urlscan.io logo urlscan.io
SecurityTrails logo

www.firstadultgames.com Open in urlscan Pro
54.164.226.84  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.grtyv.com/8ukelfwlds?url_id=18543&aff_id=109066&offer_id=6132&bo=3511,3512,3521,3522
Effective URL: https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
Submission: On January 05 via manual from PK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 14 HTTP transactions. The main IP is 54.164.226.84, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.firstadultgames.com.
TLS certificate: Issued by Amazon on July 20th 2019. Valid for: a year.
This is the only time www.firstadultgames.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 107.178.242.109 15169 (GOOGLE)
1 205.185.216.10 20446 (HIGHWINDS3)
1 2 54.164.226.84 14618 (AMAZON-AES)
5 205.185.216.42 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.14.110 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.225.78.60 16509 (AMAZON-02)
1 162.247.242.20 23467 (NEWRELIC-...)
14 10
2    107.178.242.109 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 109.242.178.107.bc.googleusercontent.com
t.grtyv.com
t.irtyf.com
1    205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
ckstatic.com
2    54.164.226.84 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-164-226-84.compute-1.amazonaws.com
www.firstadultgames.com
5    205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
static.firstadultgames.com
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
2    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    13.225.78.60 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-60.fra2.r.cloudfront.net
cdn.freshmarketer.com
1    162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net
bam.nr-data.net
Domain Requested by
5 static.firstadultgames.com www.firstadultgames.com
2 www.google-analytics.com www.googletagmanager.com
2 www.firstadultgames.com 1 redirects t.grtyv.com
1 bam.nr-data.net js-agent.newrelic.com
1 cdn.freshmarketer.com t.grtyv.com
1 js-agent.newrelic.com www.firstadultgames.com
1 www.googletagmanager.com www.firstadultgames.com
1 t.irtyf.com 1 redirects
1 ckstatic.com t.grtyv.com
1 t.grtyv.com
14 10

This site contains no links.

Subject Issuer Validity Valid
t.connexionsafe.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-27 -
2021-09-26		 2 years crt.sh
ckstatic.com
Let's Encrypt Authority X3		 2019-11-07 -
2020-02-05		 3 months crt.sh
*.filf.com
Amazon		 2019-07-20 -
2020-08-20		 a year crt.sh
firstadultgames.com
Let's Encrypt Authority X3		 2019-11-07 -
2020-02-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
cdn.freshmarketer.com
Amazon		 2019-08-26 -
2020-09-26		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
Frame ID: 8A515976A9FBFC2A034276AA83801666
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.grtyv.com/8ukelfwlds?url_id=18543&aff_id=109066&offer_id=6132&bo=3511,3512,3521,3522 Page URL
  2. http://t.irtyf.com/m50bkluo8x?campaign_id=3896&aff_id=109066&aff_sub=&aff_sub2=&aff_sub3=&aff_s... HTTP 302
    http://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15 HTTP 301
    https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i

Page Statistics

14
Requests

100 %
HTTPS

22 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

7996 kB
Transfer

8407 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.grtyv.com/8ukelfwlds?url_id=18543&aff_id=109066&offer_id=6132&bo=3511,3512,3521,3522 Page URL
  2. http://t.irtyf.com/m50bkluo8x?campaign_id=3896&aff_id=109066&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&source=&transaction_id=1021b49f78dc806876225a84f18e9a&steps=%7Bstep%7D&url=2 HTTP 302
    http://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15 HTTP 301
    https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
8ukelfwlds
t.grtyv.com/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.grtyv.com/8ukelfwlds?url_id=18543&aff_id=109066&offer_id=6132&bo=3511,3512,3521,3522
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.242.109 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
109.242.178.107.bc.googleusercontent.com
Software
nginx/1.13.12 / Express
Resource Hash
6fef9652a713df8311fe6243ac3cea44ef2b6693969ab9769d4c0dbb354f3fd2

