pre.sekssreshta.com - urlscan.io

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 7 HTTP transactions. The main IP is 3.250.255.107, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is pre.sekssreshta.com.

This is the only time pre.sekssreshta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	18.195.123.247 18.195.123.247	16509 (AMAZON-02) (AMAZON-02)
1	3.250.255.107 3.250.255.107	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	18.66.122.53 18.66.122.53	16509 (AMAZON-02) (AMAZON-02)
7	4

1 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.123.247 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com

remparleyfaining.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.250.255.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-250-255-107.eu-west-1.compute.amazonaws.com

pre.sekssreshta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.122.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-53.fra60.r.cloudfront.net

media.sekssreshta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	sekssreshta.com pre.sekssreshta.com media.sekssreshta.com	514 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 720	92 KB
1	remparleyfaining.icu 1 redirects remparleyfaining.icu	755 B
1	exdynsrv.com syndication.exdynsrv.com — Cisco Umbrella Rank: 41741	2 KB
7	4

	Domain	Requested by
4	media.sekssreshta.com	pre.sekssreshta.com media.sekssreshta.com
1	ajax.googleapis.com	pre.sekssreshta.com
1	pre.sekssreshta.com
1	remparleyfaining.icu	1 redirects
1	syndication.exdynsrv.com
7	5

This site contains no links.

Subject Issuer	Validity	Valid
exdynsrv.com R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.sekssreshta.com Amazon RSA 2048 M01	`2023-03-02` - `2024-03-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://pre.sekssreshta.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuc2Vrc3NyZXNodGEuY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0yMDA5NQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=16&fllbck=2&vrnt=MQ%3D%3D&utm_source=we46orfgg24t2a2sig7qs526
Frame ID: FCB9B316EFC657A4B8B94D691326E74E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Твоето секс запознанство

Page URL History Show full URLs

https://syndication.exdynsrv.com/click.php?data=H4sIAAAAAAAAA01STXObQAz9K75wNLPSfh_TZtzWSZuZxsaub8sCqRtjwwJx7... Page URL
https://remparleyfaining.icu/6898c10b-5c41-46fb-a854-cff40627bfe0?campid=4994900&varid=71335438&source=at... HTTP 302
http://pre.sekssreshta.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

