urlscan.io logo urlscan.io
SecurityTrails logo

mjwwl.ladiestofuck.com Open in urlscan Pro
2a05:d018:244:5200::ab  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lumen-1794830977.us-east-1.elb.amazonaws.com/?lid=2124537275ea189a9977f1270&email=tgwaits68@gmail.com
Effective URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Submission: On April 24 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 14 domains to perform 22 HTTP transactions. The main IP is 2a05:d018:244:5200::ab, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is mjwwl.ladiestofuck.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 14th 2020. Valid for: 3 months.
This is the only time mjwwl.ladiestofuck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.243.118.239 14618 (AMAZON-AES)
1 1 18.202.12.61 16509 (AMAZON-02)
2 2 35.186.208.178 15169 (GOOGLE)
1 3 99.198.108.196 32475 (SINGLEHOP...)
1 1 212.32.250.31 60781 (LEASEWEB-...)
2 88.208.60.53 39572 (ADVANCEDH...)
1 2a02:b4a:1:7:... 39572 (ADVANCEDH...)
1 1 138.68.123.185 14061 (DIGITALOC...)
1 1 35.159.5.116 16509 (AMAZON-02)
1 1 212.32.252.92 60781 (LEASEWEB-...)
1 2a05:d018:244... 16509 (AMAZON-02)
14 2.16.186.115 20940 (AKAMAI-ASN1)
1 167.99.135.134 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
22 7
1    54.243.118.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-118-239.compute-1.amazonaws.com
lumen-1794830977.us-east-1.elb.amazonaws.com
1    18.202.12.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
track.clktrkd.com
2    35.186.208.178 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 178.208.186.35.bc.googleusercontent.com
www.tmxtrk.com
3    99.198.108.196 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
hey.whydoyouleave.us
1    212.32.250.31 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
rdtrck2.com
2    88.208.60.53 (Heemstede, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
rpket.pro
1    2a02:b4a:1:7::9165:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
nativesp.pro
1    138.68.123.185 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
alktr.com
1    35.159.5.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-5-116.eu-central-1.compute.amazonaws.com
eardepth-prisists.com
1    212.32.252.92 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
clickidnetwork.g2afse.com
1    2a05:d018:244:5200::ab (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
mjwwl.ladiestofuck.com
14    2.16.186.115 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-115.deploy.static.akamaitechnologies.com
cdn-aimi.akamaized.net
1    167.99.135.134 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
geoip-db.com
1    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
Domain Requested by
14 cdn-aimi.akamaized.net mjwwl.ladiestofuck.com
3 hey.whydoyouleave.us 1 redirects hey.whydoyouleave.us
2 rpket.pro hey.whydoyouleave.us
rpket.pro
2 www.tmxtrk.com 2 redirects
1 www.googletagmanager.com mjwwl.ladiestofuck.com
1 geoip-db.com cdn-aimi.akamaized.net
1 mjwwl.ladiestofuck.com rpket.pro
1 clickidnetwork.g2afse.com 1 redirects
1 eardepth-prisists.com 1 redirects
1 alktr.com 1 redirects
1 nativesp.pro rpket.pro
1 rdtrck2.com 1 redirects
1 track.clktrkd.com 1 redirects
1 lumen-1794830977.us-east-1.elb.amazonaws.com 1 redirects
22 14

This site contains no links.

