAd%3FJSON-response-callback%3Drpc.callbacks.r1%26id%3D1%26c%3D107158%26s%3D196089
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitly.com/a/warning?hash=2sfC4wg&url=http%3A%2F%2Fmobile.juicyads.com%2Fservice_async.php%2FserveAd%3FJSON-response-callback%3Drpc.callbacks.r1%26id%3D1%26c%3D107158%26s%3D196089
Requested by
Host: sexaag.com
URL: http://sexaag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.199.248.14 , United States, ASN395224 (BITLY-AS - Bitly Inc, US),
Reverse DNS
bitly.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://sexaag.com/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Location
https://bitly.com/a/warning?hash=2sfC4wg&url=http%3A%2F%2Fmobile.juicyads.com%2Fservice_async.php%2FserveAd%3FJSON-response-callback%3Drpc.callbacks.r1%26id%3D1%26c%3D107158%26s%3D196089
Date
Mon, 10 Jun 2019 18:45:58 GMT
Cache-Control
private, max-age=90
Server
nginx
Connection
keep-alive
Content-Length
277
Content-Type
text/html; charset=utf-8
count
c4.gostats.com/bin/ 		95 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c4.gostats.com/bin/count?0.1597560039472783&a=381571&t=5&i=1&r=&p=http%3A%2F%2Fsexaag.com%2F&c=y&j=n&w=1600&h=1200&d=24&js=1.7
Requested by
Host: sexaag.com
URL: http://sexaag.com/
Protocol
HTTP/1.1
Security
, ,
Server
104.236.14.237 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
gostats.com-main
Software
nginx /
Resource Hash
172e4e1fca052a61b5d95ba3b321c1f748fbd0aa08ec5914391abef89ee9f3cd

Request headers

Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Jun 2019 18:45:58 GMT
Last-Modified
Wed, 27 Feb 2008 08:20:02 GMT
Server
nginx
ETag
"47c51d32-5f"
P3P
policyref="/w3c/p3p.xml", CP="NOI PSA ADM OUR IND ONL UNI COM NAV INT DEM PRE LOC"
Cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
95
Expires
Thu, 01 Jan 1970 00:00:01 GMT
1585039
syndapop.com/get/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://syndapop.com/get/1585039?zoneid=1585039&jp=_clq6tnm7b7ke5yzr4d8rew&nojs=0&ix=0&t=1&x=1600&y=1200
Requested by
Host: syndapop.com
URL: http://syndapop.com/apu.php?zoneid=1585039
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
109.206.164.148 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.164.148.serverel.net
Software
nginx /
Resource Hash
76b1013c46d86b5ca378f48331ea6a851e9ac5adada088b2f20d9f38371fb70e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Jun 2019 18:45:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
/
instantresp.com/ssp/req/1585039/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://instantresp.com/ssp/req/1585039/?pb=6977d2a706ffc0d8e9927404633ae8bd1560199558&psp=lf8ARTZ9o1gNFz2o8wCbpto2kfubFWvLBdn-ecEji_s7pJ5Ur79sEY7z0CJfHyKg4PImmVGssJzeBjGoFNVIguxAoQ5V3rxeEq8W3jjkfwCK-g3Hfo989HsGvxJYKEECghUlF2KOWeFloCT6AlaGnTVLGxNXiZrKHE6l6NQOQNnCXCemjUO2zZAWuHiSE3yRstADCXqJqic4RkQEXnL2XjfOHHm_R29oisW1B7FpGh2qgw0tO5auIZvWHRu_dvUFGQ1EUrJq7z9KZMaO-TrxPjyq_B969OQkA38e52yXiVYkhWRjWW1qRtYYnLQLgjKozf747igi7IdqPiZ7zf191VXaYJgCNO4o6hUbb9HhFSfDF6E=&cb=_cli3lpohel2yrgnsfp5110&nojs=0&ix=0&t=1&x=1600&y=1200
Requested by
Host: syndapop.com
URL: http://syndapop.com/apu.php?zoneid=1585039
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
109.206.164.148 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.164.148.serverel.net
Software
nginx /
Resource Hash
68c94c343de04ddfd21a7d3d7fa91063732e788766f260ad67c44c4437b876ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Jun 2019 18:45:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
ntfc.php
pushance.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pushance.com/ntfc.php?p=1641834
Requested by
Host: syndapop.com
URL: http://syndapop.com/apu.php?zoneid=1585039
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.215.102 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e382ad8c078924202f8aef3db8aa0b565d74b7a5a43568a9f067b505dc80cce8

Request headers

Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jun 2019 18:45:56 GMT
Content-Encoding
gzip
Content-Type
application/javascript; charset=utf-8
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Max-Age
86400
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Mon, 26 Jul 1997 05:00:00 GMT
notice.php
tslomhfys.com/ 		37 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tslomhfys.com/notice.php?p=1544603&interactive=1&pushup=1
Requested by
Host: syndapop.com
URL: http://syndapop.com/apu.php?zoneid=1585039
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
31.220.24.95 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Jun 2019 18:45:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Transfer-Encoding
chunked
Connection
keep-alive
ntfc.php
pushance.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pushance.com/ntfc.php?p=1641834&r=ui&swver=3.1.52
Requested by
Host: pushance.com
URL: https://pushance.com/ntfc.php?p=1641834
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.215.102 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
a295dc9e77c19b24f576bacd464993eb90ede0a0fc4aa2b450092180b09f80ad

