pre.sekssreshta.com
Open in
urlscan Pro
3.250.255.107
Public Scan
Effective URL: http://pre.sekssreshta.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuc2Vrc3NyZXNodGEuY...
Submission Tags: falconsandbox
Submission: On October 04 via api from US — Scanned from NL
Summary
This is the only time pre.sekssreshta.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 95.211.229.247 95.211.229.247 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
1 1 | 18.195.123.247 18.195.123.247 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 3.250.255.107 3.250.255.107 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::200a | 15169 (GOOGLE) (GOOGLE) | |
4 | 18.66.122.53 18.66.122.53 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 4 |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.exdynsrv.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
remparleyfaining.icu |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-250-255-107.eu-west-1.compute.amazonaws.com
pre.sekssreshta.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-53.fra60.r.cloudfront.net
media.sekssreshta.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
sekssreshta.com
pre.sekssreshta.com media.sekssreshta.com |
514 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 720 |
92 KB |
1 |
remparleyfaining.icu
1 redirects
remparleyfaining.icu |
755 B |
1 |
exdynsrv.com
syndication.exdynsrv.com — Cisco Umbrella Rank: 41741 |
2 KB |
7 | 4 |
Domain | Requested by | |
---|---|---|
4 | media.sekssreshta.com |
pre.sekssreshta.com
media.sekssreshta.com |
1 | ajax.googleapis.com |
pre.sekssreshta.com
|
1 | pre.sekssreshta.com | |
1 | remparleyfaining.icu | 1 redirects |
1 | syndication.exdynsrv.com | |
7 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
exdynsrv.com R3 |
2023-07-23 - 2023-10-21 |
3 months | crt.sh |
*.sekssreshta.com Amazon RSA 2048 M01 |
2023-03-02 - 2024-03-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://pre.sekssreshta.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuc2Vrc3NyZXNodGEuY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0yMDA5NQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=16&fllbck=2&vrnt=MQ%3D%3D&utm_source=we46orfgg24t2a2sig7qs526
Frame ID: FCB9B316EFC657A4B8B94D691326E74E
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
Твоето секс запознанствоPage URL History Show full URLs
- https://syndication.exdynsrv.com/click.php?data=H4sIAAAAAAAAA01STXObQAz9K75wNLPSfh_TZtzWSZuZxsaub8sCqRtjwwJx7... Page URL
-
https://remparleyfaining.icu/6898c10b-5c41-46fb-a854-cff40627bfe0?campid=4994900&varid=71335438&source=at...
HTTP 302
http://pre.sekssreshta.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://syndication.exdynsrv.com/click.php?data=H4sIAAAAAAAAA01STXObQAz9K75wNLPSfh_TZtzWSZuZxsaub8sCqRtjwwJx7dkfX0GStogZnp6kJ7FaYa2wjEWWQvzZ902X8JsEF_SGsm5cOJSXyu2P..NTuvcD0cpY44Hlc.kFzIWq8rkzUsx9VQmmUOdVyRK.8K5u9kXCb8VrgwTViwsTo4FzKbghqjsNwZfEuX7Iy7QrfxP5XF7OpzBmJijJ790TTXV7Pp8T_Dgl0vc1tdv35aRpjZZcEHM9Hcu3vqgNIlHe9RMj2djSn4ZjHy7kf_j0nfzqFGrXT80o1o2IpWx84LU3EafG69XzrzZv9P1O8s1qvc7WbDMcvGo3wOx9s11fhkPxoPYXgEUBGSyedVjq5a6hbHy8rij6VWUsNNvHoS7uCF5b1fSNbkJbDN.s_iLbcLds70O.DG3b5Lt2u3XGaQdMb1BeTZ6tVsbtruoRt9kGpJKkWf9Ia7Mr4MG_ix8mcYKrjFOTbLuGAbHte9FdxbE.ijrwIVw7zgMcBTaia5n_jDcxsgjKKgHSChX_LiQCZykykYI1KRgT39cX30440rnGiILqBYtcGwIRyKKSUKAFK4qqLHUKUnPgtCmwkmpARK6stFxjtL7yhVeiMMZhVUjAKneYM22lUc47UmP_jcQmm9GNmE3kjMhZjDziFNCoGeA_MP4asvhWNpqYBEdTE6L5QVESRrTxRcWHu1ig1JpmA8BSWZNXjCbNgYZE9NzbP0NYZyg5AwAA&clickX=602&clickY=158 Page URL
-
https://remparleyfaining.icu/6898c10b-5c41-46fb-a854-cff40627bfe0?campid=4994900&varid=71335438&source=atube.sex&keyword=%&tags=www,atube,sex&siteid=987534&zoneid=4927822&catid=508&country=BGR&format=&cost=0.000001&tag=opc7Tkjqbp7LZ53WTUUVU0Wulc6qW109LpXUyuldO6iy11Fd1V1Fk7rJ7JZp3WT2SzTuldM6V0rpXSumdK6V0zq6ptp7prqduN97I5qrKJqLrbJrqqpbZqXXa8a7a107W25z8bVTT8aZz6S2XVW1565uldmY.m8Zd1Oc6V0rpXSuldK6V0rpXTV3V0zVXU1u22qtt4sz4nmn4mr3urzs33r1n42p4sq0cH2A
