bend-me-over.com Open in urlscan Pro
18.155.68.30 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cupang.online/
Effective URL:
https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d0...
Submission: On June 27 via api (June 27th 2024, 7:30:23 am UTC) from KR — Scanned from SG

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 6 countries across 16 domains to perform 44 HTTP transactions. The main IP is 18.155.68.30, located in United States and belongs to AMAZON-02, US. The main domain is bend-me-over.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 1st 2023. Valid for: a year.

This is the only time bend-me-over.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.104.187.4 172.104.187.4	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	172.67.140.202 172.67.140.202	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.155.31 172.67.155.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.165.172 172.67.165.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.215.125.97 52.215.125.97	16509 (AMAZON-02) (AMAZON-02)
1 1	34.160.108.161 34.160.108.161	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	172.67.187.194 172.67.187.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.110.19.166 3.110.19.166	16509 (AMAZON-02) (AMAZON-02)
2 34	18.155.68.30 18.155.68.30	16509 (AMAZON-02) (AMAZON-02)
1	54.206.158.243 54.206.158.243	16509 (AMAZON-02) (AMAZON-02)
2	142.251.175.97 142.251.175.97	15169 (GOOGLE) (GOOGLE)
1	13.33.30.40 13.33.30.40	16509 (AMAZON-02) (AMAZON-02)
4	64.233.170.102 64.233.170.102	15169 (GOOGLE) (GOOGLE)
1	74.125.24.94 74.125.24.94	15169 (GOOGLE) (GOOGLE)
44	9

1 172.104.187.4 (Singapore, Singapore) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: pigeon.rapidplex.com

cupang.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.140.202 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wa.sv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.155.31 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

meet4singles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.165.172 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

m.luvmenow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.125.97 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-125-97.eu-west-1.compute.amazonaws.com

da.off3riz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.108.161 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 161.108.160.34.bc.googleusercontent.com

www.h-trck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.187.194 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

harem-smrt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.110.19.166 (Mumbai, India) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-110-19-166.ap-south-1.compute.amazonaws.com

vasy.clickmoileclito.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 18.155.68.30 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-30.sin52.r.cloudfront.net

bend-me-over.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.206.158.243 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-206-158-243.ap-southeast-2.compute.amazonaws.com

bts.insigit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.30.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-30-40.sin2.r.cloudfront.net

retarget2core.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.233.170.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	bend-me-over.com 2 redirects bend-me-over.com	363 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	170 KB
2	clickmoileclito.com 2 redirects vasy.clickmoileclito.com	984 B
2	harem-smrt.com 1 redirects harem-smrt.com	2 KB
2	off3riz.com 2 redirects da.off3riz.com	3 KB
1	gstatic.com www.gstatic.com	11 KB
1	retarget2core.com retarget2core.com — Cisco Umbrella Rank: 589451	678 B
1	insigit.com bts.insigit.com — Cisco Umbrella Rank: 657345	9 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	6 KB
1	h-trck.com 1 redirects www.h-trck.com	490 B
1	luvmenow.com 1 redirects m.luvmenow.com	650 B
1	meet4singles.com 1 redirects meet4singles.com	1011 B
1	wa.sv 1 redirects wa.sv	458 B
1	cupang.online 1 redirects cupang.online	173 B
0	freshmarketer.com Failed cdn.freshmarketer.com Failed
44	16

	Domain	Requested by
34	bend-me-over.com	2 redirects harem-smrt.com bend-me-over.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com bend-me-over.com
2	www.googletagmanager.com	bend-me-over.com www.google-analytics.com
2	vasy.clickmoileclito.com	2 redirects
2	harem-smrt.com	1 redirects
2	da.off3riz.com	2 redirects
1	www.gstatic.com	bend-me-over.com
1	retarget2core.com	bend-me-over.com
1	bts.insigit.com	bend-me-over.com
1	cdnjs.cloudflare.com	harem-smrt.com
1	www.h-trck.com	1 redirects
1	m.luvmenow.com	1 redirects
1	meet4singles.com	1 redirects
1	wa.sv	1 redirects
1	cupang.online	1 redirects
0	cdn.freshmarketer.com Failed	bend-me-over.com
44	16

This site contains no links.

Subject Issuer	Validity	Valid
harem-smrt.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
bend-me-over.com Amazon RSA 2048 M03	`2023-11-01` - `2024-11-29`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
retarget2core.com Amazon RSA 2048 M02	`2023-11-02` - `2024-11-30`	a year	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Frame ID: 84D6305C116F5280F90B22E070A1E7F5
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://cupang.online/ HTTP 307
https://cupang.online/ HTTP 307
http://cupang.online/ HTTP 302
https://wa.sv/3edeqp HTTP 302
https://meet4singles.com/hcQDg8bk?aid=bdzhdkgdab&kid=ghdaazzxadh&clickid=awur&sub1=awur HTTP 302
https://m.luvmenow.com/click?pid=35851&offer_id=6422&sub1=2tc1bou2kbpih&sub2=35851&sub3=212605&sub4... HTTP 302
https://da.off3riz.com/aff_c?offer_id=1543&aff_id=3062&aff_sub2=a_667d14f75ed4d600019b9614&source=3... HTTP 302
https://www.h-trck.com/9W598/3QQG7/?sub1={email}&sub2=3062&sub3=35851&sub5=102409037193b39b16167696... HTTP 302
https://harem-smrt.com/offers/?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&m... Page URL
https://harem-smrt.com/offers/index.php?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33... HTTP 302
https://vasy.clickmoileclito.com/cae58461-fd83-48ff-afa2-d8d89c2ca4be?affid=7_3062&source=&mail=&clickid=8566... HTTP 307
https://vasy.clickmoileclito.com/cae58461-fd83-48ff-afa2-d8d89c2ca4be/2?affid=7_3062&source=&mail=&clickid=85... HTTP 302
https://da.off3riz.com/aff_c?offer_id=1617&aff_id=4719&aff_sub2=wus9eoddnl82sfa2js4ep6bc&source= HTTP 302
https://bend-me-over.com/tds?tdsId=s9038shm_r&tds_campaign=s9038shm&email={email46}&utm_source=ddm&ut... HTTP 302
https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=... Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

