urlscan.io logo urlscan.io
SecurityTrails logo

teenfinder.online Open in urlscan Pro
185.155.184.231  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://googlelinkedin.com/
Effective URL: https://teenfinder.online/?u=7pfk605&o=e9ym176&cid=76a6d99c575c0b9e1f6788dc44016e6a-11246-0911
Submission: On September 11 via api from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 27 HTTP transactions. The main IP is 185.155.184.231, located in and belongs to . The main domain is teenfinder.online.
TLS certificate: Issued by R3 on July 23rd 2023. Valid for: 3 months.
This is the only time teenfinder.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.177.71 61969 (TEAMINTER...)
1 54.230.104.64 16509 (AMAZON-02)
2 18.232.14.192 14618 (AMAZON-AES)
2 3 173.239.53.32 27257 (WEBAIR-IN...)
1 130.211.29.114 15169 (GOOGLE)
2 35.241.15.240 15169 (GOOGLE)
1 1 20.97.14.56 8075 (MICROSOFT...)
1 185.155.184.231 ()
27 8
4    185.53.177.71 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
googlelinkedin.com
1    54.230.104.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-104-64.mrs52.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
2    18.232.14.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-14-192.compute-1.amazonaws.com
phraa-lby.com
3    173.239.53.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml-v4.howboxmab.site
tq.howboxmab.site
1    130.211.29.114 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com
2    35.241.15.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com
1    20.97.14.56 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
go.proffering.xyz
1    185.155.184.231 (None, )

ASN- ()
teenfinder.online
Apex Domain
Subdomains		 Transfer
4 googlelinkedin.com
googlelinkedin.com
4 KB
3 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 20910
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 9319
9 KB
3 howboxmab.site
xml-v4.howboxmab.site — Cisco Umbrella Rank: 58469
tq.howboxmab.site — Cisco Umbrella Rank: 353438
16 KB
2 phraa-lby.com
phraa-lby.com — Cisco Umbrella Rank: 174422
3 KB
1 teenfinder.online
teenfinder.online
1 proffering.xyz
go.proffering.xyz
923 B
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
2 KB
0 googleapis.com Failed
fonts.googleapis.com Failed
27 8
Domain Requested by
4 googlelinkedin.com d38psrni17bvxu.cloudfront.net
googlelinkedin.com
2 cas.avalon.perfdrive.com cdn.perfdrive.com
2 xml-v4.howboxmab.site 2 redirects
2 phraa-lby.com googlelinkedin.com
phraa-lby.com
1 teenfinder.online teenfinder.online
1 go.proffering.xyz 1 redirects
1 cdn.perfdrive.com tq.howboxmab.site
1 tq.howboxmab.site phraa-lby.com
1 d38psrni17bvxu.cloudfront.net googlelinkedin.com
0 fonts.googleapis.com Failed teenfinder.online
27 10

This site contains no links.

Subject Issuer Validity Valid
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2022-09-20 -
2023-09-26		 a year crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-07-24 -
2024-08-05		 a year crt.sh
teenfinder.online
R3		 2023-07-23 -
2023-10-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://teenfinder.online/?u=7pfk605&o=e9ym176&cid=76a6d99c575c0b9e1f6788dc44016e6a-11246-0911
Frame ID: AFED51FB96900750B8C69A523AB0D05B
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://googlelinkedin.com/ Page URL
  2. http://phraa-lby.com/zclkvisitor/1efc8d11-50e3-11ee-8b40-12b5e3acdc35/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. http://phraa-lby.com/zclkredirect?visitid=1efc8d11-50e3-11ee-8b40-12b5e3acdc35&type=js&browserWid... Page URL
  4. http://xml-v4.howboxmab.site/click?seat=2114927&i=afoTR6sJvRE_0 HTTP 302
    http://tq.howboxmab.site/filter?q=&i=afoTR6sJvRE_0&ci=-6752733564569376860&t=682153103&h=26 Page URL
  5. http://xml-v4.howboxmab.site/click2?i=afoTR6sJvRE_0&ci=-6752733564569376860&j=rv%3Db%26ss%3D1600x1200%26w... HTTP 302
    https://go.proffering.xyz/15Gu5p?zoneid=13790955715&pubfeed=397303/397303.13790955715&campaign=671642&... HTTP 302
    https://teenfinder.online/?u=7pfk605&o=e9ym176&cid=76a6d99c575c0b9e1f6788dc44016e6a-11246-0911 Page URL