Request headers

:method
GET
:authority
t.grtyv.com
:scheme
https
:path
/8ukelfwlds?url_id=18543&aff_id=109066&offer_id=6132&bo=3511,3512,3521,3522
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
x-powered-by
Express
actioncode
0
realaction
/aff_c
date
Sun, 05 Jan 2020 03:57:19 GMT
content-type
text/html; charset=iso-8859-1
content-length
1842
server
nginx/1.13.12
expires
Sat, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
x-robots-tag
noindex, nofollow
tracking_id
1021b49f78dc806876225a84f18e9a
set-cookie
aff_ran_url_6132=18543; expires=Mon, 06 Jan 2020 03:57:18 GMT; path=/; enc_aff_session_6132=ENC0397a16772859e137983fb504e8af42bc7b730e0b3d78521bd94c5d0fc8db320f88880ab7618a4f95cccddea605b7812d8220f4179108bd3a2e32a3ca29b2498264eb3ecf37113bf3d277eded88336550965fe47416643839670cdbb29cc1e716600a84943cd79161dec114e99ae20ab12df32efb72f1683ad71f6f6f919fb393033572f58; expires=Tue, 04 Jan 2022 03:57:18 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Tue, 29 Nov 2022 14:37:18 GMT; path=/;
p3p
CP="NOI CUR OUR NOR INT"
access-control-allow-origin
*
x-request-id
fe46ed69b78fa0df381c8a52caa851ee
etag
W/"732-mDW9JzLj6DgxXoFZHdxteQSkQGI"
via
1.1 google
alt-svc
clear
history.js
ckstatic.com/js/historyjs/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ckstatic.com/js/historyjs/history.js
Requested by
Host: t.grtyv.com
URL: https://t.grtyv.com/8ukelfwlds?url_id=18543&aff_id=109066&offer_id=6132&bo=3511,3512,3521,3522
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Referer
https://t.grtyv.com/8ukelfwlds?url_id=18543&aff_id=109066&offer_id=6132&bo=3511,3512,3521,3522
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 Jan 2020 03:57:19 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Dec 2014 21:06:56 GMT
ETag
"1417727216"
X-HW
1578196639.dop018.fr8.t,1578196639.cds012.fr8.shn,1578196639.cds012.fr8.c
Content-Type
text/javascript
Cache-Control
max-age=62106
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6880
Primary Request /
www.firstadultgames.com/28492/
Redirect Chain
  • http://t.irtyf.com/m50bkluo8x?campaign_id=3896&aff_id=109066&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&source=&transaction_id=1021b49f78dc806876225a84f18e9a&steps=%7Bstep%7D&url=2
  • http://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
  • https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
14 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
Requested by
Host: t.grtyv.com
URL: https://t.grtyv.com/8ukelfwlds?url_id=18543&aff_id=109066&offer_id=6132&bo=3511,3512,3521,3522
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.226.84 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-164-226-84.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
2bdd8b06d2fc31779827c180be336e38ba6a7b7e51d530531a4a72a9b2b7ff54