44
Requests

95 %
HTTPS

0 %
IPv6

16
Domains

16
Subdomains

9
IPs

6
Countries

581 kB
Transfer

1129 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cupang.online/ HTTP 307
https://cupang.online/ HTTP 307
http://cupang.online/ HTTP 302
https://wa.sv/3edeqp HTTP 302
https://meet4singles.com/hcQDg8bk?aid=bdzhdkgdab&kid=ghdaazzxadh&clickid=awur&sub1=awur HTTP 302
https://m.luvmenow.com/click?pid=35851&offer_id=6422&sub1=2tc1bou2kbpih&sub2=35851&sub3=212605&sub4=awur&sub5=awur&sub6=&sub7=&sub8= HTTP 302
https://da.off3riz.com/aff_c?offer_id=1543&aff_id=3062&aff_sub2=a_667d14f75ed4d600019b9614&source=35851 HTTP 302
https://www.h-trck.com/9W598/3QQG7/?sub1={email}&sub2=3062&sub3=35851&sub5=102409037193b39b1616769600063a HTTP 302
https://harem-smrt.com/offers/?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&mail=%7Bemail%7D Page URL
https://harem-smrt.com/offers/index.php?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&mail=%7Bemail%7D&r=1&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&ua_pm=Windows&fw=1600&fh=1200&wdw_d={%22name%22:%22%22,%22status%22:%22%22,%22closed%22:false,%22length%22:0,%22origin%22:%22https://harem-smrt.com%22,%22innerWidth%22:1600,%22innerHeight%22:1200,%22scrollX%22:0,%22pageXOffset%22:0,%22scrollY%22:0,%22pageYOffset%22:0,%22screenX%22:190,%22screenY%22:190,%22outerWidth%22:1600,%22outerHeight%22:1200,%22devicePixelRatio%22:1,%22screenLeft%22:190,%22screenTop%22:190,%22isSecureContext%22:true,%22crossOriginIsolated%22:false,%22originAgentCluster%22:true,%22credentialless%22:false,%22fhe%22:%22Asia/Singapore%22,%22prop%22:%22prop%22,%22TEMPORARY%22:0,%22PERSISTENT%22:1}&ngt_d={%22vendorSub%22:%22%22,%22productSub%22:%2220030107%22,%22vendor%22:%22Google%20Inc.%22,%22maxTouchPoints%22:0,%22scheduling%22:{},%22userActivation%22:{},%22doNotTrack%22:null,%22geolocation%22:{},%22connection%22:{},%22plugins%22:{%220%22:{%220%22:{},%221%22:{}},%221%22:{%220%22:{},%221%22:{}},%222%22:{%220%22:{},%221%22:{}},%223%22:{%220%22:{},%221%22:{}},%224%22:{%220%22:{},%221%22:{}}},%22mimeTypes%22:{%220%22:{},%221%22:{}},%22pdfViewerEnabled%22:true,%22webkitTemporaryStorage%22:{},%22webkitPersistentStorage%22:{},%22windowControlsOverlay%22:{},%22hardwareConcurrency%22:16,%22cookieEnabled%22:true,%22appCodeName%22:%22Mozilla%22,%22appName%22:%22Netscape%22,%22appVersion%22:%225.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36%22,%22platform%22:%22Win32%22,%22product%22:%22Gecko%22,%22userAgent%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36%22,%22language%22:%22en-SG%22,%22languages%22:[%22en-US%22,%22en%22],%22onLine%22:true,%22webdriver%22:false,%22storageBuckets%22:{},%22clipboard%22:{},%22credentials%22:{},%22keyboard%22:{},%22managed%22:{},%22mediaDevices%22:{},%22storage%22:{},%22serviceWorker%22:{},%22virtualKeyboard%22:{},%22wakeLock%22:{},%22deviceMemory%22:8,%22userAgentData%22:{%22brands%22:[{%22brand%22:%22Google%20Chrome%22,%22version%22:%22126%22},{%22brand%22:%22Not:A-Brand%22,%22version%22:%228%22},{%22brand%22:%22Chromium%22,%22version%22:%22126%22}],%22mobile%22:false,%22platform%22:%22Win32%22},%22login%22:{},%22ink%22:{},%22mediaCapabilities%22:{},%22hid%22:{},%22locks%22:{},%22gpu%22:{},%22mediaSession%22:{},%22permissions%22:{},%22presentation%22:{},%22usb%22:{},%22xr%22:{},%22serial%22:{}}&hs_d={%22length%22:2,%22scrollRestoration%22:%22auto%22,%22state%22:null}&sc_d={%22availWidth%22:1600,%22availHeight%22:1200,%22width%22:1600,%22height%22:1200,%22colorDepth%22:24,%22pixelDepth%22:24,%22availLeft%22:0,%22availTop%22:0,%22orientation%22:{},%22onchange%22:null,%22isExtended%22:false}&fhe_d=Asia/Singapore&plg_d=[%22PDF%20Viewer%22,%22Chrome%20PDF%20Viewer%22,%22Chromium%20PDF%20Viewer%22,%22Microsoft%20Edge%20PDF%20Viewer%22,%22WebKit%20built-in%20PDF%22] HTTP 302
https://vasy.clickmoileclito.com/cae58461-fd83-48ff-afa2-d8d89c2ca4be?affid=7_3062&source=&mail=&clickid=85668323 HTTP 307
https://vasy.clickmoileclito.com/cae58461-fd83-48ff-afa2-d8d89c2ca4be/2?affid=7_3062&source=&mail=&clickid=85668323 HTTP 302
https://da.off3riz.com/aff_c?offer_id=1617&aff_id=4719&aff_sub2=wus9eoddnl82sfa2js4ep6bc&source= HTTP 302
https://bend-me-over.com/tds?tdsId=s9038shm_r&tds_campaign=s9038shm&email={email46}&utm_source=ddm&utm_campaign=6b175b51&utm_content=4719&s1=dd&p5={p5}&data2=10211d8cd7b29c05c00402f9c02df7&data3=&s3=&email={email} HTTP 302
https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cupang.online/ HTTP 307
https://cupang.online/ HTTP 307
http://cupang.online/ HTTP 302
https://wa.sv/3edeqp HTTP 302
https://meet4singles.com/hcQDg8bk?aid=bdzhdkgdab&kid=ghdaazzxadh&clickid=awur&sub1=awur HTTP 302
https://m.luvmenow.com/click?pid=35851&offer_id=6422&sub1=2tc1bou2kbpih&sub2=35851&sub3=212605&sub4=awur&sub5=awur&sub6=&sub7=&sub8= HTTP 302
https://da.off3riz.com/aff_c?offer_id=1543&aff_id=3062&aff_sub2=a_667d14f75ed4d600019b9614&source=35851 HTTP 302
https://www.h-trck.com/9W598/3QQG7/?sub1={email}&sub2=3062&sub3=35851&sub5=102409037193b39b1616769600063a HTTP 302
https://harem-smrt.com/offers/?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&mail=%7Bemail%7D

Request Chain 12

https://bend-me-over.com/bts.js HTTP 301
https://bts.insigit.com/bts.js

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
harem-smrt.com/offers/
Redirect Chain

http://cupang.online/
https://cupang.online/
http://cupang.online/
https://wa.sv/3edeqp
https://meet4singles.com/hcQDg8bk?aid=bdzhdkgdab&kid=ghdaazzxadh&clickid=awur&sub1=awur
https://m.luvmenow.com/click?pid=35851&offer_id=6422&sub1=2tc1bou2kbpih&sub2=35851&sub3=212605&sub4=awur&sub5=awur&sub6=&sub7=&sub8=
https://da.off3riz.com/aff_c?offer_id=1543&aff_id=3062&aff_sub2=a_667d14f75ed4d600019b9614&source=35851
https://www.h-trck.com/9W598/3QQG7/?sub1={email}&sub2=3062&sub3=35851&sub5=102409037193b39b1616769600063a
https://harem-smrt.com/offers/?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&mail=%7Bemail%7D

1 KB
1 KB

2017ms
873ms

Document
text/html

172.67.187.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harem-smrt.com/offers/?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&mail=%7Bemail%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.187.194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9161ba2797a5024ac95900d8e5aaa27e62b7856c151c96410db2e8e3cc5ce63

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-Prefers-Color-Scheme, Sec-CH-Viewport-Width, Sec-CH-DPR, Sec-CH-Width
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89a3bac68bde3e2c-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 07:30:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fysmGHTbRPIUsZFKJpMLon0NY6enEbunfc6dUcnN7cyzmk6Nb1%2B%2F8lABy8ZCfKwjijP8AlmW5mUk%2BJ7SqV93DjMhhfNkoJk92LS1wSvLkUMfJQtHN6td7vRrH4Vp9TBBjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
content-type: text/html; charset=utf-8
date: Thu, 27 Jun 2024 07:30:02 GMT
location: https://harem-smrt.com/offers/?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&mail=%7Bemail%7D
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: 994fcd74-d378-4af7-97fa-270f2b9b9462

