bl.more2flirt.com Open in urlscan Pro
151.139.128.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.clicks.dating/a.php?slot=16697
Effective URL:
https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub...
Submission: On January 05 via manual (January 5th 2022, 7:27:06 am UTC) from NL — Scanned from NL

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 11 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to HIGHWINDS3, US. The main domain is bl.more2flirt.com.
TLS certificate: Issued by R3 on November 15th 2021. Valid for: 3 months.

This is the only time bl.more2flirt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	52.57.94.90 52.57.94.90	16509 (AMAZON-02) (AMAZON-02)
2 2	54.228.155.233 54.228.155.233	16509 (AMAZON-02) (AMAZON-02)
6	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
11	3

3 52.57.94.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-94-90.eu-central-1.compute.amazonaws.com

www.clicks.dating	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.155.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-155-233.eu-west-1.compute.amazonaws.com

eu-adsrv.rtbsuperhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

bl.more2flirt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	more2flirt.com bl.more2flirt.com	23 KB
3	clicks.dating www.clicks.dating	13 KB
2	rtbsuperhub.com eu-adsrv.rtbsuperhub.com Failed	1 KB
11	3

	Domain	Requested by
6	bl.more2flirt.com	www.clicks.dating bl.more2flirt.com
3	www.clicks.dating	www.clicks.dating
2	eu-adsrv.rtbsuperhub.com
11	3

This site contains links to these domains. Also see Links.

Domain
www.stackpath.com

Subject Issuer	Validity	Valid
bl.more2flirt.com R3	`2021-11-15` - `2022-02-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb&zz=true&ur-api-fetch-hitid=true
Frame ID: E6EE2003DB46A3262F9F5DCA51EA4F9B
Requests: 9 HTTP requests in this frame

Frame: https://bl.more2flirt.com/sbbi/?sbbpg=sbbShell&gprid=hh
Frame ID: EDE71E059889FD08CBCC9B2CAF9CA668
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

StackPath

Page URL History Show full URLs

http://www.clicks.dating/a.php?slot=16697 Page URL
http://www.clicks.dating/a.php?slot=16697&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2... Page URL
http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly9ldS1hZHNydi5ydGJzdXBlcmh1Yi5jb20vaXI... Page URL
https://eu-adsrv.rtbsuperhub.com/ir/?placement=1822_push_nld_all_MAmail_flat72 HTTP 302
https://eu-adsrv.rtbsuperhub.com/click/?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv... HTTP 302
https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:... Page URL
https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:... Page URL

Page Statistics

11
Requests

55 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

36 kB
Transfer

84 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.stackpath.com/
Title: StackPath

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.clicks.dating/a.php?slot=16697 Page URL
http://www.clicks.dating/a.php?slot=16697&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/96.0.4664.93%20Safari/537.36|lng:nl-NL,nl;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:77.243.189.124&allowcookie=true&setreferrer= Page URL
http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly9ldS1hZHNydi5ydGJzdXBlcmh1Yi5jb20vaXIvP3BsYWNlbWVudD0xODIyX3B1c2hfbmxkX2FsbF9NQW1haWxfZmxhdDcy&hash=cd4bf73f88583658676e4ec186ea37ac&ts=1641367659 Page URL
https://eu-adsrv.rtbsuperhub.com/ir/?placement=1822_push_nld_all_MAmail_flat72 HTTP 302
https://eu-adsrv.rtbsuperhub.com/click/?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb HTTP 302
https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb&zz=true&ur-api-fetch-hitid=true Page URL
https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb&zz=true&ur-api-fetch-hitid=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://eu-adsrv.rtbsuperhub.com/ir/?placement=1822_push_nld_all_MAmail_flat72 HTTP 302
https://eu-adsrv.rtbsuperhub.com/click/?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb HTTP 302
https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb&zz=true&ur-api-fetch-hitid=true