Subject Issuer Validity Valid
hey.whydoyouleave.us
Let's Encrypt Authority X3		 2020-04-07 -
2020-07-06		 3 months crt.sh
rpket.pro
Let's Encrypt Authority X3		 2020-02-19 -
2020-05-19		 3 months crt.sh
nativesp.pro
Sectigo RSA Domain Validation Secure Server CA		 2019-07-17 -
2020-07-16		 a year crt.sh
*.ladiestofuck.com
Let's Encrypt Authority X3		 2020-04-14 -
2020-07-13		 3 months crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2019-08-13 -
2020-08-12		 a year crt.sh
geoip-db.com
Let's Encrypt Authority X3		 2020-03-31 -
2020-06-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Frame ID: 9D6C8584576C6C9A33726F13BA210A14
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://lumen-1794830977.us-east-1.elb.amazonaws.com/?lid=2124537275ea189a9977f1270&email=tgwaits68@gmail.com HTTP 302
    http://track.clktrkd.com/aff_c?offer_id=1507&aff_id=3593&aff_sub=S0MEJ2N1507200424 HTTP 302
    https://www.tmxtrk.com/2C4RDC/433QLM/?sub1=horedirect HTTP 302
    http://www.tmxtrk.com/2C4RDC/D42TT/?__rpt=0&__po=62&__ptid=c5f2780276a74fbe9f37637c0c2364eb&__rpa=... HTTP 302
    https://hey.whydoyouleave.us/?utm_medium=1250ca2c4785593ff83a9089623578e0ba9d6b34&utm_campaign=GR&cid=c0a... Page URL
  2. https://hey.whydoyouleave.us/?utm_term=6819289106825085618&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  3. https://hey.whydoyouleave.us/proc.php?3600f018fc71be4d71ff879b9b6b57431156ea1b HTTP 302
    https://rdtrck2.com/5e67bcce0a918600016573d5?pid=6627-e83e5b3z&partner_id=6627&txn_id=[[txn_id]]... HTTP 302
    https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&... Page URL
  4. https://alktr.com/tb?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&cl... HTTP 302
    https://eardepth-prisists.com/6340d1d7-0f9a-48a5-ac30-859e51d97270?PartnerID=1032494&externalid=knnSNswtxr... HTTP 302
    https://clickidnetwork.g2afse.com/click?pid=98&offer_id=82&sub1=wf7odhqtgvhmpuiu1cquvlfa&sub2=1032494 HTTP 302
    https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