GET
H2 200 platform.min.js Show response
cdnjs.cloudflare.com/ajax/libs/platform/1.3.6/ 14 KB
6 KB 749ms
214ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/platform/1.3.6/platform.min.js

Requested by

Host: harem-smrt.com
URL: https://harem-smrt.com/offers/?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&mail=%7Bemail%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c039b6e245af3041933a2e283eb929be6c05618616e34ef2b8e3ca2bb368007

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://harem-smrt.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1174972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5648
last-modified: Sat, 04 Jul 2020 11:56:15 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f006e5f-38b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bNIdLk4RIgxhlX0z2Yk9TxfypNgaVN%2FgSx1AW6VwYE59MolG5oy5Vm2X6mWhsf4Ui1wS5%2BkeH3RZLwOjVYDPF4%2BTMEP0N8JiZwH%2FP3i7uKiL1hmljQsemH2gv%2ByHavIvXwbN6aYU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a3bace4ccc40c1-SIN
expires: Tue, 17 Jun 2025 07:30:05 GMT

GET
H2

200

Primary Request jump Show response
bend-me-over.com/
Redirect Chain

https://harem-smrt.com/offers/index.php?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&mail=%7Bemail%7D&r=1&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/...
https://vasy.clickmoileclito.com/cae58461-fd83-48ff-afa2-d8d89c2ca4be?affid=7_3062&source=&mail=&clickid=85668323
https://vasy.clickmoileclito.com/cae58461-fd83-48ff-afa2-d8d89c2ca4be/2?affid=7_3062&source=&mail=&clickid=85668323
https://da.off3riz.com/aff_c?offer_id=1617&aff_id=4719&aff_sub2=wus9eoddnl82sfa2js4ep6bc&source=
https://bend-me-over.com/tds?tdsId=s9038shm_r&tds_campaign=s9038shm&email={email46}&utm_source=ddm&utm_campaign=6b175b51&utm_content=4719&s1=dd&p5={p5}&data2=10211d8cd7b29c05c00402f9c02df7&data3=&s...
https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13...

9 KB
3 KB

566ms
564ms

Document
text/html

18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Requested by: Host: harem-smrt.com
URL: https://harem-smrt.com/offers/?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&mail=%7Bemail%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 0a3161eb0b1a159ab6b0ce6d926521160d2d1eca60d8f038d6733cc9161929c2

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer: https://harem-smrt.com/offers/?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&mail=%7Bemail%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-dpr: 1
sec-ch-prefers-color-scheme: light
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-arch: "x86"
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version: "126.0.6478.126"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-viewport-width: 1600

Response headers

alt-svc: h3=":443"; ma=86400
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 07:30:10 GMT
server: nginx
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
x-amz-cf-id: lFcjMjTIwa4dzzwvsIfbiue2y4wh0D1pcsgM8_um4h5M1bxjKKwTyA==
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 27 Jun 2024 07:30:10 GMT
location: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx
timing-allow-origin: *
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
x-amz-cf-id: JEAEPe4yOPAFM3CUP1fXbkjETh7EIlGUdNG1oUyhWxowzxqV4Ja4Ng==
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront

GET
H2 200 92c97a777dfc5bf845bb98ab709d7d6b.css
bend-me-over.com/landings/21241/css/ 4 KB
2 KB 277ms
276ms Stylesheet
text/css 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/landings/21241/css/92c97a777dfc5bf845bb98ab709d7d6b.css
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 785ca45f55afe0da33676ebf10e0a2daa261324089a0155393fc60e0e4f1b649

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:23:12 GMT
content-encoding: gzip
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:18:56 GMT
server: nginx
x-amz-cf-pop: SIN52-P1
age: 187619
etag: W/"e9b-5d23c12a18800"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: hm6uKILJfQfosQOVneajmFVIDVepS3qWShfI2kR0BCOx1C4b3VoTnQ==

GET
H2 200 e1138afd220502ed383190caf83afa43.js Show response
bend-me-over.com/landings/21241/js/ 95 KB
33 KB 935ms
934ms Script
application/javascript 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/landings/21241/js/e1138afd220502ed383190caf83afa43.js
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 9a275f7d4a61150dee22e10a07d68229c1e493000870b5f176011d6f5965e66b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 08:01:31 GMT
content-encoding: gzip
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 11:18:56 GMT
server: nginx
x-amz-cf-pop: SIN52-P1
age: 602920
etag: W/"17c90-5d23c12a18800"
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: eVCxzUluortNuHv0dalzwa-3gYd-OkIhiDCTwUzoJ44AdSKOLEHKpA==

GET
H2 200 1-1.jpg
bend-me-over.com/landings/21241/images/ 27 KB
27 KB 278ms
277ms Image
image/jpeg 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bend-me-over.com/landings/21241/images/1-1.jpg
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: afee828deb4f8539735da36032c0d3ecb40fa5251129ecc432af7a675b299bfb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 17:08:28 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2017 14:54:45 GMT
server: nginx
x-amz-cf-pop: SIN52-P1
age: 51703
etag: "6b12-557d179b15740"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 27410
x-amz-cf-id: uBToaukNn_zfD091mv8DZOzeGK3mRmbPk6kGlD-byIRF8H9kpFTS_w==

GET
H2 200 1-2.jpg
bend-me-over.com/landings/21241/images/ 21 KB
21 KB 589ms
589ms Image
image/jpeg 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bend-me-over.com/landings/21241/images/1-2.jpg
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 762d6a41d701d26adefa79edb51320a456b5394b50510a4dc1d70acbdbb24d0f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:06:52 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2017 14:54:45 GMT
server: nginx
x-amz-cf-pop: SIN52-P1
age: 469399
etag: "5475-557d179b15740"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 21621
x-amz-cf-id: RL-x5z4ZNL71AR9_LnsIsXftNzZcEi6pM6YT-OJ8umvGFw99USXcaw==

GET
H2 200 1-3.jpg
bend-me-over.com/landings/21241/images/ 20 KB
20 KB 805ms
805ms Image
image/jpeg 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bend-me-over.com/landings/21241/images/1-3.jpg
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 5e60e6637e6525bd535b050fcceda17a970e00b7fd50bb8165f3e66ad2dd4f27

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:44:09 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2017 14:54:45 GMT
server: nginx
x-amz-cf-pop: SIN52-P1
age: 571562
etag: "5070-557d179b15740"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 20592
x-amz-cf-id: SHwvs3eSU_v8wdeE-SGRVPi2jV61Dgpv_fH7CfCPqnwESvIXJNOWRQ==

GET
H2 200 2-1.jpg
bend-me-over.com/landings/21241/images/ 28 KB
29 KB 732ms
732ms Image
image/jpeg 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bend-me-over.com/landings/21241/images/2-1.jpg
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: b3bdd197284dbd9df257cd9c5afc1b355791130ed158fddf7cbdd24bcc7211b8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 17:08:28 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2017 14:54:45 GMT
server: nginx
x-amz-cf-pop: SIN52-P1
age: 51704
etag: "70bb-557d179b15740"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 28859
x-amz-cf-id: SjY0kz6U6D2-p_EBcdLYcWA11bYj3XKrQE54YjzGgvym2NmQOMXvOA==

GET
H2 200 2-2.jpg
bend-me-over.com/landings/21241/images/ 31 KB
32 KB 1417ms
1416ms Image
image/jpeg 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bend-me-over.com/landings/21241/images/2-2.jpg
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 770349c1793e9805dd4c1ee0f965bdd04997dba4beea08867cdae72fe191d5e9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:44:09 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2017 14:54:45 GMT
server: nginx
x-amz-cf-pop: SIN52-P1
age: 571564
etag: "7d5d-557d179b15740"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 32093
x-amz-cf-id: b6Z6qg6gged-ghNRlFkVg5T3vubJPgiH4LqoO6_fKflzdE0Bv5OhOw==