11 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	a.php Show response www.clicks.dating/	32 KB 11 KB	46ms 33ms	Document text/html	52.57.94.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://www.clicks.dating/a.php?slot=16697 Protocol HTTP/1.1 Server 52.57.94.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-94-90.eu-central-1.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Resource Hash `39cad89c5f85eb09f65264f9233259cf58efd04cf11e0784fdf6020a8fd5c8fe` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language nl-NL,nl;q=0.9 Response headers Date Wed, 05 Jan 2022 07:27:01 GMT Content-Type text/html; charset=UTF-8 Content-Length 10794 Connection keep-alive Server Apache/2.4.10 (Debian) Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 Pragma no-cache Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	a.php Show response www.clicks.dating/	874 B 1 KB	334ms 334ms	Document text/html	52.57.94.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://www.clicks.dating/a.php?slot=16697&fp2=AX1\|tz:0\|w:1600\|h:1200\|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/96.0.4664.93%20Safari/537.36\|lng:nl-NL,nl;q=0.9\|Chrome%20PDF%20Plugin\|Chrome%20PDF%20Viewer\|Native%20Client\|IP:77.243.189.124&allowcookie=true&setreferrer= Requested by Host: www.clicks.dating URL: http://www.clicks.dating/a.php?slot=16697 Protocol HTTP/1.1 Server 52.57.94.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-94-90.eu-central-1.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Resource Hash `620a3ebc2a9e3e4d2cd7288cd2a696832652c102dab08494d694709b65b90706` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language nl-NL,nl;q=0.9 Referer http://www.clicks.dating/a.php?slot=16697 Response headers Date Wed, 05 Jan 2022 07:27:01 GMT Content-Type text/html; charset=UTF-8 Content-Length 503 Connection keep-alive Server Apache/2.4.10 (Debian) Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 Pragma no-cache adxsubid adxcost 0.47449477603847 adxzoneid 16697 adxdomain adxmaterialname adxmaterialid 40592 adxcid vewRErmqn1OLY9AYPPyup6yngRunYA9tEUlslw9xLwjKTJIJ0heNC2bHtuTrU3A9 adxcampaignid 12856 Vary Accept-Encoding Content-Encoding gzip
GET		redirect.php www.clicks.dating/delivery/	0 0

GET H/1.1	200 OK	redirect.php Show response www.clicks.dating/delivery/	448 B 518 B	93ms 93ms	Document text/html	52.57.94.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly9ldS1hZHNydi5ydGJzdXBlcmh1Yi5jb20vaXIvP3BsYWNlbWVudD0xODIyX3B1c2hfbmxkX2FsbF9NQW1haWxfZmxhdDcy&hash=cd4bf73f88583658676e4ec186ea37ac&ts=1641367659 Requested by Host: www.clicks.dating URL: http://www.clicks.dating/a.php?slot=16697&fp2=AX1\|tz:0\|w:1600\|h:1200\|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/96.0.4664.93%20Safari/537.36\|lng:nl-NL,nl;q=0.9\|Chrome%20PDF%20Plugin\|Chrome%20PDF%20Viewer\|Native%20Client\|IP:77.243.189.124&allowcookie=true&setreferrer= Protocol HTTP/1.1 Server 52.57.94.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-94-90.eu-central-1.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Resource Hash `4d89217d685e5d1dfbd4fc7c9d3376b9ac4a65f04713c59c68faa56ec0d91631` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language nl-NL,nl;q=0.9 Referer http://www.clicks.dating/a.php?slot=16697&fp2=AX1\|tz:0\|w:1600\|h:1200\|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/96.0.4664.93%20Safari/537.36\|lng:nl-NL,nl;q=0.9\|Chrome%20PDF%20Plugin\|Chrome%20PDF%20Viewer\|Native%20Client\|IP:77.243.189.124&allowcookie=true&setreferrer= Response headers Date Wed, 05 Jan 2022 07:27:01 GMT Content-Type text/html; charset=UTF-8 Content-Length 298 Connection keep-alive Server Apache/2.4.10 (Debian) Vary Accept-Encoding Content-Encoding gzip
GET		/ eu-adsrv.rtbsuperhub.com/ir/	0 0