71 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

4
IPs

4
Countries

607 kB
Transfer

1601 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://syndication.exdynsrv.com/click.php?data=H4sIAAAAAAAAA01STXObQAz9K75wNLPSfh_TZtzWSZuZxsaub8sCqRtjwwJx7dkfX0GStogZnp6kJ7FaYa2wjEWWQvzZ902X8JsEF_SGsm5cOJSXyu2P..NTuvcD0cpY44Hlc.kFzIWq8rkzUsx9VQmmUOdVyRK.8K5u9kXCb8VrgwTViwsTo4FzKbghqjsNwZfEuX7Iy7QrfxP5XF7OpzBmJijJ790TTXV7Pp8T_Dgl0vc1tdv35aRpjZZcEHM9Hcu3vqgNIlHe9RMj2djSn4ZjHy7kf_j0nfzqFGrXT80o1o2IpWx84LU3EafG69XzrzZv9P1O8s1qvc7WbDMcvGo3wOx9s11fhkPxoPYXgEUBGSyedVjq5a6hbHy8rij6VWUsNNvHoS7uCF5b1fSNbkJbDN.s_iLbcLds70O.DG3b5Lt2u3XGaQdMb1BeTZ6tVsbtruoRt9kGpJKkWf9Ia7Mr4MG_ix8mcYKrjFOTbLuGAbHte9FdxbE.ijrwIVw7zgMcBTaia5n_jDcxsgjKKgHSChX_LiQCZykykYI1KRgT39cX30440rnGiILqBYtcGwIRyKKSUKAFK4qqLHUKUnPgtCmwkmpARK6stFxjtL7yhVeiMMZhVUjAKneYM22lUc47UmP_jcQmm9GNmE3kjMhZjDziFNCoGeA_MP4asvhWNpqYBEdTE6L5QVESRrTxRcWHu1ig1JpmA8BSWZNXjCbNgYZE9NzbP0NYZyg5AwAA&clickX=602&clickY=158 Page URL
https://remparleyfaining.icu/6898c10b-5c41-46fb-a854-cff40627bfe0?campid=4994900&varid=71335438&source=atube.sex&keyword=%&tags=www,atube,sex&siteid=987534&zoneid=4927822&catid=508&country=BGR&format=&cost=0.000001&tag=opc7Tkjqbp7LZ53WTUUVU0Wulc6qW109LpXUyuldO6iy11Fd1V1Fk7rJ7JZp3WT2SzTuldM6V0rpXSumdK6V0zq6ptp7prqduN97I5qrKJqLrbJrqqpbZqXXa8a7a107W25z8bVTT8aZz6S2XVW1565uldmY.m8Zd1Oc6V0rpXSuldK6V0rpXTV3V0zVXU1u22qtt4sz4nmn4mr3urzs33r1n42p4sq0cH2A HTTP 302
http://pre.sekssreshta.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuc2Vrc3NyZXNodGEuY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0yMDA5NQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=16&fllbck=2&vrnt=MQ%3D%3D&utm_source=we46orfgg24t2a2sig7qs526 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK click.php Show response
syndication.exdynsrv.com/ 574 B
2 KB 60ms
27ms Document
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.exdynsrv.com/click.php?data=H4sIAAAAAAAAA01STXObQAz9K75wNLPSfh_TZtzWSZuZxsaub8sCqRtjwwJx7dkfX0GStogZnp6kJ7FaYa2wjEWWQvzZ902X8JsEF_SGsm5cOJSXyu2P..NTuvcD0cpY44Hlc.kFzIWq8rkzUsx9VQmmUOdVyRK.8K5u9kXCb8VrgwTViwsTo4FzKbghqjsNwZfEuX7Iy7QrfxP5XF7OpzBmJijJ790TTXV7Pp8T_Dgl0vc1tdv35aRpjZZcEHM9Hcu3vqgNIlHe9RMj2djSn4ZjHy7kf_j0nfzqFGrXT80o1o2IpWx84LU3EafG69XzrzZv9P1O8s1qvc7WbDMcvGo3wOx9s11fhkPxoPYXgEUBGSyedVjq5a6hbHy8rij6VWUsNNvHoS7uCF5b1fSNbkJbDN.s_iLbcLds70O.DG3b5Lt2u3XGaQdMb1BeTZ6tVsbtruoRt9kGpJKkWf9Ia7Mr4MG_ix8mcYKrjFOTbLuGAbHte9FdxbE.ijrwIVw7zgMcBTaia5n_jDcxsgjKKgHSChX_LiQCZykykYI1KRgT39cX30440rnGiILqBYtcGwIRyKKSUKAFK4qqLHUKUnPgtCmwkmpARK6stFxjtL7yhVeiMMZhVUjAKneYM22lUc47UmP_jcQmm9GNmE3kjMhZjDziFNCoGeA_MP4asvhWNpqYBEdTE6L5QVESRrTxRcWHu1ig1JpmA8BSWZNXjCbNgYZE9NzbP0NYZyg5AwAA&clickX=602&clickY=158
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7bf3b2a892659a2b711737d9c605b594509893a187f7572c0d5716b6ba6d871a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 04 Oct 2023 10:47:10 GMT
Server: nginx
Transfer-Encoding: chunked
X-Robots-Tag: noindex, follow

GET
H/1.1

200
OK

Primary Request campaign Show response
pre.sekssreshta.com/
Redirect Chain

https://remparleyfaining.icu/6898c10b-5c41-46fb-a854-cff40627bfe0?campid=4994900&varid=71335438&source=atube.sex&keyword=%&tags=www,atube,sex&siteid=987534&zoneid=4927822&catid=508&country=BGR&form...
http://pre.sekssreshta.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuc2Vrc3NyZXNodGEuY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0yMDA5NQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%...

12 KB
12 KB

130ms
49ms

Document
text/html

3.250.255.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://pre.sekssreshta.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuc2Vrc3NyZXNodGEuY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0yMDA5NQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=16&fllbck=2&vrnt=MQ%3D%3D&utm_source=we46orfgg24t2a2sig7qs526
Protocol: HTTP/1.1
Server: 3.250.255.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-250-255-107.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: 397c3e07d2876f64cf6db4cf98ad73ce7fde5b7b6644e9fdda57899df93b8b9a