GET
H2 200 2-3.jpg
bend-me-over.com/landings/21241/images/ 27 KB
28 KB 1418ms
1417ms Image
image/jpeg 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bend-me-over.com/landings/21241/images/2-3.jpg
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 57e92412a2113197019947b2ee0b8346207c303d7c4e64ebb847565be6e453c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:45:44 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2017 14:54:45 GMT
server: nginx
x-amz-cf-pop: SIN52-P1
age: 571469
etag: "6d38-557d179b15740"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 27960
x-amz-cf-id: PitCvBYTYPD_LzMh6WrrBa7TOOSIXAqx9K9F7d5ZgfRZ0qBklbP8ww==

GET
H2 200 intg.js Show response
bend-me-over.com/bridge/ 339 B
741 B 2037ms
2037ms Script
application/javascript 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/bridge/intg.js
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 36765069dc707a1f004301bbc55ee5359b317ab1f2cb66ebfff536522c82fc78

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:13 GMT
content-encoding: br
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 18 Jun 2024 17:31:20 GMT
server: nginx
etag: W/"153-1902c673640"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex
x-amz-cf-id: S5Chu9kmSIjwqaBHV4pvPPqCB7ZfEr5EjnOrgx_iYECDPe6Byd6qgw==

GET
H2 200 web-vitals.iife.js Show response
bend-me-over.com/web-vitals@3.3.0/dist/ 7 KB
4 KB 1169ms
1169ms Script
application/javascript 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bend-me-over.com/web-vitals@3.3.0/dist/web-vitals.iife.js

Requested by

Host: bend-me-over.com
URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.68.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-68-30.sin52.r.cloudfront.net

Software

cloudflare /

Resource Hash

b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 Nov 2023 19:55:11 GMT
content-encoding: gzip
via: 1.1 fly.io, 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: SIN52-P1
age: 19907356
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HEV0FXZMRKKGJHGSFPJJNPVR-sin
server: cloudflare
etag: "1b8b-2Pht765cKB7+cupYL/A9I7DYa+A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 826a0ce249120193-SIN
x-amz-cf-id: sT7FeKXXGPNjNAndir63bqZqGMlfO4v8NSNQ7frSllBiIwXbjHRHIQ==

GET
H2

200

bts.js Show response
bts.insigit.com/
Redirect Chain

https://bend-me-over.com/bts.js
https://bts.insigit.com/bts.js

9 KB
9 KB

1462ms
582ms

Script
application/javascript

54.206.158.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bts.insigit.com/bts.js
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Protocol: H2
Server: 54.206.158.243 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-206-158-243.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 72e69358fa344f2bd1be00400a74600766cf4af15f71abf9b968b3fc3dfc9440

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer: https://bend-me-over.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 07:30:15 GMT
last-modified: Mon, 01 Apr 2024 08:23:54 GMT
server: nginx
etag: "660a6f1a-22ae"
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 8878

Redirect headers

date: Thu, 27 Jun 2024 06:50:02 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: SIN52-P1
age: 2411
x-cache: Hit from cloudfront
content-type: text/html
location: https://bts.insigit.com:443/bts.js
alt-svc: h3=":443"; ma=86400
content-length: 134
x-amz-cf-id: AROxAqXtL-_24inFwUTsQyP3NRr8Vrh0dnbKy6MS7rWF9hAOib0uiA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 218 KB
78 KB 1419ms
407ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

5fce9212be00180c170ce972175e92605c090c4ecf2f103c3e3197a3527ed4cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bend-me-over.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79430
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jun 2024 07:30:14 GMT

GET 1047486.js
cdn.freshmarketer.com/399348/ 0
0

GET
H2 200 bg1.jpg
bend-me-over.com/landings/21241/images/ 36 KB
37 KB 1405ms
1404ms Image
image/jpeg 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bend-me-over.com/landings/21241/images/bg1.jpg
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/landings/21241/css/92c97a777dfc5bf845bb98ab709d7d6b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 76f4995baba6266e4762ec0a790351b295237367dbd898e5853e8066097f4f84

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/landings/21241/css/92c97a777dfc5bf845bb98ab709d7d6b.css
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 17:08:28 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2017 14:54:45 GMT
server: nginx
x-amz-cf-pop: SIN52-P1
age: 51705
etag: "91a8-557d179b15740"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37288
x-amz-cf-id: RQaLxvYhdGRt_Qc8rWPTrND_yS65wdLjHyeDFhRMW3X8ZK_Yx_Exkw==

GET
H2 200 bg2.jpg
bend-me-over.com/landings/21241/images/ 38 KB
38 KB 1696ms
1695ms Image
image/jpeg 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bend-me-over.com/landings/21241/images/bg2.jpg
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/landings/21241/css/92c97a777dfc5bf845bb98ab709d7d6b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 1752673c0e49d18a681123b02599cfabd55916187431de4f36f50c1323806cc7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/landings/21241/css/92c97a777dfc5bf845bb98ab709d7d6b.css
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 17:08:28 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2017 14:54:45 GMT
server: nginx
x-amz-cf-pop: SIN52-P1
age: 51704
etag: "9688-557d179b15740"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 38536
x-amz-cf-id: U50-_7u0L5Ei4-GxkNcciNVkFutgSVDdXREWkUTA4qRGaSwRG-qlQw==

GET
H2 200 bg3.jpg
bend-me-over.com/landings/21241/images/ 45 KB
45 KB 1405ms
1404ms Image
image/jpeg 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bend-me-over.com/landings/21241/images/bg3.jpg
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/landings/21241/css/92c97a777dfc5bf845bb98ab709d7d6b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: cf615e80032f96193c070a4dfbc4d3c240e8604a53ee51a5a7abf6719cb2ad31

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/landings/21241/css/92c97a777dfc5bf845bb98ab709d7d6b.css
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 18:01:26 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2017 14:54:45 GMT
server: nginx
x-amz-cf-pop: SIN52-P1
age: 480852
etag: "b3ca-557d179b15740"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 46026
x-amz-cf-id: 0pvQv686FS-jp3QoG2jhrpE1cFU7Q-2gOCQzk03MZRrpnW-N_Ae78g==

GET
H2 200 index.js Show response
bend-me-over.com/bridge/ 18 KB
7 KB 562ms
561ms Script
application/javascript 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/bridge/index.js
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/bridge/intg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 5cf3585f2f040f381d74c4d23f4ba5b34ec30cf9301ff94774a1ce70c1be26bc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:15 GMT
content-encoding: gzip
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 18 Jun 2024 17:31:20 GMT
server: nginx
etag: W/"4986-1902c673640"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex
x-amz-cf-id: x0tBo5RAbLcgvGnAiaVzMFww9OjyIn-mgLmzLrO_ATg2cCqJiQkLSw==

GET
H2 200 integration.js Show response
bend-me-over.com/ 2 KB
2 KB 549ms
545ms Script
text/javascript 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/integration.js?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/bridge/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx / Express
Resource Hash: 1ae9fb176443c493ce4901688cec3bc82da949e4fc6945c5a499e4e48fbc4dd0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:16 GMT
content-encoding: gzip
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-powered-by: Express
etag: W/"98e-RR2saUZJK5fPT02DfCtgOKqD8Mc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JdHwHPvZDPqW7VsBu39jIprkau6H0MzaOE3kv6DY2fr2LDbUtGuW6Q==