Request headers

Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Jun 2019 18:45:56 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Max-Age
86400
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
custom
pushance.com/ 		0
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushance.com/custom
Requested by
Host: pushance.com
URL: https://pushance.com/ntfc.php?p=1641834&r=ui&swver=3.1.52
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.215.102 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://sexaag.com
Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Mon, 10 Jun 2019 18:45:57 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://sexaag.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
0
gid.js
my.rtmark.net/ 		65 B
744 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=268f3d7b613e4bd183eea29f9b698891&checkDuplicate=true
Requested by
Host: pushance.com
URL: https://pushance.com/ntfc.php?p=1641834&r=ui&swver=3.1.52
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.42.160.80 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
017d336e71048878bf10c1e06c855ef414907e6780d38f26ef886595aa7417b5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://sexaag.com/
Origin
http://sexaag.com

Response headers

Date
Mon, 10 Jun 2019 18:45:59 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://sexaag.com
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length
65
custom
pushance.com/ 		39 B
484 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushance.com/custom
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.215.102 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://sexaag.com/
Origin
http://sexaag.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
2f7ef65daf7a57298ee656a1a29eafa3
Date
Mon, 10 Jun 2019 18:45:57 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://sexaag.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
truncated
/ Frame 0DAC 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91

Request headers

Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
pushance.com/ 		0
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushance.com/custom
Requested by
Host: pushance.com
URL: https://pushance.com/ntfc.php?p=1641834&r=ui&swver=3.1.52
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.215.102 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://sexaag.com
Referer
http://sexaag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Mon, 10 Jun 2019 18:45:57 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://sexaag.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
0
custom
pushance.com/ 		39 B
484 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushance.com/custom
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.215.102 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://sexaag.com/
Origin
http://sexaag.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
2c5795f75ca1fc12e6f3ead8a9ccf3ee
Date
Mon, 10 Jun 2019 18:45:57 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://sexaag.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| multiPopunder function| o2RR function| C2RR function| a2RR function| C1NN function| V2RR function| _nkgds function| _ukfyajk string| _js undefined| _go_track_img undefined| _go_track_src function| _GoStatsEscape function| _GoStatsClick function| _GoStatsAddEvents function| _GoStatsTrack function| _GoStatsGetJsVersion function| _GoStatsGetCookieEnabled function| _GoStatsRun function| _tagTracking function| _GoStatsRun2 function| listen_loader function| dom_content_loaded function| ready_state_change function| try_scroll function| content_ready function| listen_to function| unlisten_to string| _go_js object| nanoajax string| _gos number| _goa number| _got number| _goi string| _gol function| S8XX number| i20000 number| H4P number| z0P function| rCs9X function| _clq6tnm7b7ke5yzr4d8rew function| _cli3lpohel2yrgnsfp5110 function| PPFLSH15601923589060a822472163216134click function| onClickTrigger boolean| zfgloadedpopup string| optionsAxXB324Fe string| laryAxXB324Fe boolean| zfgloadedpushopt object| _0x2603 function| _0x24f6 object| ntfcSDK object| zfgformats boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushcode

2 Cookies

Domain/Path Name / Value
.sexaag.com/ Name: __PPU_BACKCLCK_1585039
Value: true
sexaag.com/ Name:
Value: __test

2 Console Messages

Source Level URL
Text
console-api warning URL: https://pushance.com/ntfc.php?p=1641834&r=ui&swver=3.1.52(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://pushance.com/ntfc.php?p=1641834&r=ui&swver=3.1.52(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
bitly.com
c4.gostats.com
cdn.taladraten.com
clickadu.com
gostats.com
instantresp.com
licantrum.com
my.rtmark.net
perzhru.com
pushance.com
sexaag.com
syndapop.com
taladraten.com
tslomhfys.com
104.236.14.237
109.206.164.148
188.42.160.80
188.72.215.102
194.187.97.215
205.147.93.131
205.147.93.132
31.220.24.95
62.4.22.236
67.199.248.10
67.199.248.14
89.255.250.54
017d336e71048878bf10c1e06c855ef414907e6780d38f26ef886595aa7417b5
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91
172e4e1fca052a61b5d95ba3b321c1f748fbd0aa08ec5914391abef89ee9f3cd
2600f173cad937afc4095be66eedbe9443f8ce1f142984aa83eb8155264d73ba
27523b3ee68080791d0a0f1c223de76810f7e644841e599eab85d6c116633022
3a7ca09aa6040f7ff76aa11ff1886c5b3506566bfdaae1b7b0c4429be12b7512
3ab5b76930319f6343ebfff8781e3cfcc7f3ae3e5ab73918d77103fc7c6eacef
68c94c343de04ddfd21a7d3d7fa91063732e788766f260ad67c44c4437b876ea
6d15c739b9e7096baf37d373f133fe908c75c8299c03a7e4722988417d81c998
76b1013c46d86b5ca378f48331ea6a851e9ac5adada088b2f20d9f38371fb70e
88ca442cef702956b9abea863f92e69da0199d106c765286c6b39f95a84e6e6f
a1ac2a0a4298d58fc777386ac26cbcc130003a6902cc2f0440b5385e8868caf5
a295dc9e77c19b24f576bacd464993eb90ede0a0fc4aa2b450092180b09f80ad
c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165
e382ad8c078924202f8aef3db8aa0b565d74b7a5a43568a9f067b505dc80cce8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f34a639a682244338507547c8dbb122dc00cdbc57d32450ae2c076d59e288b0a
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881