Request headers

Referer: https://syndication.exdynsrv.com/click.php?data=H4sIAAAAAAAAA01STXObQAz9K75wNLPSfh_TZtzWSZuZxsaub8sCqRtjwwJx7dkfX0GStogZnp6kJ7FaYa2wjEWWQvzZ902X8JsEF_SGsm5cOJSXyu2P..NTuvcD0cpY44Hlc.kFzIWq8rkzUsx9VQmmUOdVyRK.8K5u9kXCb8VrgwTViwsTo4FzKbghqjsNwZfEuX7Iy7QrfxP5XF7OpzBmJijJ790TTXV7Pp8T_Dgl0vc1tdv35aRpjZZcEHM9Hcu3vqgNIlHe9RMj2djSn4ZjHy7kf_j0nfzqFGrXT80o1o2IpWx84LU3EafG69XzrzZv9P1O8s1qvc7WbDMcvGo3wOx9s11fhkPxoPYXgEUBGSyedVjq5a6hbHy8rij6VWUsNNvHoS7uCF5b1fSNbkJbDN.s_iLbcLds70O.DG3b5Lt2u3XGaQdMb1BeTZ6tVsbtruoRt9kGpJKkWf9Ia7Mr4MG_ix8mcYKrjFOTbLuGAbHte9FdxbE.ijrwIVw7zgMcBTaia5n_jDcxsgjKKgHSChX_LiQCZykykYI1KRgT39cX30440rnGiILqBYtcGwIRyKKSUKAFK4qqLHUKUnPgtCmwkmpARK6stFxjtL7yhVeiMMZhVUjAKneYM22lUc47UmP_jcQmm9GNmE3kjMhZjDziFNCoGeA_MP4asvhWNpqYBEdTE6L5QVESRrTxRcWHu1ig1JpmA8BSWZNXjCbNgYZE9NzbP0NYZyg5AwAA&clickX=602&clickY=158
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 04 Oct 2023 10:47:10 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.22.0
transfer-encoding: chunked

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Wed, 04 Oct 2023 10:47:10 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: http://pre.sekssreshta.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuc2Vrc3NyZXNodGEuY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0yMDA5NQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=16&fllbck=2&vrnt=MQ%3D%3D&utm_source=we46orfgg24t2a2sig7qs526
pragma: no-cache
server: nginx

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
92 KB 39ms
20ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: pre.sekssreshta.com
URL: http://pre.sekssreshta.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuc2Vrc3NyZXNodGEuY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0yMDA5NQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=16&fllbck=2&vrnt=MQ%3D%3D&utm_source=we46orfgg24t2a2sig7qs526

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://pre.sekssreshta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 12:05:45 GMT
X-Content-Type-Options: nosniff
Age: 168085
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 93100
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 01 Oct 2024 12:05:45 GMT

GET
H2 200 style_media.css
media.sekssreshta.com/media/css/prelandingpage/1/ 177 KB
177 KB 84ms
22ms Stylesheet
text/css 18.66.122.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.sekssreshta.com/media/css/prelandingpage/1/style_media.css?version=1
Requested by: Host: pre.sekssreshta.com
URL: http://pre.sekssreshta.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuc2Vrc3NyZXNodGEuY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0yMDA5NQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=16&fllbck=2&vrnt=MQ%3D%3D&utm_source=we46orfgg24t2a2sig7qs526
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-53.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd4aa13c165ad7aac480a0626dc2fc9d9b5ecf681aa1afb690d867c9616b71da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://pre.sekssreshta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 04:41:24 GMT
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
last-modified: Thu, 26 Apr 2018 18:06:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 21947
etag: "2add3f0016039629025958ba986daf16"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 181150
x-amz-cf-id: 3uBvGyCDeq3uj1vctqSKj-mJ-jCtuLUMqDS0nEIvJladAX9lYU1mqQ==

GET
H2 200 script.js Show response
media.sekssreshta.com/media/js/project/ 1 MB
277 KB 128ms
66ms Script
text/javascript 18.66.122.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.sekssreshta.com/media/js/project/script.js?version=v36
Requested by: Host: pre.sekssreshta.com
URL: http://pre.sekssreshta.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cuc2Vrc3NyZXNodGEuY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0yMDA5NQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=16&fllbck=2&vrnt=MQ%3D%3D&utm_source=we46orfgg24t2a2sig7qs526
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-53.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 243e2462edb86e6b6f67e454bad6dd3ad911e466cd9f4084624130d43e5c251e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://pre.sekssreshta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 12:34:07 GMT
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
last-modified: Tue, 02 Aug 2022 12:13:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 2931184
etag: "54af3851ea56dcf2bb4028540f3ce4c1"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3153600
accept-ranges: bytes
content-length: 283389
x-amz-cf-id: RjeGriVTX6uGgT6pr-DqYzh8NZLJLlOQEcWwPgbSh4kNOb_Jh9z3uw==