21 %
IPv6

14
Domains

14
Subdomains

7
IPs

5
Countries

5147 kB
Transfer

5324 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lumen-1794830977.us-east-1.elb.amazonaws.com/?lid=2124537275ea189a9977f1270&email=tgwaits68@gmail.com HTTP 302
    http://track.clktrkd.com/aff_c?offer_id=1507&aff_id=3593&aff_sub=S0MEJ2N1507200424 HTTP 302
    https://www.tmxtrk.com/2C4RDC/433QLM/?sub1=horedirect HTTP 302
    http://www.tmxtrk.com/2C4RDC/D42TT/?__rpt=0&__po=62&__ptid=c5f2780276a74fbe9f37637c0c2364eb&__rpa=0&__rc=1&sub1=horedirect&sub2=&sub3=&sub4=&sub5=&source_id= HTTP 302
    https://hey.whydoyouleave.us/?utm_medium=1250ca2c4785593ff83a9089623578e0ba9d6b34&utm_campaign=GR&cid=c0a1e444d86d46b6982a732c43c2fd5e Page URL
  2. https://hey.whydoyouleave.us/?utm_term=6819289106825085618&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e Page URL
  3. https://hey.whydoyouleave.us/proc.php?3600f018fc71be4d71ff879b9b6b57431156ea1b HTTP 302
    https://rdtrck2.com/5e67bcce0a918600016573d5?pid=6627-e83e5b3z&partner_id=6627&txn_id=[[txn_id]]&ref_id=6819289106825085618&af=NL HTTP 302
    https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425 Page URL
  4. https://alktr.com/tb?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425 HTTP 302
    https://eardepth-prisists.com/6340d1d7-0f9a-48a5-ac30-859e51d97270?PartnerID=1032494&externalid=knnSNswtxraQ1laY HTTP 302
    https://clickidnetwork.g2afse.com/click?pid=98&offer_id=82&sub1=wf7odhqtgvhmpuiu1cquvlfa&sub2=1032494 HTTP 302
    https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://lumen-1794830977.us-east-1.elb.amazonaws.com/?lid=2124537275ea189a9977f1270&email=tgwaits68@gmail.com HTTP 302
  • http://track.clktrkd.com/aff_c?offer_id=1507&aff_id=3593&aff_sub=S0MEJ2N1507200424 HTTP 302
  • https://www.tmxtrk.com/2C4RDC/433QLM/?sub1=horedirect HTTP 302
  • http://www.tmxtrk.com/2C4RDC/D42TT/?__rpt=0&__po=62&__ptid=c5f2780276a74fbe9f37637c0c2364eb&__rpa=0&__rc=1&sub1=horedirect&sub2=&sub3=&sub4=&sub5=&source_id= HTTP 302
  • https://hey.whydoyouleave.us/?utm_medium=1250ca2c4785593ff83a9089623578e0ba9d6b34&utm_campaign=GR&cid=c0a1e444d86d46b6982a732c43c2fd5e
Request Chain 2
  • https://hey.whydoyouleave.us/proc.php?3600f018fc71be4d71ff879b9b6b57431156ea1b HTTP 302
  • https://rdtrck2.com/5e67bcce0a918600016573d5?pid=6627-e83e5b3z&partner_id=6627&txn_id=[[txn_id]]&ref_id=6819289106825085618&af=NL HTTP 302
  • https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
hey.whydoyouleave.us/
Redirect Chain
  • http://lumen-1794830977.us-east-1.elb.amazonaws.com/?lid=2124537275ea189a9977f1270&email=tgwaits68@gmail.com
  • http://track.clktrkd.com/aff_c?offer_id=1507&aff_id=3593&aff_sub=S0MEJ2N1507200424
  • https://www.tmxtrk.com/2C4RDC/433QLM/?sub1=horedirect
  • http://www.tmxtrk.com/2C4RDC/D42TT/?__rpt=0&__po=62&__ptid=c5f2780276a74fbe9f37637c0c2364eb&__rpa=0&__rc=1&sub1=horedirect&sub2=&sub3=&sub4=&sub5=&source_id=
  • https://hey.whydoyouleave.us/?utm_medium=1250ca2c4785593ff83a9089623578e0ba9d6b34&utm_campaign=GR&cid=c0a1e444d86d46b6982a732c43c2fd5e
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hey.whydoyouleave.us/?utm_medium=1250ca2c4785593ff83a9089623578e0ba9d6b34&utm_campaign=GR&cid=c0a1e444d86d46b6982a732c43c2fd5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
778b204298aa6a17c002d37ae06c772d6caa1e5f26c8cf8c4827e5ad664de40d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
hey.whydoyouleave.us
:scheme
https
:path
/?utm_medium=1250ca2c4785593ff83a9089623578e0ba9d6b34&utm_campaign=GR&cid=c0a1e444d86d46b6982a732c43c2fd5e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Fri, 24 Apr 2020 14:44:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=333f2d0b49c594f7e6c07a596eff829c; expires=Sat, 24-Apr-2021 14:44:32 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 24 Apr 2020 14:44:32 GMT
Content-Type
text/html; charset=utf-8
Content-Length
165
Location
https://hey.whydoyouleave.us/?utm_medium=1250ca2c4785593ff83a9089623578e0ba9d6b34&utm_campaign=GR&cid=c0a1e444d86d46b6982a732c43c2fd5e
Set-Cookie
uniqueClick_D42TT=9745e106-80fc-4d35-9df2-57497136bbc1:1587739472; Path=/; Expires=Sat, 25 Apr 2020 14:44:32 GMT; SameSite=None transaction_id=c0a1e444d86d46b6982a732c43c2fd5e; Path=/; Expires=Thu, 23 Jul 2020 14:44:32 GMT; SameSite=None
Vary
Origin
X-Eflow-Request-Id
328df58d-f7b4-45e6-bb5a-d6dcc2a3b75b
Via
1.1 google
/
hey.whydoyouleave.us/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hey.whydoyouleave.us/?utm_term=6819289106825085618&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
Requested by
Host: hey.whydoyouleave.us
URL: https://hey.whydoyouleave.us/?utm_medium=1250ca2c4785593ff83a9089623578e0ba9d6b34&utm_campaign=GR&cid=c0a1e444d86d46b6982a732c43c2fd5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
b120f0ebf9c9aac3024af0712485df1ddbafcef8736e3781d5ca77cc9727e6d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
hey.whydoyouleave.us
:scheme
https
:path
/?utm_term=6819289106825085618&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://hey.whydoyouleave.us/?utm_medium=1250ca2c4785593ff83a9089623578e0ba9d6b34&utm_campaign=GR&cid=c0a1e444d86d46b6982a732c43c2fd5e
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
u=333f2d0b49c594f7e6c07a596eff829c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://hey.whydoyouleave.us/?utm_medium=1250ca2c4785593ff83a9089623578e0ba9d6b34&utm_campaign=GR&cid=c0a1e444d86d46b6982a732c43c2fd5e