Request headers

:method
GET
:authority
www.firstadultgames.com
:scheme
https
:path
/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 05 Jan 2020 03:57:20 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.12.2
vary
Accept-Encoding
cache-control
no-cache
x-robots-tag
noindex, nofollow
tracker
1.7557.NL.28492.typein_direct_Jan2020
outlinksenabled
0
usevarnish
0
set-cookie
tracking=%7B%22aff%22%3A%221%22%2C%22subId1%22%3A%22%22%2C%22subId2%22%3A%2210279a0d0833cd38f1014910f2bb3b%22%2C%22subId3%22%3A%22%22%2C%22subId4%22%3A%22109066%22%2C%22typeInUrl%22%3A%22%22%2C%22urlParam%22%3A%2215%22%2C%22tourId%22%3A%2228492%22%2C%22mirrorId%22%3A%22%22%7D; expires=Sun, 12-Jan-2020 03:57:20 GMT; path=/ hash=264eee886f88339545ed59f3e641094dd728b82d; expires=Sun, 12-Jan-2020 03:57:20 GMT; path=/ crak=%7B%227557%22%3A%7B%22aff%22%3A%221%22%2C%22track%22%3A%22%22%2C%22subid2%22%3A%2210279a0d0833cd38f1014910f2bb3b%22%2C%22subid3%22%3A%22%22%2C%22subid4%22%3A%22109066%22%2C%22typein_url%22%3A%22%22%2C%22url_id%22%3A%2215%22%2C%22exp%22%3A%221578801440%22%2C%22click%22%3A%22%22%7D%7D; expires=Sun, 12-Jan-2020 03:57:20 GMT; path=/; httponly regional=%5B%22De+Jordaan%22%2C%22Watergraafsmeer%22%2C%22Ouderkerk%22%2C%22Hembrug%22%2C%22Nieuwer+Amstel%22%2C%22Slotervaart%22%2C%22Haal%22%2C%22Bijlmer%22%2C%22Ilpendam%22%2C%22Slotermeer%22%5D; expires=Wed, 05-Feb-2020 03:57:20 GMT; path=/; httponly locale=en; expires=Mon, 06-Jan-2020 03:57:20 GMT; path=/; httponly
content-encoding
gzip
x-cache-layer-request
disabled
x-original-host
www.firstadultgames.com
x-uncacheable
1
x-varnish
2403854
age
0
via
1.1 varnish-v4
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes

Redirect headers

Date
Sun, 05 Jan 2020 03:57:19 GMT
Content-Length
0
Connection
keep-alive
Server
Varnish
X-Varnish
291669622
location
https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
app.da7afe22.css
static.firstadultgames.com/cr2//www.firstadultgames.com-28245/assets/styles/ 		68 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.firstadultgames.com/cr2//www.firstadultgames.com-28245/assets/styles/app.da7afe22.css
Requested by
Host: www.firstadultgames.com
URL: https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
8bddddceb1a698c16166027a77f4fc58b8d8656dc4e344187b7b2a5af3a0e8d8

Request headers

Referer
https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 Jan 2020 03:57:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jul 2019 20:39:54 GMT
ETag
"1562877594"
X-HW
1578196640.dop160.fr8.t,1578196640.cds011.fr8.shn,1578196640.dop160.fr8.t,1578196640.cds059.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=41792
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
19611
modernizr-custom.js
static.firstadultgames.com/cr2/assets/scripts/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.firstadultgames.com/cr2/assets/scripts/modernizr-custom.js
Requested by
Host: www.firstadultgames.com
URL: https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
cea3e58d7a90dbcf85d6fe63bd88b8bf9a0da6b8df8409260738229c8ddc6b86

Request headers

Referer
https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 Jan 2020 03:57:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Sep 2018 17:45:41 GMT
ETag
"1537379141"
X-HW
1578196640.dop160.fr8.t,1578196640.cds013.fr8.shn,1578196640.cds013.fr8.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=49307
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4285
app.a08a1e39.js
static.firstadultgames.com/cr2//www.firstadultgames.com-28245/assets/scripts/ 		306 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.firstadultgames.com/cr2//www.firstadultgames.com-28245/assets/scripts/app.a08a1e39.js
Requested by
Host: www.firstadultgames.com
URL: https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
afbb9b8521419b0961099174a691f8cf7713be976534d5e96630a54c89ee63ca

Request headers

Referer
https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 Jan 2020 03:57:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jul 2019 20:39:53 GMT
ETag
"1562877593"
X-HW
1578196640.dop018.fr8.t,1578196640.cds005.fr8.shn,1578196640.dop018.fr8.t,1578196640.cds101.fr8.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=42968
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
92437
tracking-hasoffers-4-12-194.min.js
static.firstadultgames.com/cr2/assets/scripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.firstadultgames.com/cr2/assets/scripts/tracking-hasoffers-4-12-194.min.js
Requested by
Host: www.firstadultgames.com
URL: https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
3aafa3cd287da6cee8e81556c4aeb958229b9205bf802a3669a05c162cd9916a