GET
H2 200 ac3fc68831981c704535980c826941a5
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ 35 B
678 B 1546ms
790ms Image
image/gif 13.33.30.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?j_type=open&jump=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.30.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-30-40.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bend-me-over.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:16 GMT
via: 1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
x-amz-cf-pop: SIN2-P1
x-cache: Miss from cloudfront
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: mu734vuchQkP2iXP5wC8U4TWyM_rDOw7_hbbfZ1lVrwcbA2eyNk1qQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 1522ms
791ms Script
text/javascript 64.233.170.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bend-me-over.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Jun 2024 07:15:01 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 915
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 27 Jun 2024 09:15:01 GMT

POST
H2 202 tr
bend-me-over.com/b/ 0
268 B 989ms
988ms Ping
application/octet-stream 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/b/tr
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/bts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-Type: application/json
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:16 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: application/octet-stream
cache-control: no-store
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: 0qSYh_yKtFMRFsFMZyegvgdYau0I7cEi8bIkHepgbCARoyMIjvmmng==

POST
H2 202 tr
bend-me-over.com/b/ 0
269 B 1209ms
1207ms Ping
application/octet-stream 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/b/tr
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/bts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-Type: application/json
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:16 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: application/octet-stream
cache-control: no-store
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: 05Bo2MCFUewVjCUdqDOkj_q_-TM5iEyH0gBfSKNDwgNlXN0tcKKx9Q==

POST
H2 202 tr
bend-me-over.com/b/ 0
268 B 1209ms
1208ms Ping
application/octet-stream 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/b/tr
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/bts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-Type: application/json
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:16 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: application/octet-stream
cache-control: no-store
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: tnLbdx0Q5tgkwjsNAzDnyEL-UXHtX2aymOONsl563aBgDeTvIksozw==

POST
H2 202 tr
bend-me-over.com/b/ 0
267 B 711ms
710ms Ping
application/octet-stream 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/b/tr
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/bts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-Type: application/json
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:16 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: application/octet-stream
cache-control: no-store
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: 5RA7fDr8ZcYgBIaBZndQ2nM7aEvn4kh_RrPRo02i8oppFt8ndi9ThA==

POST
H2 202 tr
bend-me-over.com/b/ 0
268 B 989ms
988ms Ping
application/octet-stream 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/b/tr
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/bts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-Type: application/json
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:16 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: application/octet-stream
cache-control: no-store
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: q9nxNrrYhxQVYwMeuAxIcQZjf9800dmdXv-CbtffEfD4WmzZTmR2HA==

POST
H2 202 tr
bend-me-over.com/b/ 0
268 B 1283ms
1281ms Ping
application/octet-stream 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/b/tr
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/bts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-Type: application/json
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:17 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: application/octet-stream
cache-control: no-store
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: l1p5DlGlHd4l0pFJDb_0NCaK_pRcSrZORVuuWm5kErhWlXyToce-Aw==

POST
H2 202 tr
bend-me-over.com/b/ 0
270 B 1283ms
1282ms Ping
application/octet-stream 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/b/tr
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/bts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-Type: application/json
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:17 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: application/octet-stream
cache-control: no-store
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: MITlAmwPCVJRq4WPhLsB-y9RiYnJEkkcNCTFYdDN8UxRz6Qn8UzVSQ==

POST
H2 202 tr
bend-me-over.com/b/ 0
267 B 1208ms
1205ms Ping
application/octet-stream 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/b/tr
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/bts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-Type: application/json
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:17 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: application/octet-stream
cache-control: no-store
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: 3cynKsFP1fOKezANF7Zbtl6FyCpVsn510s2_XRroRUob7xBDPgq4aQ==

POST
H2 202 tr
bend-me-over.com/b/ 0
269 B 1337ms
1334ms Ping
application/octet-stream 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/b/tr
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/bts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-Type: application/json
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:17 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: application/octet-stream
cache-control: no-store
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: iKZzhX2MDB-hCZ_KjqXCSx5O5AFFoIsofozT4FnpDKeJo8PYqnBOag==

GET
H2 200 main.js Show response
bend-me-over.com/ufis/ 125 KB
28 KB 1004ms
1003ms Script
text/javascript 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/ufis/main.js?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fbend-me-over.com%2Fjump%3Ftds_campaign%3Db9918shm%26utm_term%3Dweb_fl_sgp_b9918shm_cpl_remnant%26tds_oid%3D21241%26tds_cid%3D4691d094f5dc97e86170b39f92b3c06576de3552%26utm_campaign%3D6b175b51%26dci%3Da78338c54c31f13eed1ead04b8be05c7efb8bc51%26id%3D21241%26utm_content%3D4719%26s1%3Ddd%26data2%3D10211d8cd7b29c05c00402f9c02df7%26s3%3D%257Bs3%257D%26tds_ac_id%3Ds9038shm%26tds_id%3Db9918shm_jump_a_1595249771824%26tds_host%3Dbend-me-over.com%26tds_ao%3D1%26_tgUrl%3DaHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy%26utm_source%3Dddm&uaDataValues={%22architecture%22:%22x86%22,%22brands%22:[{%22brand%22:%22Google%20Chrome%22,%22version%22:%22126%22},{%22brand%22:%22Not:A-Brand%22,%22version%22:%228%22},{%22brand%22:%22Chromium%22,%22version%22:%22126%22}],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22Win32%22,%22platformVersion%22:%2210.0.0%22,%22uaFullVersion%22:%22126.0.6478.126%22}
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/integration.js?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx / Express
Resource Hash: dc6cc3048edb1453178c0ceb5798edcb9ae6e54eeca91311b17b95a77dffc734

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:16 GMT
content-encoding: gzip
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-powered-by: Express
etag: W/"1f39b-yLjGcDW7hU1MCun4bKlJxjmzIEk"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Y620gfoMzJVTFj9BNJs3IE8NolwduNJeTkvEvtFw-oFhZmao1wtikw==

POST
H2 200 interlayer Show response
bend-me-over.com/tds/ 0
499 B 714ms
713ms XHR
text/plain 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/tds/interlayer?handler=FrodiData
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/bridge/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-Type: application/json; charset=UTF-8
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:17 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ppcRWMVK1T0EKTVjUS4LtbOU4SDTc8ZBXuOXy8dF0VHYEh-E-GQSpg==

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.6.8/ 40 KB
11 KB 1467ms
333ms Script
text/javascript 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js

Requested by

Host: bend-me-over.com
URL: https://bend-me-over.com/ufis/main.js?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fbend-me-over.com%2Fjump%3Ftds_campaign%3Db9918shm%26utm_term%3Dweb_fl_sgp_b9918shm_cpl_remnant%26tds_oid%3D21241%26tds_cid%3D4691d094f5dc97e86170b39f92b3c06576de3552%26utm_campaign%3D6b175b51%26dci%3Da78338c54c31f13eed1ead04b8be05c7efb8bc51%26id%3D21241%26utm_content%3D4719%26s1%3Ddd%26data2%3D10211d8cd7b29c05c00402f9c02df7%26s3%3D%257Bs3%257D%26tds_ac_id%3Ds9038shm%26tds_id%3Db9918shm_jump_a_1595249771824%26tds_host%3Dbend-me-over.com%26tds_ao%3D1%26_tgUrl%3DaHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy%26utm_source%3Dddm&uaDataValues={%22architecture%22:%22x86%22,%22brands%22:[{%22brand%22:%22Google%20Chrome%22,%22version%22:%22126%22},{%22brand%22:%22Not:A-Brand%22,%22version%22:%228%22},{%22brand%22:%22Chromium%22,%22version%22:%22126%22}],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22Win32%22,%22platformVersion%22:%2210.0.0%22,%22uaFullVersion%22:%22126.0.6478.126%22}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

fe26228f1a864cab3d5ec46c99bed380a8194c2c3ec19ad0f82b2910e901ca54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bend-me-over.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10869
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 23:11:55 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Jun 2025 23:58:28 GMT