Response headers

status
200
server
nginx
date
Fri, 24 Apr 2020 14:44:32 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
play
rpket.pro/
Redirect Chain
  • https://hey.whydoyouleave.us/proc.php?3600f018fc71be4d71ff879b9b6b57431156ea1b
  • https://rdtrck2.com/5e67bcce0a918600016573d5?pid=6627-e83e5b3z&partner_id=6627&txn_id=[[txn_id]]&ref_id=6819289106825085618&af=NL
  • https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425
19 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425
Requested by
Host: hey.whydoyouleave.us
URL: https://hey.whydoyouleave.us/?utm_term=6819289106825085618&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.60.53 Heemstede, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
25d4a770d376cc8d751b6ab398599086ca7b59963a3ea9f195b9fbe210bb60ab

Request headers

:method
GET
:authority
rpket.pro
:scheme
https
:path
/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://hey.whydoyouleave.us/?utm_term=6819289106825085618&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://hey.whydoyouleave.us/?utm_term=6819289106825085618&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e#

Response headers

status
200
server
nginx/1.17.3
date
Fri, 24 Apr 2020 14:44:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
truniq=1; expires=Sat, 25-Apr-2020 14:44:32 GMT; Max-Age=86400; path=/; domain=rpket.pro
x-zone
eu
content-encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 24 Apr 2020 14:44:32 GMT
Content-Type
text/html; charset=utf-8
Content-Length
153
Connection
keep-alive
Location
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425
Set-Cookie
redhash=NWVhMmZiNTA5ODlmZDIwMDAxZGRlNDI1fDB8NWU2N2JjY2UwYTkxODYwMDAxNjU3M2Q1fHxmOGYwYzdjZi1jNTgxLTRlYTEtYmM5ZS1iYmFjNDlkZjc4ZjJ8MTU4NzczOTQ3Mg==; Path=/; Domain=rdtrck2.com; Expires=Sat, 24 Apr 2021 14:44:32 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers
Content-Length,Content-Range
rpe
nativesp.pro/ 		0
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nativesp.pro/rpe?a=1&s=1&act=7&src=2&p=1032494&st=1037736&wd=72525&d=rpket.pro&tpl=6&rnd=0.027999738417196385&sbid=&sbid2=
Requested by
Host: rpket.pro
URL: https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 24 Apr 2020 14:44:32 GMT
server
nginx/1.16.1
access-control-allow-origin
*
content-length
0
play.png
rpket.pro/images/play/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rpket.pro/images/play/play.png
Requested by
Host: rpket.pro
URL: https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.60.53 Heemstede, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
b63e6e57adc4e0a10eee845d513258e424b27a7985c510bb252d75eac63af861

Request headers

Referer
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 14:44:32 GMT
last-modified
Tue, 31 Mar 2020 15:20:49 GMT
server
nginx/1.17.3
etag
"5e835fd1-2b07"
content-type
image/png
status
200
accept-ranges
bytes
x-zone
eu4
content-length
11015
Primary Request da57dc555e50572d
mjwwl.ladiestofuck.com/c/
Redirect Chain
  • https://alktr.com/tb?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425
  • https://eardepth-prisists.com/6340d1d7-0f9a-48a5-ac30-859e51d97270?PartnerID=1032494&externalid=knnSNswtxraQ1laY
  • https://clickidnetwork.g2afse.com/click?pid=98&offer_id=82&sub1=wf7odhqtgvhmpuiu1cquvlfa&sub2=1032494
  • https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Requested by
Host: rpket.pro
URL: https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
956bb333a8b55440714fb86ebe5d6c40adf7cacfc5e3bb6bf83fc2a0e57d0957