GET H2	200	sb6000 Show response bl.more2flirt.com/landing/ Redirect Chain https://eu-adsrv.rtbsuperhub.com/ir/?placement=1822_push_nld_all_MAmail_flat72 https://eu-adsrv.rtbsuperhub.com/click/?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca... https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acc...	12 KB 6 KB	122ms 45ms	Document text/html	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb&zz=true&ur-api-fetch-hitid=true Requested by Host: www.clicks.dating URL: http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly9ldS1hZHNydi5ydGJzdXBlcmh1Yi5jb20vaXIvP3BsYWNlbWVudD0xODIyX3B1c2hfbmxkX2FsbF9NQW1haWxfZmxhdDcy&hash=cd4bf73f88583658676e4ec186ea37ac&ts=1641367659 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software fbs / Resource Hash `a9ae05fcd0106cdf3c78a01c32e960b87d201209bef0325f3d740bd692dc2fb1` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language nl-NL,nl;q=0.9 Referer http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly9ldS1hZHNydi5ydGJzdXBlcmh1Yi5jb20vaXIvP3BsYWNlbWVudD0xODIyX3B1c2hfbmxkX2FsbF9NQW1haWxfZmxhdDcy&hash=cd4bf73f88583658676e4ec186ea37ac&ts=1641367659 Response headers date Wed, 05 Jan 2022 07:27:02 GMT cache-control no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 server fbs x-accel-expires 0 x-hw 1641367622.cds081.lo4.hn,1641367622.cds255.lo4.sc,1641367622.cdn2-wafbe01-lhr1.stackpath.systems.-.w,1641367622.cds255.lo4.p access-control-allow-origin * Redirect headers Content-Type text/html; charset=UTF-8 Date Wed, 05 Jan 2022 07:27:02 GMT Location https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb&zz=true&ur-api-fetch-hitid=true Server nginx/1.20.0 Content-Length 0 Connection keep-alive
GET H2	200	/ Show response bl.more2flirt.com/sbbi/ Frame EDE7	25 KB 11 KB	37ms 37ms	Document text/html	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://bl.more2flirt.com/sbbi/?sbbpg=sbbShell&gprid=hh&sbbgs=h40b5fa93316694fec57a9327a3f45bdf288&ddl=0 Requested by Host: bl.more2flirt.com URL: https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb&zz=true&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software fbs / Resource Hash `6f59873bb709cb845efb91bfae62ea57d140ad44d68dddf6df0e7dc880dcd862` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language nl-NL,nl;q=0.9 Referer https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb&zz=true&ur-api-fetch-hitid=true Response headers date Wed, 05 Jan 2022 07:27:02 GMT cache-control no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 server fbs x-accel-expires 0 x-hw 1641367622.cds081.lo4.hn,1641367622.cds283.lo4.sc,1641367622.cdn2-wafbe02-lhr1.stackpath.systems.-.i,1641367622.cds283.lo4.p access-control-allow-origin *
GET H2	200	/ bl.more2flirt.com/sbbi/	43 B 176 B	35ms 34ms	Image image/gif	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://bl.more2flirt.com/sbbi/?sbbpg=utMedia&vii=3h1420fb454faad9c3b3d19616c994afbe7cf5976a39638287fa631fe475cb8djfq2i8i8 Requested by Host: bl.more2flirt.com URL: https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb&zz=true&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software fbs / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb&zz=true&ur-api-fetch-hitid=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers access-control-allow-origin * x-accel-expires 0 date Wed, 05 Jan 2022 07:27:02 GMT cache-control no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0 server fbs x-hw 1641367622.cds081.lo4.hn,1641367622.cds286.lo4.sc,1641367622.cdn2-wafbe03-lhr1.stackpath.systems.-.i,1641367622.cds286.lo4.p content-type image/gif
POST H2	200	/ Show response bl.more2flirt.com/sbbi/ Frame EDE7	516 B 450 B	31ms 30ms	Document text/html	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://bl.more2flirt.com/sbbi/?sbbpg=sbbShell&gprid=hh&sbbgs=h40b5fa93316694fec57a9327a3f45bdf288&ddl=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software fbs / Resource Hash `d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b` Request headers Upgrade-Insecure-Requests 1 Origin https://bl.more2flirt.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language nl-NL,nl;q=0.9 Referer https://bl.more2flirt.com/sbbi/?sbbpg=sbbShell&gprid=hh&sbbgs=h40b5fa93316694fec57a9327a3f45bdf288&ddl=0 Response headers date Wed, 05 Jan 2022 07:27:02 GMT cache-control no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 server fbs x-accel-expires 0 x-hw 1641367622.cds081.lo4.hn,1641367622.cds232.lo4.sc,1641367622.cdn2-wafbe02-lhr1.stackpath.systems.-.i,1641367622.cds232.lo4.p access-control-allow-origin *
GET H2	200	/ bl.more2flirt.com/sbbi/ Frame EDE7	0 0	42ms 42ms	Document text/html	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://bl.more2flirt.com/sbbi/?sbbpg=sbbShell&gprid=hh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software fbs / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language nl-NL,nl;q=0.9 Referer https://bl.more2flirt.com/sbbi/?sbbpg=sbbShell&gprid=hh&sbbgs=h40b5fa93316694fec57a9327a3f45bdf288&ddl=0 Response headers date Wed, 05 Jan 2022 07:27:02 GMT cache-control no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 server fbs x-accel-expires 0 x-hw 1641367622.cds081.lo4.hn,1641367622.cds059.lo4.sc,1641367622.cdn2-redis02-lhr1.stackpath.systems.-.i,1641367622.cds059.lo4.p access-control-allow-origin *
GET H2	200	Primary Request sb6000 Show response bl.more2flirt.com/landing/	11 KB 6 KB	39ms 39ms	Document text/html	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb&zz=true&ur-api-fetch-hitid=true Requested by Host: bl.more2flirt.com URL: https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb&zz=true&ur-api-fetch-hitid=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software fbs / Resource Hash `e44757b4893c5d28b8863048eb326ba68aebdf19f47934b5a82202a7e97b3d9e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language nl-NL,nl;q=0.9 Referer https://bl.more2flirt.com/landing/sb6000?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=61d548461c9ee-741972&uniqueid=cb896f13b5d85acca3df98efc3a13113&name=1822_push_nld_all_MAmail_flat72&newservice=true&cmsid=landing--sb6000&tpcampid=45914c51-cc97-4e87-b742-eba332172de9&imp_tagid=1822_push_nld_all_MAmail_flat72&uid=TP-61d548461c9010.15549639&campaign_lp=1:landing--sb6000&product=fetooweb&zz=true&ur-api-fetch-hitid=true Response headers date Wed, 05 Jan 2022 07:27:02 GMT cache-control no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 server fbs x-accel-expires 0 x-hw 1641367622.cds081.lo4.hn,1641367622.cds255.lo4.sc,1641367622.cdn2-wafbe01-lhr1.stackpath.systems.-.w,1641367622.cds255.lo4.p access-control-allow-origin *
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c6a5ccb9bd577dcd411eea50de94d658b1146f664a9226de9d51b50b9653a863` Request headers Accept-Language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.clicks.dating
URL: http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly9ldS1hZHNydi5ydGJzdXBlcmh1Yi5jb20vaXIvP3BsYWNlbWVudD0xODIyX3B1c2hfbmxkX2FsbF9NQW1haWxfZmxhdDcy&hash=cd4bf73f88583658676e4ec186ea37ac&ts=1641367659