GET
H2 200 rtr Show response
bend-me-over.com/ufis/ 10 B
373 B 887ms
886ms XHR
application/json 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/ufis/rtr?referer=https%3A%2F%2Fbend-me-over.com%2Fjump%3Ftds_campaign%3Db9918shm%26utm_term%3Dweb_fl_sgp_b9918shm_cpl_remnant%26tds_oid%3D21241%26tds_cid%3D4691d094f5dc97e86170b39f92b3c06576de3552%26utm_campaign%3D6b175b51%26dci%3Da78338c54c31f13eed1ead04b8be05c7efb8bc51%26id%3D21241%26utm_content%3D4719%26s1%3Ddd%26data2%3D10211d8cd7b29c05c00402f9c02df7%26s3%3D%257Bs3%257D%26tds_ac_id%3Ds9038shm%26tds_id%3Db9918shm_jump_a_1595249771824%26tds_host%3Dbend-me-over.com%26tds_ao%3D1%26_tgUrl%3DaHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy%26utm_source%3Dddm
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/ufis/main.js?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fbend-me-over.com%2Fjump%3Ftds_campaign%3Db9918shm%26utm_term%3Dweb_fl_sgp_b9918shm_cpl_remnant%26tds_oid%3D21241%26tds_cid%3D4691d094f5dc97e86170b39f92b3c06576de3552%26utm_campaign%3D6b175b51%26dci%3Da78338c54c31f13eed1ead04b8be05c7efb8bc51%26id%3D21241%26utm_content%3D4719%26s1%3Ddd%26data2%3D10211d8cd7b29c05c00402f9c02df7%26s3%3D%257Bs3%257D%26tds_ac_id%3Ds9038shm%26tds_id%3Db9918shm_jump_a_1595249771824%26tds_host%3Dbend-me-over.com%26tds_ao%3D1%26_tgUrl%3DaHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy%26utm_source%3Dddm&uaDataValues={%22architecture%22:%22x86%22,%22brands%22:[{%22brand%22:%22Google%20Chrome%22,%22version%22:%22126%22},{%22brand%22:%22Not:A-Brand%22,%22version%22:%228%22},{%22brand%22:%22Chromium%22,%22version%22:%22126%22}],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22Win32%22,%22platformVersion%22:%2210.0.0%22,%22uaFullVersion%22:%22126.0.6478.126%22}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx / Express
Resource Hash: 0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:17 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-powered-by: Express
etag: W/"a-1IPl29QMdgDJc1c5Tr58fnR67p8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 10
x-amz-cf-id: UY22IXyuBKyLoJpA_OIWROlltd9cpbzQuMMeYyLZkdkc85gq1pbS2g==

GET
H2 200 bend-me-over.com Show response
bend-me-over.com/ufis/recaptcha/inject/ 27 B
425 B 1082ms
1082ms XHR
application/json 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/ufis/recaptcha/inject/bend-me-over.com?placement=default&doc_location=https%3A%2F%2Fbend-me-over.com%2Fjump%3Ftds_campaign%3Db9918shm%26utm_term%3Dweb_fl_sgp_b9918shm_cpl_remnant%26tds_oid%3D21241%26tds_cid%3D4691d094f5dc97e86170b39f92b3c06576de3552%26utm_campaign%3D6b175b51%26dci%3Da78338c54c31f13eed1ead04b8be05c7efb8bc51%26id%3D21241%26utm_content%3D4719%26s1%3Ddd%26data2%3D10211d8cd7b29c05c00402f9c02df7%26s3%3D%257Bs3%257D%26tds_ac_id%3Ds9038shm%26tds_id%3Db9918shm_jump_a_1595249771824%26tds_host%3Dbend-me-over.com%26tds_ao%3D1%26_tgUrl%3DaHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy%26utm_source%3Dddm
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/ufis/main.js?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fbend-me-over.com%2Fjump%3Ftds_campaign%3Db9918shm%26utm_term%3Dweb_fl_sgp_b9918shm_cpl_remnant%26tds_oid%3D21241%26tds_cid%3D4691d094f5dc97e86170b39f92b3c06576de3552%26utm_campaign%3D6b175b51%26dci%3Da78338c54c31f13eed1ead04b8be05c7efb8bc51%26id%3D21241%26utm_content%3D4719%26s1%3Ddd%26data2%3D10211d8cd7b29c05c00402f9c02df7%26s3%3D%257Bs3%257D%26tds_ac_id%3Ds9038shm%26tds_id%3Db9918shm_jump_a_1595249771824%26tds_host%3Dbend-me-over.com%26tds_ao%3D1%26_tgUrl%3DaHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy%26utm_source%3Dddm&uaDataValues={%22architecture%22:%22x86%22,%22brands%22:[{%22brand%22:%22Google%20Chrome%22,%22version%22:%22126%22},{%22brand%22:%22Not:A-Brand%22,%22version%22:%228%22},{%22brand%22:%22Chromium%22,%22version%22:%22126%22}],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22Win32%22,%22platformVersion%22:%2210.0.0%22,%22uaFullVersion%22:%22126.0.6478.126%22}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx / Express
Resource Hash: 341891286e02aad359716b2976363f926c510a574f3ec042f10fb056f629f9af

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:17 GMT
content-encoding: br
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-powered-by: Express
etag: W/"1b-rve8vgDVBr+K40tPRpzMabcB/bQ"
vary: Accept-Encoding, Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: H2xs_ad_tTkdB9Gv8b0BCL5Wfw3lKFQ1Abncn77LMmvkA1J6xC7Z1Q==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
222 B 214ms
213ms XHR
text/plain 64.233.170.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=697409777&t=event&ni=0&_s=1&dl=https%3A%2F%2Fbend-me-over.com%2Fjump%3Ftds_campaign%3Db9918shm%26utm_term%3Dweb_fl_sgp_b9918shm_cpl_remnant%26tds_oid%3D21241%26tds_cid%3D4691d094f5dc97e86170b39f92b3c06576de3552%26utm_campaign%3D6b175b51%26dci%3Da78338c54c31f13eed1ead04b8be05c7efb8bc51%26id%3D21241%26utm_content%3D4719%26s1%3Ddd%26data2%3D10211d8cd7b29c05c00402f9c02df7%26s3%3D%257Bs3%257D%26tds_ac_id%3Ds9038shm%26tds_id%3Db9918shm_jump_a_1595249771824%26tds_host%3Dbend-me-over.com%26tds_ao%3D1%26_tgUrl%3DaHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy%26utm_source%3Dddm&dr=https%3A%2F%2Fharem-smrt.com%2F&ul=en-sg&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Jump%20%5B21241%5D&ea=Step%20%5B0%5D&el=Pageview&_u=YEBAAAABAAAAAC~&jid=467961490&gjid=1494095830&cid=620911047.1719473418&tid=UA-56815649-9&_gid=1948236816.1719473418&_r=1&_slc=1&gtm=45He46q0n71KMSJRWza200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1184820869