Request headers

:method
GET
:authority
mjwwl.ladiestofuck.com
:scheme
https
:path
/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://rpket.pro/play?h=waWQiOjEwMzI0OTQsInNpZCI6MTAzNzczNiwid2lkIjo3MjUyNSwic3JjIjoyfQ==eyJ&clickid=5ea2fb50989fd20001dde425

Response headers

status
200
server
nginx
date
Fri, 24 Apr 2020 14:44:33 GMT
content-type
text/html; charset=UTF-8
set-cookie
unique_2864884=unique_2864884; expires=Sat, 25-Apr-2020 14:44:33 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e5240853af04187753300; expires=Sat, 25-Apr-2020 14:44:33 GMT; Max-Age=86400; path=/; HttpOnly unique_2864884=unique_2864884; expires=Sat, 25-Apr-2020 14:44:33 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e5240853af04187753300; expires=Sat, 25-Apr-2020 14:44:33 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=49415_54669_1013893; expires=Sun, 24-May-2020 14:44:33 GMT; Max-Age=2592000; path=/; HttpOnly unique_2864884=unique_2864884; expires=Sat, 25-Apr-2020 14:44:33 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e5240853af04187753300; expires=Sat, 25-Apr-2020 14:44:33 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=49415_54669_1013893; expires=Sun, 24-May-2020 14:44:33 GMT; Max-Age=2592000; path=/; HttpOnly
content-encoding
gzip

Redirect headers

status
302
server
nginx
date
Fri, 24 Apr 2020 14:44:33 GMT
content-type
text/html; charset=utf-8
content-length
162
location
https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
set-cookie
afclick=5ea2fb5174042b0001ffe4cc; Expires=Sat, 24 Apr 2021 14:44:33 GMT; Secure; SameSite=None
style.css
cdn-aimi.akamaized.net/landings/178502/1582041418/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/178502/1582041418/css/style.css?1582041419
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fcbd3c45e0578ac9fcb273add12c5e0e29934d810ad3cb2da92bc2a6c9c9c9cb

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 14:44:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Feb 2020 15:57:03 GMT
Server
AmazonS3
x-amz-request-id
9331B004F229E556
ETag
"f33254d3dea1c968c3b37728161dab68"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1101
x-amz-id-2
hHPZRcrSYw5ATqK76oSHR4W1DIXAmTecfoIH7+d8vWqN0G/4dElk3laShf0zVD0acRRFUVMmwL8=
jquery.min.js
cdn-aimi.akamaized.net/landings/178502/1582041418/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/178502/1582041418/js/jquery.min.js?1582041419
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 14:44:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Feb 2020 15:57:03 GMT
Server
AmazonS3
x-amz-request-id
63ADBC7AF92DC932
ETag
"8101d596b2b8fa35fe3a634ea342d7c3"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33266
x-amz-id-2
X8Z6MlOdypYuVzxWqII+PxS0HoTDFoJ6jQItUPBlRSvwgtN9EXEQsujPVbz+Q83BXsxbfWq74iw=
main.js
cdn-aimi.akamaized.net/landings/178502/1582041418/js/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/178502/1582041418/js/main.js?1582041419
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
62cdbd67f23b178927ee1a93d3f5bb90737f81b747c0ddd7e38dc22ff29dcbf1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 14:44:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Feb 2020 15:57:03 GMT
Server
AmazonS3
x-amz-request-id
104B124A121146D0
ETag
"60db22701df2a6a60c7fa09907a39c91"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33588
x-amz-id-2
WW5ICKZVk0ZYKoi6GvKPMNx6IznQ3eMYddrJqGk+QTUlfwGSfhoRERgarq5me/NZ901SjyR4zTE=
city.js
cdn-aimi.akamaized.net/landings/178502/1582041418/js/ 		312 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/178502/1582041418/js/city.js?1582041419
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2f35b6db2e5aa0a6fc8fec8c5d0573301b707355dfee8a1c3650481c61903405