HTTP 302
http://pre.sekssreshta.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuc2Vrc3NyZXNodGEuY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0yMDA5NQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=16&fllbck=2&vrnt=MQ%3D%3D&utm_source=we46orfgg24t2a2sig7qs526 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
click.php
syndication.exdynsrv.com/ |
574 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
campaign
pre.sekssreshta.com/ Redirect Chain
|
12 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ |
91 KB 92 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style_media.css
media.sekssreshta.com/media/css/prelandingpage/1/ |
177 KB 177 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
media.sekssreshta.com/media/js/project/ |
1 MB 277 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
casual.jpg
media.sekssreshta.com/media/images/landingpage/lp4/ |
0 0 |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
landingpages.png
media.sekssreshta.com/media/images/project/ |
46 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| ZeroClipboard function| ucfirst function| toggle function| addInterest function| closeLayer function| openLayer function| hideInterestMatches function| showError function| hideError function| blink function| blink2 object| consents function| consentAction function| setCookie function| getCookie number| i_xhr object| xhr function| citylist function| selectCity function| highlightCity function| protectButton function| unprotectButton function| keypress function| getRandomArbitrary function| _typeof boolean| windowIsDefined function| debounce function| AjaxBootstrapSelect function| AjaxBootstrapSelectList function| AjaxBootstrapSelectRequest function| Slider function| moment function| daterangepicker function| renameFields function| next function| displayStep function| animateLeft function| animateRight6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.exdynsrv.com/ | Name: c-4994900-71335438 Value: 4994900-71335438 |
|
.exdynsrv.com/ | Name: c-tag Value: %7B%22tag-banner%22%3A%22v4%7C%7CDEU%7C4927822%7C71335438%7C0%7C%7C508%7C24%7C0%7C40%7C0%7C2%7C378%7C36959372%7C2950157%7C2950159%7C0%7C1%7C0%7C0%7C0%7C0%7C3%7C0%7C0%7C1%7C651d29194dfee7.15731398719550814%7C9cfcdc64d88a2fd512fba2b079586aca%7C0%7Catube.sex%7C%7C%7C20%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1696416430%7C4eb2202bdd53eb90370f9e2b58a254d2%7Cok%22%7D |
|
.exdynsrv.com/ | Name: __upt Value: %7B%22v%22%3A1%2C%22id%22%3A%22651d29194dfee7.15731398719550814%22%2C%22pcma%22%3A%2220.0199%22%2C%22acma%22%3A%22%22%7D |
|
.remparleyfaining.icu/ | Name: 6898c10b-5c41-46fb-a854-cff40627bfe0-v4 Value: 7DDXKq1ckr5-LRTL-Yw3I1ImUpRcCESbDDn8hIfS93Y |
|
.remparleyfaining.icu/ | Name: cc-v4 Value: OqVTdZXH3LJtqSIjCih%2BiPp8rYfcQrAQH1sc4Pc4qTewgDtZbvz21Vrqh%2BqWifWW3xi5Nz8ycjhz5IdEs2piXbNNDdE9hn8utsJmTBSlFxesAuv6WkvjpiWnLEZflPcjisVTQlLhdCl0rQ5Hrrc%2BTA%3D%3D |
|
pre.sekssreshta.com/ | Name: PHPSESSID Value: 0oa2q0hr3mgts4ve4emhb9ual3 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
media.sekssreshta.com
pre.sekssreshta.com
remparleyfaining.icu
syndication.exdynsrv.com
18.195.123.247
18.66.122.53
2a00:1450:4001:829::200a
3.250.255.107
95.211.229.247
0a3cbdbcae256bbe2a609cd705cebff944e88fa21654c946eb1a3822203e855b
243e2462edb86e6b6f67e454bad6dd3ad911e466cd9f4084624130d43e5c251e
397c3e07d2876f64cf6db4cf98ad73ce7fde5b7b6644e9fdda57899df93b8b9a
7bf3b2a892659a2b711737d9c605b594509893a187f7572c0d5716b6ba6d871a
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd4aa13c165ad7aac480a0626dc2fc9d9b5ecf681aa1afb690d867c9616b71da