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

84d293ecdf0404e43a7f5caea9bf3755d3264daee36c52a7e4aa3318fb68df1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://bend-me-over.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 07:30:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bend-me-over.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 491ms
490ms Image
image/gif 64.233.170.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=697409777&t=pageview&_s=1&dl=https%3A%2F%2Fbend-me-over.com%2Fjump%3Ftds_campaign%3Db9918shm%26utm_term%3Dweb_fl_sgp_b9918shm_cpl_remnant%26tds_oid%3D21241%26tds_cid%3D4691d094f5dc97e86170b39f92b3c06576de3552%26utm_campaign%3D6b175b51%26dci%3Da78338c54c31f13eed1ead04b8be05c7efb8bc51%26id%3D21241%26utm_content%3D4719%26s1%3Ddd%26data2%3D10211d8cd7b29c05c00402f9c02df7%26s3%3D%257Bs3%257D%26tds_ac_id%3Ds9038shm%26tds_id%3Db9918shm_jump_a_1595249771824%26tds_host%3Dbend-me-over.com%26tds_ao%3D1%26_tgUrl%3DaHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy%26utm_source%3Dddm&dr=https%3A%2F%2Fharem-smrt.com%2F&ul=en-sg&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=620911047.1719473418&tid=UA-56815649-9&_gid=1948236816.1719473418&gtm=45He46q0n71KMSJRWza200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1646238689

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bend-me-over.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 04:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12276
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
92 KB 578ms
577ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2Y0VGLH9ZH&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

b4890f2b54deb4a6fd1b290794fca27ca0a67af66184453eacd99532474f60b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bend-me-over.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93963
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Jun 2024 07:30:18 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 562ms
561ms Fetch
text/plain 64.233.170.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2Y0VGLH9ZH&gtm=45je46q0v9124420178za200&_p=1719473418025&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-sg&sr=1600x1200&cid=620911047.1719473418&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbend-me-over.com%2Fjump%3Ftds_campaign%3Db9918shm%26utm_term%3Dweb_fl_sgp_b9918shm_cpl_remnant%26tds_oid%3D21241%26tds_cid%3D4691d094f5dc97e86170b39f92b3c06576de3552%26utm_campaign%3D6b175b51%26dci%3Da78338c54c31f13eed1ead04b8be05c7efb8bc51%26id%3D21241%26utm_content%3D4719%26s1%3Ddd%26data2%3D10211d8cd7b29c05c00402f9c02df7%26s3%3D%257Bs3%257D%26tds_ac_id%3Ds9038shm%26tds_id%3Db9918shm_jump_a_1595249771824%26tds_host%3Dbend-me-over.com%26tds_ao%3D1%26_tgUrl%3DaHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy%26utm_source%3Dddm&dr=https%3A%2F%2Fharem-smrt.com%2F&sid=1719473420&sct=1&seg=0&en=Step%20%5B0%5D&_fv=1&_ss=1&_ee=1&ep.event_category=Jump%20%5B21241%5D&ep.event_label=Pageview&tfd=15383&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Y0VGLH9ZH&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bend-me-over.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 07:30:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bend-me-over.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 tr
bend-me-over.com/b/ 0
267 B 702ms
701ms Ping
application/octet-stream 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/b/tr
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/bts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-Type: application/json
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:21 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: application/octet-stream
cache-control: no-store
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: PwNcdSLqjUvyq8Nhgm3kMhx82dnAPQ_3eeM2p-Gog7vrf9A-7qeAKA==

GET
H2 200 jump-favicon.ico
bend-me-over.com/images/ 1 KB
502 B 544ms
543ms Other
image/vnd.microsoft.icon 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/images/jump-favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: dedda483c1ee58da9fb3d6f9f9ba972db18d893554a53673a32221bb3d93a701

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 18:03:00 GMT
content-encoding: br
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
last-modified: Fri, 05 Dec 2014 08:28:50 GMT
server: nginx
x-amz-cf-pop: SIN52-P1
age: 394041
etag: W/"47e-50973ddcdee10"
x-cache: Hit from cloudfront
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: HAuUOYcUNk_TJi2dl44PRcDbwFl0QQ8SWMTW00LRvfrG6y8QhUJrEg==