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 14:44:33 GMT
Last-Modified
Tue, 18 Feb 2020 15:57:03 GMT
Server
AmazonS3
x-amz-request-id
D9B0A0847C7FE0C4
ETag
"8b4e6428d81d6aa88840595aefd8c47a"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
312
x-amz-id-2
km29quJryuItDRWjAq4KOGTMbNxiNE263aFTitAUgw0QpnRjWC83ODvcWgxhYZBZWLax9eo+c8M=
21661978.gif
cdn-aimi.akamaized.net/landings/178502/1582041418/images/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/178502/1582041418/images/21661978.gif
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ce52eab81fb678c6f2f6ef34dd277f53bb7ef0298477453f23fa4388415e2d60

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 14:44:33 GMT
Last-Modified
Tue, 18 Feb 2020 15:57:01 GMT
Server
AmazonS3
x-amz-request-id
71F21141B46E2FBB
ETag
"5eb74c09bf8a3f136045b2684af94cad"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4963652
x-amz-id-2
Es/nBiMGJ4ckSIc1e0zIKUY9Og368EYyf+Q5QjoJRDQD2AzTB7conLR+cLieDxndg/prj4KkRLI=
age_1.jpg
cdn-aimi.akamaized.net/landings/178502/1582041418/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/178502/1582041418/images/age_1.jpg
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
dff3fe0536d75682827e9a418c982591cab7b0b47d13f01f784333f571d8d7be

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 14:44:33 GMT
Last-Modified
Tue, 18 Feb 2020 15:57:00 GMT
Server
AmazonS3
x-amz-request-id
E5EF44AE08000098
ETag
"31dbc7e92e9a88803f63a1679c19b63c"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25069
x-amz-id-2
0FYhN0SyIuQ4pE96gDbD2bayVbdgPxWNMdQrdXp+HK31u0g0U2Uf6AORq0O0LyyBljEj95CzZy8=
age_2.jpg
cdn-aimi.akamaized.net/landings/178502/1582041418/images/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/178502/1582041418/images/age_2.jpg
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
98c80490679521381c8c3e69fbf5f5161c59461c150f603706533e8fda803faa

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 14:44:33 GMT
Last-Modified
Tue, 18 Feb 2020 15:57:00 GMT
Server
AmazonS3
x-amz-request-id
8C71BE9A54DD27BB
ETag
"66282473228d87375ba97d77e5b1e3e8"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29996
x-amz-id-2
R5td1fl/IQQtk7L230eRQ2rxKHKjdXC1ULtkAtW+tQLab10Q4/SSrL1UmfMUr8p468KI+ugtBxw=
relation_1.jpg
cdn-aimi.akamaized.net/landings/178502/1582041418/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/178502/1582041418/images/relation_1.jpg
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7a942ffa40bb4a46442e2fca008159d0e1af051ac9e098da0066d778332b97d5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 14:44:33 GMT
Last-Modified
Tue, 18 Feb 2020 15:57:01 GMT
Server
AmazonS3
x-amz-request-id
7AD44FD496906914
ETag
"f76a79a4fbba87675e033278802e84f3"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23817
x-amz-id-2
lW66XP/ueFZDDSitgeiyUBENU73yw/moEAon1fppG3oeTbYIohz7recvOkfg+gvRSzToaGYX4Sw=
relation_2.jpg
cdn-aimi.akamaized.net/landings/178502/1582041418/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/178502/1582041418/images/relation_2.jpg
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8a2567250eebf57194727acc71b2d56917dbe17c4fc51f7c7eba9021ef0832bb

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 14:44:33 GMT
Last-Modified
Tue, 18 Feb 2020 15:57:01 GMT
Server
AmazonS3
x-amz-request-id
3D47D86ED897DC5C
ETag
"452a9d97d028bb5e84700b8a59c7da41"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23862
x-amz-id-2
63soNL22hz4DXzR9ykP+3Ok1m5SU7pQGuOsPOyTkJLiyA8LmOT5UbShopP7oYg9RtfdFr64QTZo=
body_1.jpg
cdn-aimi.akamaized.net/landings/178502/1582041418/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/178502/1582041418/images/body_1.jpg
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a178b8c490d3cd94fecc651b3caac5f95e1d551505a5217c0138ebb2e3e24fec