Domain: eu-adsrv.rtbsuperhub.com
URL: https://eu-adsrv.rtbsuperhub.com/ir/?placement=1822_push_nld_all_MAmail_flat72

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| SBM object| VCO

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eu-adsrv.rtbsuperhub.com/ir	1970-01-20 00:39:19	Name: srtbid Value: TP-61d548461c9010.15549639
www.clicks.dating/	1969-12-31 23:59:59	Name: PHPSESSID Value: 33uuvlc6b76daeqfo0ismgb2f2
.www.clicks.dating/	1970-01-20 00:06:12	Name: fp2 Value: 02a4ebd80e5c083192636c0ae4c4787d
bl.more2flirt.com/	1969-12-31 23:59:59	Name: SPSI Value: 312f44adcbd91c9ab7f963688f61e7c8
bl.more2flirt.com/	1969-12-31 23:59:59	Name: SPSE Value: AfidggCjufX9sCAFyHGqXsZjjn5+Kq5TTudVuli3Rb2HEkRbiESR+FIk/duz2ZLtlxTNxBufGIpIt2DAT0PErg==
bl.more2flirt.com/	1969-12-31 23:59:59	Name: PRLST Value: hh
bl.more2flirt.com/	1970-01-20 04:15:19	Name: UTGv2 Value: h40b5fa93316694fec57a9327a3f45bdf288
bl.more2flirt.com/	1969-12-31 23:59:59	Name: adOtr Value: 4f143d2cadb
bl.more2flirt.com/	1970-01-19 23:56:14	Name: spcsrf Value: 743da16821b0079e22270060a337cd01
bl.more2flirt.com/	1970-01-20 00:02:07	Name: SPC Value: G5g+JHlalFD1U0ZibWbs54meVfGMQT9yBs23BUaPpaB0jfzSs541AdpYKOReTbXZmXMN7VvqzCjAAOqil2mRZikbvFEF7s8hcz75VjHaKKiLS5xacUZb5cMYudg0RGp18AvAmRJS9CKywGyZH59V9w==
bl.more2flirt.com/	1970-01-19 23:57:34	Name: sbtsck Value: javfiIrblTB75nSmzQENY+HtZja8F9RyZDMfpoVKCNObrA=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bl.more2flirt.com
eu-adsrv.rtbsuperhub.com
www.clicks.dating
eu-adsrv.rtbsuperhub.com
www.clicks.dating
151.139.128.11
52.57.94.90
54.228.155.233
39cad89c5f85eb09f65264f9233259cf58efd04cf11e0784fdf6020a8fd5c8fe
4d89217d685e5d1dfbd4fc7c9d3376b9ac4a65f04713c59c68faa56ec0d91631
620a3ebc2a9e3e4d2cd7288cd2a696832652c102dab08494d694709b65b90706
6f59873bb709cb845efb91bfae62ea57d140ad44d68dddf6df0e7dc880dcd862
a9ae05fcd0106cdf3c78a01c32e960b87d201209bef0325f3d740bd692dc2fb1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c6a5ccb9bd577dcd411eea50de94d658b1146f664a9226de9d51b50b9653a863
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b
e44757b4893c5d28b8863048eb326ba68aebdf19f47934b5a82202a7e97b3d9e

bl.more2flirt.com Open in urlscan Pro 151.139.128.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

55 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

36 kBTransfer

84 kBSize

11 Cookies

1 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

11 Cookies

Indicators

bl.more2flirt.com Open in urlscan Pro
151.139.128.11 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

55 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

36 kB
Transfer

84 kB
Size

11
Cookies

11 HTTP transactions
1 data transactions