POST
H2 200 track Show response
bend-me-over.com/ufis/webpush/ 30 B
428 B 814ms
813ms XHR
application/json 18.155.68.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bend-me-over.com/ufis/webpush/track?uaDataValues={%22architecture%22:%22x86%22,%22brands%22:[{%22brand%22:%22Google%20Chrome%22,%22version%22:%22126%22},{%22brand%22:%22Not:A-Brand%22,%22version%22:%228%22},{%22brand%22:%22Chromium%22,%22version%22:%22126%22}],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22Win32%22,%22platformVersion%22:%2210.0.0%22,%22uaFullVersion%22:%22126.0.6478.126%22}&networkGroup=
Requested by: Host: bend-me-over.com
URL: https://bend-me-over.com/ufis/main.js?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm&ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fbend-me-over.com%2Fjump%3Ftds_campaign%3Db9918shm%26utm_term%3Dweb_fl_sgp_b9918shm_cpl_remnant%26tds_oid%3D21241%26tds_cid%3D4691d094f5dc97e86170b39f92b3c06576de3552%26utm_campaign%3D6b175b51%26dci%3Da78338c54c31f13eed1ead04b8be05c7efb8bc51%26id%3D21241%26utm_content%3D4719%26s1%3Ddd%26data2%3D10211d8cd7b29c05c00402f9c02df7%26s3%3D%257Bs3%257D%26tds_ac_id%3Ds9038shm%26tds_id%3Db9918shm_jump_a_1595249771824%26tds_host%3Dbend-me-over.com%26tds_ao%3D1%26_tgUrl%3DaHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy%26utm_source%3Dddm&uaDataValues={%22architecture%22:%22x86%22,%22brands%22:[{%22brand%22:%22Google%20Chrome%22,%22version%22:%22126%22},{%22brand%22:%22Not:A-Brand%22,%22version%22:%228%22},{%22brand%22:%22Chromium%22,%22version%22:%22126%22}],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22Win32%22,%22platformVersion%22:%2210.0.0%22,%22uaFullVersion%22:%22126.0.6478.126%22}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-30.sin52.r.cloudfront.net
Software: nginx / Express
Resource Hash: 33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-Type: application/json; charset=UTF-8
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:30:21 GMT
content-encoding: br
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-powered-by: Express
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding, Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 1U0PbNwtFS6FmbD1LGqt-F7czQ2AY6OKq_TCJSpQ3LWm-SPBiM8Gfg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.freshmarketer.com
URL: https://cdn.freshmarketer.com/399348/1047486.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
meet4singles.com/	1970-01-20 22:22:31	Name: _subid Value: 2tc1bou2kbpih
meet4singles.com/	1970-01-21 07:13:53	Name: b0608 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUzNTgxN1wiOjE3MTk0NzMzOTcsXCI1MjgzMjZcIjoxNzE5NDczMzk3fSxcImNhbXBhaWduc1wiOntcIjIxMjYwNVwiOjE3MTk0NzMzOTcsXCIxXCI6MTcxOTQ3MzM5N30sXCJ0aW1lXCI6MTcxOTQ3MzM5N30ifQ.GeqMolC8iqIa-a1RIEXrnnqegVSxKEmKXCgL5-DRMyA
meet4singles.com/	1970-01-20 22:22:31	Name: _token Value: uuid_2tc1bou2kbpih_2tc1bou2kbpih667d14f58a5174.62499440
m.luvmenow.com/	1970-01-21 06:23:29	Name: afclick Value: 667d14f75ed4d600019b9614
m.luvmenow.com/	1970-01-21 06:23:29	Name: afoffers Value: {"6422":1719473399}
da.off3riz.com/	1970-01-21 06:23:29	Name: enc_aff_session_1543 Value: ENC03faabf932605995da9168bc7de3bb64c7ccd31fc833d5ab2e730fb42427e1d232730e5d0d144b487530e0e3ca5d65f28f69db586941825a9920dcf434a1d15662c482ef49a5a33ea24434f1355be06f95959ad9a96e50907d5f4683e7536997de4af0dcd48ca0a3c579af286fb2d63fe51a5efc9bb01cc92224375fdc239949f718786479
da.off3riz.com/	1970-01-21 07:13:53	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyNi4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiYWNjZXB0X2xhbmd1YWdlIjoiZW4tU0csZW47cT0wLjk7cT0wLjkiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
www.h-trck.com/	1970-01-20 21:39:19	Name: uniqueClick_3QQG7 Value: 6cef01de-ee22-4804-b0a2-ed3774331e21:1719473402
www.h-trck.com/	1970-01-20 23:47:29	Name: transaction_id Value: 4dcb72ea106747618da149a33bdb470a
.vasy.clickmoileclito.com/	1970-01-20 21:39:19	Name: cae58461-fd83-48ff-afa2-d8d89c2ca4be-v4 Value: ebgHnwvOV-XSwh_pvIUpoxM9-yOLphjXH58X_0tWack
.vasy.clickmoileclito.com/	1970-01-21 06:23:29	Name: cc-v4 Value: v6YdgWGWQgPOcceKq5DZKOpQ0jYVORN5sYs%2Bw7Zc%2FKiAA48quLHqmcY%2BRyAgBd6is0Ba7tn3%2FSAVRAmaqtxX20WLifhKx4q1dcwUeiREBkOO90MhNaO%2BKSJasIooFaBQ1GnQAjGR2KrDR55D0wbAvA%3D%3D
da.off3riz.com/	1970-01-20 22:21:05	Name: enc_aff_session_1617 Value: ENC03c3d55308ba26903c3d02d5d5d06f5f8265a254f65dc09c9037898517460f7752d9bcd8ad657123e1a21a8c8ef5a3bab73fdff536ffcf775f8bcf9b93d2ef1f925716b930a50f68817e986bd8a9dde99d2d3d5c3f012a5c20f946054bbabb96f5189bdbc03a3782a61ee322e6e191527c1ab5339c926fb79d049f8461fd8ce56cc7cb0063f6bfc91bca6beda2e92e940f96aae6ff146023a7ee27cd545ab439f01820da1aadb18ddaf56444bf789c288f44a235f896833134023a94eebc11d07719613ae2
.bend-me-over.com/	1970-01-21 06:23:29	Name: dci Value: a78338c54c31f13eed1ead04b8be05c7efb8bc51
bend-me-over.com/	1970-01-20 21:45:05	Name: dm Value: fe450dd0d1dadc615429144d33241f42
bend-me-over.com/	1970-01-21 07:13:53	Name: __bts_cid Value: b640a0aecfa9432e914eacbc21667be4
.retarget2core.com/	1970-01-21 06:23:29	Name: dci Value: 3027f93b1ede74d1da999095e9836ace76b816ef
.bend-me-over.com/	1970-01-21 07:13:53	Name: _ga Value: GA1.2.620911047.1719473418
.bend-me-over.com/	1970-01-20 21:39:19	Name: _gid Value: GA1.2.1948236816.1719473418
.bend-me-over.com/	1970-01-20 21:37:53	Name: _gat_UA-56815649-9 Value: 1
.bend-me-over.com/	1970-01-21 07:13:53	Name: _ga_2Y0VGLH9ZH Value: GS1.2.1719473420.1.1.1719473420.0.0.0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm(Line 16) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.
rendering	warning	URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm Message: [.WebGL-0x38a802a6d500]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels
other	error	URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bend-me-over.com
bts.insigit.com
cdn.freshmarketer.com
cdnjs.cloudflare.com
cupang.online
da.off3riz.com
harem-smrt.com
m.luvmenow.com
meet4singles.com
retarget2core.com
vasy.clickmoileclito.com
wa.sv
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.h-trck.com
cdn.freshmarketer.com
104.17.24.14
13.33.30.40
142.251.175.97
172.104.187.4
172.67.140.202
172.67.155.31
172.67.165.172
172.67.187.194
18.155.68.30
3.110.19.166
34.160.108.161
52.215.125.97
54.206.158.243
64.233.170.102
74.125.24.94
0a3161eb0b1a159ab6b0ce6d926521160d2d1eca60d8f038d6733cc9161929c2
0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6
1752673c0e49d18a681123b02599cfabd55916187431de4f36f50c1323806cc7
1ae9fb176443c493ce4901688cec3bc82da949e4fc6945c5a499e4e48fbc4dd0
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
341891286e02aad359716b2976363f926c510a574f3ec042f10fb056f629f9af
36765069dc707a1f004301bbc55ee5359b317ab1f2cb66ebfff536522c82fc78
57e92412a2113197019947b2ee0b8346207c303d7c4e64ebb847565be6e453c3
5cf3585f2f040f381d74c4d23f4ba5b34ec30cf9301ff94774a1ce70c1be26bc
5e60e6637e6525bd535b050fcceda17a970e00b7fd50bb8165f3e66ad2dd4f27
5fce9212be00180c170ce972175e92605c090c4ecf2f103c3e3197a3527ed4cf
72e69358fa344f2bd1be00400a74600766cf4af15f71abf9b968b3fc3dfc9440
762d6a41d701d26adefa79edb51320a456b5394b50510a4dc1d70acbdbb24d0f
76f4995baba6266e4762ec0a790351b295237367dbd898e5853e8066097f4f84
770349c1793e9805dd4c1ee0f965bdd04997dba4beea08867cdae72fe191d5e9
785ca45f55afe0da33676ebf10e0a2daa261324089a0155393fc60e0e4f1b649
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d293ecdf0404e43a7f5caea9bf3755d3264daee36c52a7e4aa3318fb68df1f
8c039b6e245af3041933a2e283eb929be6c05618616e34ef2b8e3ca2bb368007
9a275f7d4a61150dee22e10a07d68229c1e493000870b5f176011d6f5965e66b
afee828deb4f8539735da36032c0d3ecb40fa5251129ecc432af7a675b299bfb
b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f
b3bdd197284dbd9df257cd9c5afc1b355791130ed158fddf7cbdd24bcc7211b8
b4890f2b54deb4a6fd1b290794fca27ca0a67af66184453eacd99532474f60b3
c9161ba2797a5024ac95900d8e5aaa27e62b7856c151c96410db2e8e3cc5ce63
cf615e80032f96193c070a4dfbc4d3c240e8604a53ee51a5a7abf6719cb2ad31
dc6cc3048edb1453178c0ceb5798edcb9ae6e54eeca91311b17b95a77dffc734
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dedda483c1ee58da9fb3d6f9f9ba972db18d893554a53673a32221bb3d93a701
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe26228f1a864cab3d5ec46c99bed380a8194c2c3ec19ad0f82b2910e901ca54

bend-me-over.com Open in urlscan Pro 18.155.68.30 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

95 %HTTPS

0 %IPv6

16 Domains

16 Subdomains

9 IPs

6 Countries

581 kBTransfer

1129 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bend-me-over.com Open in urlscan Pro
18.155.68.30 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

95 %
HTTPS

0 %
IPv6

16
Domains

16
Subdomains

9
IPs

6
Countries

581 kB
Transfer

1129 kB
Size

20
Cookies

44 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!