Page Statistics

27
Requests

15 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

8
IPs

2
Countries

32 kB
Transfer

53 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://googlelinkedin.com/ Page URL
  2. http://phraa-lby.com/zclkvisitor/1efc8d11-50e3-11ee-8b40-12b5e3acdc35/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f0f2ab6-50e3-11ee-8b40-12b5e3acdc35 Page URL
  3. http://phraa-lby.com/zclkredirect?visitid=1efc8d11-50e3-11ee-8b40-12b5e3acdc35&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false Page URL
  4. http://xml-v4.howboxmab.site/click?seat=2114927&i=afoTR6sJvRE_0 HTTP 302
    http://tq.howboxmab.site/filter?q=&i=afoTR6sJvRE_0&ci=-6752733564569376860&t=682153103&h=26 Page URL
  5. http://xml-v4.howboxmab.site/click2?i=afoTR6sJvRE_0&ci=-6752733564569376860&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D0x0%26ce%3D1%26ck%3Djc%26cv%3D3271%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D3%26rf%3Dphraa-lby.com%26lo%3Dtq.howboxmab.site%26mb%3D0%26hb%3D1%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F116.0.5845.179%2BSafari%252F537.36%26tp%3D14%26nd%3D0%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26er%3D%26shs%3D%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D1%26frc%3D1%26dbt%3D1%26prb%3D20030107%26tz%3D-480%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D1%26mmd_ao%3D%26mmd_ai%3D%26mmd_vi%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D4%26hrl%3D%26acd%3Dpppmp%26vcd%3Dppp%26pal%3D3%26pai%3D1%26pli%3D1%26win%3D1600x1200%26wout%3D1600x1200%26wpof%3D0x0%26bcld%3D1584x18%26scrp%3D0x0%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D52%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Ddenied%26cnvs%3D80808080 HTTP 302
    https://go.proffering.xyz/15Gu5p?zoneid=13790955715&pubfeed=397303/397303.13790955715&campaign=671642&cost=0.00042 HTTP 302
    https://teenfinder.online/?u=7pfk605&o=e9ym176&cid=76a6d99c575c0b9e1f6788dc44016e6a-11246-0911 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://xml-v4.howboxmab.site/click?seat=2114927&i=afoTR6sJvRE_0 HTTP 302
  • http://tq.howboxmab.site/filter?q=&i=afoTR6sJvRE_0&ci=-6752733564569376860&t=682153103&h=26

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
googlelinkedin.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://googlelinkedin.com/
Protocol
HTTP/1.1
Server
185.53.177.71 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
1a1541d6815051b8f1970027b52f7304eb96f96c9ff786d64d5e87a73f17c174