GET
H2 403 casual.jpg
media.sekssreshta.com/media/images/landingpage/lp4/ 0
0 144ms
143ms Image
application/xml 18.66.122.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sekssreshta.com/media/images/landingpage/lp4/casual.jpg?version=62
Requested by: Host: media.sekssreshta.com
URL: https://media.sekssreshta.com/media/css/prelandingpage/1/style_media.css?version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-53.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://media.sekssreshta.com/media/css/prelandingpage/1/style_media.css?version=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 landingpages.png
media.sekssreshta.com/media/images/project/ 46 KB
46 KB 21ms
20ms Image
image/png 18.66.122.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sekssreshta.com/media/images/project/landingpages.png?version=62
Requested by: Host: media.sekssreshta.com
URL: https://media.sekssreshta.com/media/css/prelandingpage/1/style_media.css?version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-53.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a3cbdbcae256bbe2a609cd705cebff944e88fa21654c946eb1a3822203e855b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://media.sekssreshta.com/media/css/prelandingpage/1/style_media.css?version=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:37:27 GMT
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
last-modified: Thu, 26 Apr 2018 12:45:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 11384
etag: "c64c6be07e69f7ea1596b06e92ca95eb"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 47228
x-amz-cf-id: S7ZSov8dESMXiBB_yhm8yH_d8_kXVaQa_x8cptNJVbhZQKvv8omR-g==

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.exdynsrv.com/	1970-01-20 15:15:02	Name: c-4994900-71335438 Value: 4994900-71335438
.exdynsrv.com/	1970-01-20 17:23:12	Name: c-tag Value: %7B%22tag-banner%22%3A%22v4%7C%7CDEU%7C4927822%7C71335438%7C0%7C%7C508%7C24%7C0%7C40%7C0%7C2%7C378%7C36959372%7C2950157%7C2950159%7C0%7C1%7C0%7C0%7C0%7C0%7C3%7C0%7C0%7C1%7C651d29194dfee7.15731398719550814%7C9cfcdc64d88a2fd512fba2b079586aca%7C0%7Catube.sex%7C%7C%7C20%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1696416430%7C4eb2202bdd53eb90370f9e2b58a254d2%7Cok%22%7D
.exdynsrv.com/	1970-01-21 00:49:36	Name: __upt Value: %7B%22v%22%3A1%2C%22id%22%3A%22651d29194dfee7.15731398719550814%22%2C%22pcma%22%3A%2220.0199%22%2C%22acma%22%3A%22%22%7D
.remparleyfaining.icu/	1970-01-20 15:15:02	Name: 6898c10b-5c41-46fb-a854-cff40627bfe0-v4 Value: 7DDXKq1ckr5-LRTL-Yw3I1ImUpRcCESbDDn8hIfS93Y
.remparleyfaining.icu/	1970-01-20 23:59:12	Name: cc-v4 Value: OqVTdZXH3LJtqSIjCih%2BiPp8rYfcQrAQH1sc4Pc4qTewgDtZbvz21Vrqh%2BqWifWW3xi5Nz8ycjhz5IdEs2piXbNNDdE9hn8utsJmTBSlFxesAuv6WkvjpiWnLEZflPcjisVTQlLhdCl0rQ5Hrrc%2BTA%3D%3D
pre.sekssreshta.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0oa2q0hr3mgts4ve4emhb9ual3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://media.sekssreshta.com/media/images/landingpage/lp4/casual.jpg?version=62 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
media.sekssreshta.com
pre.sekssreshta.com
remparleyfaining.icu
syndication.exdynsrv.com
18.195.123.247
18.66.122.53
2a00:1450:4001:829::200a
3.250.255.107
95.211.229.247
0a3cbdbcae256bbe2a609cd705cebff944e88fa21654c946eb1a3822203e855b
243e2462edb86e6b6f67e454bad6dd3ad911e466cd9f4084624130d43e5c251e
397c3e07d2876f64cf6db4cf98ad73ce7fde5b7b6644e9fdda57899df93b8b9a
7bf3b2a892659a2b711737d9c605b594509893a187f7572c0d5716b6ba6d871a
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd4aa13c165ad7aac480a0626dc2fc9d9b5ecf681aa1afb690d867c9616b71da

pre.sekssreshta.com Open in urlscan Pro 3.250.255.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

71 %HTTPS

20 %IPv6

4 Domains

5 Subdomains

4 IPs

4 Countries

607 kBTransfer

1601 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

6 Cookies

1 Console Messages

Indicators

pre.sekssreshta.com Open in urlscan Pro
3.250.255.107 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

71 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

4
IPs

4
Countries

607 kB
Transfer

1601 kB
Size

6
Cookies

7 HTTP transactions
0 data transactions