Request headers

Referer
https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 Jan 2020 03:57:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Mar 2019 19:18:48 GMT
ETag
"1553195928"
X-HW
1578196640.dop120.fr8.t,1578196640.cds100.fr8.shn,1578196640.cds100.fr8.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=68438
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2660
gtm.js
www.googletagmanager.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MH37XZ2
Requested by
Host: www.firstadultgames.com
URL: https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c826e6405164b163dd2e7927f9c3ae2b3e613a35e104593e92fb537d36ded5a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 Jan 2020 03:57:20 GMT
content-encoding
br
last-modified
Sun, 05 Jan 2020 03:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
30418
x-xss-protection
0
expires
Sun, 05 Jan 2020 03:57:20 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
nr-1158.min.js
js-agent.newrelic.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1158.min.js
Requested by
Host: www.firstadultgames.com
URL: https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
005414ad9d93e4cb677b5e4f87112b0ff6d3731b414bc425bfa1bb94c99a081a

Request headers

Referer
https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 Jan 2020 03:57:20 GMT
content-encoding
gzip
x-amz-request-id
ACCAA6FC9CC752FB
x-cache
HIT
status
200
content-length
10068
x-amz-id-2
qb8oRyQPV5RWDkM/YaSpwqe1Tk7N9qddW/sEyzaPUyo5r36anYuFHO7Y/HryGZAiK36w5kQo38I=
x-served-by
cache-fra19178-FRA
last-modified
Wed, 18 Dec 2019 00:24:13 GMT
server
AmazonS3
x-timer
S1578196640.363500,VS0,VE0
etag
"0be8452b990e805f60431dce9e0279b2"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1992
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH37XZ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1146
date
Sun, 05 Jan 2020 03:38:14 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sun, 05 Jan 2020 05:38:14 GMT
438576767e4ca1597213c3d2e07ed90db257b990.mp4
static.firstadultgames.com/cr2/global/profiles/dj7Zwe/123972/ 		8 MB
8 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.firstadultgames.com/cr2/global/profiles/dj7Zwe/123972/438576767e4ca1597213c3d2e07ed90db257b990.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash

Request headers

Referer
https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 05 Jan 2020 03:57:20 GMT
Last-Modified
Tue, 04 Sep 2018 18:45:34 GMT
Access-Control-Allow-Origin
*
ETag
"1536086734"
X-HW
1578196640.dop018.fr8.t,1578196640.cds005.fr8.shn,1578196640.dop018.fr8.t,1578196640.cds081.fr8.c
Content-Type
video/mp4
Content-Range
bytes 0-7990549/7990550
Cache-Control
max-age=50782
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7990550
455132.js
cdn.freshmarketer.com/175300/ 		0
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.freshmarketer.com/175300/455132.js
Requested by
Host: t.grtyv.com
URL: https://t.grtyv.com/8ukelfwlds?url_id=18543&aff_id=109066&offer_id=6132&bo=3511,3512,3521,3522
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-60.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
lWu9dpATg3beqAl.nARV7c21g0tnZAbD
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Fri, 25 Oct 2019 19:01:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=120
date
Sun, 05 Jan 2020 03:57:21 GMT
accept-ranges
bytes
content-length
0
x-amz-cf-id
q2uXSf1ajh-AxwWR50t1lwfSq5eHy53Oml95aPZz-dLckkUey_oIHw==
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=667312556&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firstadultgames.com%2F28492%2F%3Fimg%3Ddj7Zwe%26s2%3D10279a0d0833cd38f1014910f2bb3b%26s4%3D109066%26s3%3D%26url%3D15&ul=en-us&de=UTF-8&dt=Play%20Now!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEAD~&jid=2018103883&gjid=1296329509&cid=21796774.1578196640&tid=UA-26908329-39&_gid=1891563225.1578196640&_r=1&gtm=2wgc61MH37XZ2&cd1=10279a0d0833cd38f1014910f2bb3b&cd2=&cd3=109066&cd4=dj7Zwe&z=700248151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Jan 2020 03:57:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
91e9769ef2
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/91e9769ef2?a=198628682&v=1158.afc605b&to=ZAcBYEQHDUtSBkRfWF1NIldCDwxWHAZCV1xsDgJaUg8NXx0DQllZRwcNUBgODFVWOkRZQkE%3D&rst=1130&ref=https://www.firstadultgames.com/28492/&ap=188&be=842&fe=1058&dc=1057&perf=%7B%22timing%22:%7B%22of%22:1578196639248,%22n%22:0,%22f%22:344,%22dn%22:345,%22dne%22:345,%22c%22:345,%22s%22:358,%22ce%22:540,%22rq%22:541,%22rp%22:831,%22rpe%22:831,%22dl%22:835,%22di%22:1057,%22ds%22:1057,%22de%22:1058,%22dc%22:1058,%22l%22:1058,%22le%22:1059%7D,%22navigation%22:%7B%7D%7D&fp=1027&fcp=1027&at=SEAWFgwdHhQRBBIMTE4f&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1158.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://www.firstadultgames.com/28492/?img=dj7Zwe&s2=10279a0d0833cd38f1014910f2bb3b&s4=109066&s3=&url=15
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
www.firstadultgames.com/ Name: tracking
Value: %7B%22aff%22%3A1%2C%22subId1%22%3A%22%22%2C%22subId2%22%3A%2210279a0d0833cd38f1014910f2bb3b%22%2C%22subId3%22%3A%22%22%2C%22subId4%22%3A%22109066%22%2C%22typeInUrl%22%3A%22%22%2C%22urlParam%22%3A%2215%22%2C%22tourId%22%3A28492%2C%22mirrorId%22%3Anull%7D
www.firstadultgames.com/ Name: regional
Value: %5B%22De+Jordaan%22%2C%22Watergraafsmeer%22%2C%22Ouderkerk%22%2C%22Hembrug%22%2C%22Nieuwer+Amstel%22%2C%22Slotervaart%22%2C%22Haal%22%2C%22Bijlmer%22%2C%22Ilpendam%22%2C%22Slotermeer%22%5D
www.firstadultgames.com/ Name: crak
Value: %7B%227557%22%3A%7B%22aff%22%3A%221%22%2C%22track%22%3A%22%22%2C%22subid2%22%3A%2210279a0d0833cd38f1014910f2bb3b%22%2C%22subid3%22%3A%22%22%2C%22subid4%22%3A%22109066%22%2C%22typein_url%22%3A%22%22%2C%22url_id%22%3A%2215%22%2C%22exp%22%3A%221578801440%22%2C%22click%22%3A%22%22%7D%7D
www.firstadultgames.com/ Name: locale
Value: en
www.firstadultgames.com/ Name: hash
Value: 264eee886f88339545ed59f3e641094dd728b82d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.freshmarketer.com
ckstatic.com
js-agent.newrelic.com
static.firstadultgames.com
t.grtyv.com
t.irtyf.com
www.firstadultgames.com
www.google-analytics.com
www.googletagmanager.com
107.178.242.109
13.225.78.60
151.101.14.110
162.247.242.20
205.185.216.10
205.185.216.42
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
54.164.226.84
005414ad9d93e4cb677b5e4f87112b0ff6d3731b414bc425bfa1bb94c99a081a
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045
2bdd8b06d2fc31779827c180be336e38ba6a7b7e51d530531a4a72a9b2b7ff54
3aafa3cd287da6cee8e81556c4aeb958229b9205bf802a3669a05c162cd9916a
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
6fef9652a713df8311fe6243ac3cea44ef2b6693969ab9769d4c0dbb354f3fd2
7c826e6405164b163dd2e7927f9c3ae2b3e613a35e104593e92fb537d36ded5a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8bddddceb1a698c16166027a77f4fc58b8d8656dc4e344187b7b2a5af3a0e8d8
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
afbb9b8521419b0961099174a691f8cf7713be976534d5e96630a54c89ee63ca
cea3e58d7a90dbcf85d6fe63bd88b8bf9a0da6b8df8409260738229c8ddc6b86
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23