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Sep 2023 20:38:10 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_HDJrPEp2yngErIBkjG8nMPyf0WA/tZvjj1yysFX253TGdcJxeYyS1SWVUbPVD4DPy7Ve4PzxYwfs3JbZejU2DQ==
X-Buckets
bucket011
X-Domain
googlelinkedin.com
X-Language
english
X-Redirect
zeropark_zeroclick
X-Subdomain
X-Template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: googlelinkedin.com
URL: http://googlelinkedin.com/
Protocol
HTTP/1.1
Server
54.230.104.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-104-64.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://googlelinkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 05:55:41 GMT
Via
1.1 4a0cc1ef0dc7ada28fa94de0447121fe.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 11:12:07 GMT
Server
nginx
X-Amz-Cf-Pop
MRS52-C1
Age
52950
ETag
"63ce6b87-448"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1096
X-Amz-Cf-Id
OJAGo1ejSDD0gycEA1al8dMR2R36EQ6kmViSLVfpgws6Q367a2JU9g==
track.php
googlelinkedin.com/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://googlelinkedin.com/track.php?domain=googlelinkedin.com&toggle=browserjs&uid=MTY5NDQ2NDY5MC4xMDk4OjFkYmZjMjdkNTQ3NzAyZDNmZjI4NTczNmY4Njg5YzM4ZTg5OTgzNjQ1NDMxZGJmZTE1YjNlYzY4MzI0MjY5NTk6NjRmZjdhYjIxYWQwZg%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.177.71 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://googlelinkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 20:38:12 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
ls.php
googlelinkedin.com/ 		16 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://googlelinkedin.com/ls.php?t=64ff7ab2&token=ba775f522c3ee68c43ea9760f24fbaa4c76b761a
Requested by
Host: googlelinkedin.com
URL: http://googlelinkedin.com/
Protocol
HTTP/1.1
Server
185.53.177.71 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://googlelinkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 20:38:12 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_IIbKpUK7jhaZ7pk0B5hiMKc076JYz8bjjVifowhBMr/EXuZ5Q9kWFUIWoyVGy63UbmvIpuzy8BGwX5t57mllAg==
Connection
keep-alive
X-Log-Success
64ff7ab4848714316a6d1519
track.php
googlelinkedin.com/ 		0
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://googlelinkedin.com/track.php?click=a811068826b20fbb29b5bcf830c05d8d0ba3569c&domain=googlelinkedin.com&uid=MTY5NDQ2NDY5MC4xMDk4OjFkYmZjMjdkNTQ3NzAyZDNmZjI4NTczNmY4Njg5YzM4ZTg5OTgzNjQ1NDMxZGJmZTE1YjNlYzY4MzI0MjY5NTk6NjRmZjdhYjIxYWQwZg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NGZmN2FiMjFhY2U4fHx8MTY5NDQ2NDY5MC40NTE3fDIzYzBjNWM2MzM1ZWQ1NzNiZDE2MjFlM2E0MGYwZWJjNDg1YWFmMTF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxiYTc3NWY1MjJjM2VlNjhjNDNlYTk3NjBmMjRmYmFhNGM3NmI3NjFhfDB8fDB8MHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.177.71 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://googlelinkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 20:38:13 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
X-View-Match
true
Connection
keep-alive
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
phraa-lby.com/zclkvisitor/1efc8d11-50e3-11ee-8b40-12b5e3acdc35/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://phraa-lby.com/zclkvisitor/1efc8d11-50e3-11ee-8b40-12b5e3acdc35/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f0f2ab6-50e3-11ee-8b40-12b5e3acdc35
Requested by
Host: googlelinkedin.com
URL: http://googlelinkedin.com/
Protocol
HTTP/1.1
Server
18.232.14.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-14-192.compute-1.amazonaws.com
Software
qlIRJEAJ /
Resource Hash
a21e77e6ad525b3643647f5c417cd20a04acbde85f53979f767f7c1f80632fd6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://googlelinkedin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Mon, 11 Sep 2023 20:38:14 GMT
Server
qlIRJEAJ
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
zclkredirect
phraa-lby.com/ 		308 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
http://phraa-lby.com/zclkredirect?visitid=1efc8d11-50e3-11ee-8b40-12b5e3acdc35&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Requested by
Host: phraa-lby.com
URL: http://phraa-lby.com/zclkvisitor/1efc8d11-50e3-11ee-8b40-12b5e3acdc35/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f0f2ab6-50e3-11ee-8b40-12b5e3acdc35
Protocol
HTTP/1.1
Server
18.232.14.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-14-192.compute-1.amazonaws.com
Software
rcKDPiYi /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://phraa-lby.com/zclkvisitor/1efc8d11-50e3-11ee-8b40-12b5e3acdc35/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f0f2ab6-50e3-11ee-8b40-12b5e3acdc35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Mon, 11 Sep 2023 20:38:14 GMT
Server
rcKDPiYi
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
filter
tq.howboxmab.site/
Redirect Chain
  • http://xml-v4.howboxmab.site/click?seat=2114927&i=afoTR6sJvRE_0
  • http://tq.howboxmab.site/filter?q=&i=afoTR6sJvRE_0&ci=-6752733564569376860&t=682153103&h=26
15 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tq.howboxmab.site/filter?q=&i=afoTR6sJvRE_0&ci=-6752733564569376860&t=682153103&h=26
Requested by
Host: phraa-lby.com
URL: http://phraa-lby.com/zclkredirect?visitid=1efc8d11-50e3-11ee-8b40-12b5e3acdc35&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Protocol
HTTP/1.1
Server
173.239.53.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
6c4b2c52316d78fceb9e9b6078040c16a489524ed28b79f9b4425fa1001d441c

Request headers

Referer
http://phraa-lby.com/zclkredirect?visitid=1efc8d11-50e3-11ee-8b40-12b5e3acdc35&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
keep-alive
Content-Length
15255
Content-Type
text/html; charset=utf-8
Pragma
no-cache

Redirect headers

Age
0
Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Location
http://tq.howboxmab.site/filter?q=&i=afoTR6sJvRE_0&ci=-6752733564569376860&t=682153103&h=26
Pragma
no-cache
aperture.js
cdn.perfdrive.com/aperture/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: tq.howboxmab.site
URL: http://tq.howboxmab.site/filter?q=&i=afoTR6sJvRE_0&ci=-6752733564569376860&t=682153103&h=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.24.0 /
Resource Hash
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://tq.howboxmab.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 19:58:01 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 21 Jul 2023 07:03:08 GMT
server
nginx/1.24.0
age
2416
etag
W/"64ba2dac-6844"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7938
jsdata
cas.avalon.perfdrive.com/ 		316 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
http://tq.howboxmab.site/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Mon, 11 Sep 2023 20:38:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		211 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
http://tq.howboxmab.site/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
1ms
date
Mon, 11 Sep 2023 20:38:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
content-type
text/plain; charset=UTF-8
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://tq.howboxmab.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
Primary Request /
teenfinder.online/
Redirect Chain
  • http://xml-v4.howboxmab.site/click2?i=afoTR6sJvRE_0&ci=-6752733564569376860&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D0x0%26ce%3D1%26ck%3Djc%26cv%3D3271%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnu...
  • https://go.proffering.xyz/15Gu5p?zoneid=13790955715&pubfeed=397303/397303.13790955715&campaign=671642&cost=0.00042
  • https://teenfinder.online/?u=7pfk605&o=e9ym176&cid=76a6d99c575c0b9e1f6788dc44016e6a-11246-0911
6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://teenfinder.online/?u=7pfk605&o=e9ym176&cid=76a6d99c575c0b9e1f6788dc44016e6a-11246-0911
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.155.184.231 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://tq.howboxmab.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
6540
Content-Type
text/html
Date
Mon, 11 Sep 2023 20:38:21 GMT
Server
nginx
cache-control
private