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 14:44:33 GMT
Last-Modified
Tue, 18 Feb 2020 15:57:00 GMT
Server
AmazonS3
x-amz-request-id
86485DC01963246F
ETag
"17b7f636c6f58c8ad3dbd5e76291e5d9"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11414
x-amz-id-2
e7sIuMYYb+6n3EXboOu0j6aNC+WGWWWhACIxQ4yt7MEC7QJq3fNXivNxtwKpMIx56EwW0O4nfwI=
body_2.jpg
cdn-aimi.akamaized.net/landings/178502/1582041418/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/178502/1582041418/images/body_2.jpg
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
30dc3998538c9f05b197d67cc037ac19b868f057c9797efdf040ac6730e9a87c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 14:44:33 GMT
Last-Modified
Tue, 18 Feb 2020 15:57:01 GMT
Server
AmazonS3
x-amz-request-id
AA15DE63112E9615
ETag
"74a67e3f65cd36090312dde0abd03f98"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28457
x-amz-id-2
12xgTI0/+CwYST06NrOk+xNOSmNpON5SxpMW33k2GsUbVm4G+fBNpk0A1oZxlnXJ7Cmx8qADPKg=
loading_bar.gif
cdn-aimi.akamaized.net/landings/178502/1582041418/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/178502/1582041418/images/loading_bar.gif
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e803a5532838ac48c33c88264b2fcb9b4e0abac4c2412a38c8d574ba32392de9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 14:44:33 GMT
Last-Modified
Tue, 18 Feb 2020 15:57:01 GMT
Server
AmazonS3
x-amz-request-id
613F1585BC953C79
ETag
"338c564d0d95e777b2ae2d71de917e7d"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33604
x-amz-id-2
XK7l2oMM9r0cOKKY44uDmF5i734UQyc+gnU3eYk7Vqn2GFfYu18Te9KeCyJkRBK5mmkZb4KHJhI=
geoip.php
geoip-db.com/json/ 		216 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip-db.com/json/geoip.php?jsonp=jQuery111206606075813332797_1587739473525&_=1587739473526
Requested by
Host: cdn-aimi.akamaized.net
URL: https://cdn-aimi.akamaized.net/landings/178502/1582041418/js/main.js?1582041419
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.99.135.134 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c7d2a9a7c76a0c7e81e8088a02d36465b1fc1cf8c89c344ab3a4c65cb0e72a9c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 24 Apr 2020 14:44:33 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
gtm.js
www.googletagmanager.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPJGZHL
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b7fd5de4831917130da000d6294b215f33794f9a03ac759b9c4447f978b0864f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 14:44:33 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
21335
x-xss-protection
0
last-modified
Fri, 24 Apr 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Apr 2020 14:44:33 GMT
ok.png
cdn-aimi.akamaized.net/landings/178502/1582041418/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/178502/1582041418/images/ok.png
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1830e45baf458d6f33be7c9dad37452b23416dd49aa4859ed2e24c42849dc6dd

Request headers

Referer
https://cdn-aimi.akamaized.net/landings/178502/1582041418/css/style.css?1582041419
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 14:44:33 GMT
Last-Modified
Tue, 18 Feb 2020 15:57:01 GMT
Server
AmazonS3
x-amz-request-id
5B59D5FDF41FF16C
ETag
"12106b70caf013aa9525ac7ea9752d32"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2405
x-amz-id-2
JhRFFMvInFqt5bw9dZrKWy0NZ6DbT5hxFkrWmx+wFmn2dAKxbripbvrOLzcU6NlE09F/9uznVfQ=
cancel.png
cdn-aimi.akamaized.net/landings/178502/1582041418/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/178502/1582041418/images/cancel.png
Requested by
Host: mjwwl.ladiestofuck.com
URL: https://mjwwl.ladiestofuck.com/c/da57dc555e50572d?s1=54669&s2=1013893&s3=98&click_id=5ea2fb5174042b0001ffe4cc&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5bedeab1791ee238207e6b56efb29a255f99827e07b59c597c6d854239767607