Redirect headers

Connection
keep-alive
Content-Length
248
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Sep 2023 20:38:20 GMT
Location
https://teenfinder.online/?u=7pfk605&o=e9ym176&cid=76a6d99c575c0b9e1f6788dc44016e6a-11246-0911
Server
nginx/1.23.0
Vary
Accept
X-Powered-By
Express
css
fonts.googleapis.com/ 		0
0
bootstrap.min.css
teenfinder.online/media/dating/sinderv2/css/ 		0
0
style.css
teenfinder.online/media/dating/sinderv2/css/ 		0
0
animate.css
teenfinder.online/media/dating/sinderv2/css/ 		0
0
vegas.css
teenfinder.online/media/dating/sinderv2/css/ 		0
0
flag-icon.css
teenfinder.online/util/flag-icon/css/ 		0
0
jquery.js
teenfinder.online/media/dating/sinderv2/js/ 		0
0
vegas.js
teenfinder.online/media/dating/sinderv2/js/ 		0
0
js.cookie.js
teenfinder.online/cookie/ 		0
0
utils.js
teenfinder.online/util/ 		0
0
logo-loveme_white1.svg
teenfinder.online/media/dating/sinderv2/images/ 		0
0
timer.js
teenfinder.online/media/dating/sinderv2/js/ 		0
0
trls.js
teenfinder.online/media/dating/sinderv2/js/ 		0
0
bb.js
teenfinder.online/media/ 		0
0
exit1.js
teenfinder.online/media/exit-new/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Roboto:400,300,700|Raleway:400,700&subset=latin,cyrillic
Domain
teenfinder.online
URL
https://teenfinder.online/media/dating/sinderv2/css/bootstrap.min.css
Domain
teenfinder.online
URL
https://teenfinder.online/media/dating/sinderv2/css/style.css
Domain
teenfinder.online
URL
https://teenfinder.online/media/dating/sinderv2/css/animate.css
Domain
teenfinder.online
URL
https://teenfinder.online/media/dating/sinderv2/css/vegas.css
Domain
teenfinder.online
URL
https://teenfinder.online/util/flag-icon/css/flag-icon.css
Domain
teenfinder.online
URL
https://teenfinder.online/media/dating/sinderv2/js/jquery.js
Domain
teenfinder.online
URL
https://teenfinder.online/media/dating/sinderv2/js/vegas.js
Domain
teenfinder.online
URL
https://teenfinder.online/cookie/js.cookie.js
Domain
teenfinder.online
URL
https://teenfinder.online/util/utils.js
Domain
teenfinder.online
URL
https://teenfinder.online/media/dating/sinderv2/images/logo-loveme_white1.svg
Domain
teenfinder.online
URL
https://teenfinder.online/media/dating/sinderv2/js/timer.js
Domain
teenfinder.online
URL
https://teenfinder.online/media/dating/sinderv2/js/trls.js
Domain
teenfinder.online
URL
https://teenfinder.online/media/bb.js
Domain
teenfinder.online
URL
https://teenfinder.online/media/exit-new/exit1.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

13 Cookies

Domain/Path Name / Value
.howboxmab.site/ Name: x3325799
Value: 680302923
tq.howboxmab.site/ Name: c1607749619
Value: -680302923
.howboxmab.site/ Name: __ssds
Value: 2
tq.howboxmab.site/ Name: jc
Value: 3271
.howboxmab.site/ Name: __ssuzjsr2
Value: a9be0cd8e
.howboxmab.site/ Name: __uzmaj2
Value: 12838679-639b-42e9-b127-f30893ef2faa
.howboxmab.site/ Name: __uzmbj2
Value: 1694464698
.howboxmab.site/ Name: __uzmcj2
Value: 461101014509
.howboxmab.site/ Name: __uzmdj2
Value: 1694464698
.go.proffering.xyz/ Name: 15Gu5po
Value: 20230911231694465395953
.go.proffering.xyz/ Name: _pc_lc_id
Value: 15Gu5p
.go.proffering.xyz/ Name: peerclickcid
Value: 76a6d99c575c0b9e1f6788dc44016e6a-11246-0911
.go.proffering.xyz/ Name: _norg
Value: 1