Request headers

Referer
https://cdn-aimi.akamaized.net/landings/178502/1582041418/css/style.css?1582041419
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 14:44:33 GMT
Last-Modified
Tue, 18 Feb 2020 15:57:01 GMT
Server
AmazonS3
x-amz-request-id
003F3A4F19B23F2D
ETag
"eb824f7a8c6c01b577c44a1eae0cda02"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1947
x-amz-id-2
TbHkrolx57FEDc+iQ7rW8/IfAB60w8o01JHvWoSrm3Kxl6eW5vGAIkowNaSBb+bccm49Wp017gU=

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery undefined| jQuery111206606075813332797_1587739473525 object| dataLayer number| randomnumber number| chromeVersion boolean| exit object| google_tag_manager number| th_bridge_jump_step

3 Cookies

Domain/Path Name / Value
mjwwl.ladiestofuck.com/ Name: scriptHash
Value: 49415_54669_1013893
mjwwl.ladiestofuck.com/ Name: unique_id
Value: 5e5240853af04187753300
mjwwl.ladiestofuck.com/ Name: unique_2864884
Value: unique_2864884

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alktr.com
cdn-aimi.akamaized.net
clickidnetwork.g2afse.com
eardepth-prisists.com
geoip-db.com
hey.whydoyouleave.us
lumen-1794830977.us-east-1.elb.amazonaws.com
mjwwl.ladiestofuck.com
nativesp.pro
rdtrck2.com
rpket.pro
track.clktrkd.com
www.googletagmanager.com
www.tmxtrk.com
138.68.123.185
167.99.135.134
18.202.12.61
2.16.186.115
212.32.250.31
212.32.252.92
2a00:1450:4001:817::2008
2a02:b4a:1:7::9165:1
2a05:d018:244:5200::ab
35.159.5.116
35.186.208.178
54.243.118.239
88.208.60.53
99.198.108.196
1830e45baf458d6f33be7c9dad37452b23416dd49aa4859ed2e24c42849dc6dd
25d4a770d376cc8d751b6ab398599086ca7b59963a3ea9f195b9fbe210bb60ab
2f35b6db2e5aa0a6fc8fec8c5d0573301b707355dfee8a1c3650481c61903405
30dc3998538c9f05b197d67cc037ac19b868f057c9797efdf040ac6730e9a87c
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5bedeab1791ee238207e6b56efb29a255f99827e07b59c597c6d854239767607
62cdbd67f23b178927ee1a93d3f5bb90737f81b747c0ddd7e38dc22ff29dcbf1
778b204298aa6a17c002d37ae06c772d6caa1e5f26c8cf8c4827e5ad664de40d
7a942ffa40bb4a46442e2fca008159d0e1af051ac9e098da0066d778332b97d5
8a2567250eebf57194727acc71b2d56917dbe17c4fc51f7c7eba9021ef0832bb
956bb333a8b55440714fb86ebe5d6c40adf7cacfc5e3bb6bf83fc2a0e57d0957
98c80490679521381c8c3e69fbf5f5161c59461c150f603706533e8fda803faa
a178b8c490d3cd94fecc651b3caac5f95e1d551505a5217c0138ebb2e3e24fec
b120f0ebf9c9aac3024af0712485df1ddbafcef8736e3781d5ca77cc9727e6d4
b63e6e57adc4e0a10eee845d513258e424b27a7985c510bb252d75eac63af861
b7fd5de4831917130da000d6294b215f33794f9a03ac759b9c4447f978b0864f
c7d2a9a7c76a0c7e81e8088a02d36465b1fc1cf8c89c344ab3a4c65cb0e72a9c
ce52eab81fb678c6f2f6ef34dd277f53bb7ef0298477453f23fa4388415e2d60
dff3fe0536d75682827e9a418c982591cab7b0b47d13f01f784333f571d8d7be
e803a5532838ac48c33c88264b2fcb9b4e0abac4c2412a38c8d574ba32392de9
fcbd3c45e0578ac9fcb273add12c5e0e29934d810ad3cb2da92bc2a6c9c9c9cb