Report - moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm

Report Overview

Submitted URL
moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
IP
185.155.186.18
ASN
#203639 Teknology SA
Submitted
2024-04-18 06:31:47
Access
public
Website Title
Meet local girls in Oslo?
Final URL
moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-18	420 B	5.3 kB	142.250.74.74
moregirlsflirt.life	unknown	unknown	No data	No data	7.7 kB	1.3 MB	185.155.186.18
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	526 B	17 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed
2024-04-18	medium	moregirlsflirt.life	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm	667 B	2024-04-18	2024-04-18
Pretty URL moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm IP 185.155.186.18 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 08:31:53 Last Seen2024-04-18 08:31:53 Times Seen1 Hash 20a3aafbcdcddf64ba2373ad6de47cf2 3423a33a2e9467eb9b1a26d306e2e5ab3dcb316d a582fec09814fa42bbeff92c80d8896cd3271d1493188955961bd98ccb6ac0cb Loading...

	moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm	0 B	2023-03-07	2024-05-01
Pretty URL moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm IP 185.155.186.18 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-01 05:06:34 Times Seen37236588 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	moregirlsflirt.life/util/utils.js	7.5 kB	2023-03-07	2024-05-01
Pretty URL moregirlsflirt.life/util/utils.js IP 185.155.186.18 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-01 01:17:27 Times Seen20828 Hash 01816d15ca03032751161a746e2fb7c3 dcc72ea5fa1356490ba473288159df9786b4a3c3 8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea Loading...

	moregirlsflirt.life/media/tiktok/faptok/js/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-30
Pretty URL moregirlsflirt.life/media/tiktok/faptok/js/jquery-3.3.1.min.js IP 185.155.186.18 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-04-30 00:45:12 Times Seen2994 Hash 378087a64e1394fc51f300bb9c11878c 0c3192b500a4fd550e483cf77a49806a5872185b 4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de Loading...

	moregirlsflirt.life/media/tiktok/faptok/js/main.js	1.8 kB	2023-10-19	2024-04-18
Pretty URL moregirlsflirt.life/media/tiktok/faptok/js/main.js IP 185.155.186.18 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-19 09:33:42 Last Seen2024-04-18 08:31:54 Times Seen16 Hash f04c909429257d488e71be1b339dc598 e88202bdd779e7e8c8bde0c3dbf33c3554579689 702a748e4761a6ab03c7e65f1e9f2f022772e6412d9c0f6945834304fedca613 Loading...

	moregirlsflirt.life/media/tiktok/faptok/js/trls.js	49 kB	2023-10-19	2024-04-18
Pretty URL moregirlsflirt.life/media/tiktok/faptok/js/trls.js IP 185.155.186.18 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-19 09:33:42 Last Seen2024-04-18 08:31:54 Times Seen12 Hash 0a7df12f641552f384ef3be0a7007077 4f3bb83537b25a6bbcaee23f8994e1318b0e0351 132e58bfc1989ba3b8605eb7c82f3e359da1f9c18a0c5ef794dea93071caf821 Loading...

	moregirlsflirt.life/media/bbdt.js	1.1 kB	2023-09-19	2024-04-18
Pretty URL moregirlsflirt.life/media/bbdt.js IP 185.155.186.18 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-19 09:44:25 Last Seen2024-04-18 08:31:54 Times Seen20 Hash d916677e9c4c13cedf4e0c92d57729bd 9efc1e6f2360cbb94dee8b7828bebdb85c12b944 ed8c8e53a2860f204533c7368c68aadaa4169d1e46f7b0ef8015adc7b9587cbb Loading...

	moregirlsflirt.life/media/exit-new/exit1.js	3.5 kB	2023-03-07	2024-05-01
Pretty URL moregirlsflirt.life/media/exit-new/exit1.js IP 185.155.186.18 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-01 01:17:27 Times Seen13374 Hash 625e5e2950612f771e246beb33c9ea61 e4fc251c6c000496c285f8dc3fa097040b031681 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46 Loading...

	moregirlsflirt.life/util/push-dt4/notification-ext.js	44 kB	2024-04-18	2024-04-18
Pretty URL moregirlsflirt.life/util/push-dt4/notification-ext.js IP 185.155.186.18 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:31:53 Last Seen2024-04-18 08:31:54 Times Seen2 Hash abac32869d9f63fb3cf298c3b1c07763 d7db573d2113f15152fe8245a910e86c2469114b d01390d74fced6d81ba0279ce1152a3c3512cd0a7d6bed3e234677d92216479f Loading...

	moregirlsflirt.life/cookie/js.cookie15.js	4.1 kB	2023-09-19	2024-04-18
Pretty URL moregirlsflirt.life/cookie/js.cookie15.js IP 185.155.186.18 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-19 09:44:25 Last Seen2024-04-18 08:31:53 Times Seen19 Hash 65bbeb3210d81c80c6cd1c107b4c9e62 12026c41cbf857483df251e85062b90555459241 91c33ae56b4793659a144e99961144c04ef412120914d660699559bdcf923b61 Loading...

HTTP Transactions (19)

URL IP Response Size

moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm

185.155.186.18

200 OK

7.8 kB

URL User Request GET HTTP/1.1
moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (533), with CRLF line terminators
Size
7.8 kB (7777 bytes)
Hash
cabf1bdfcaaa73a5a55069b362c71fba
bef4ef709fe85daf47ce94b89733f34e30b632e4
b1951fcf2d206c0e4d5b3f0525bb737bd74a77ad28b6b18eb0492e6c4679d98b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: text/html
Content-Length: 7777
Connection: keep-alive
set-cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo; path=/
cache-control: private, no-transform

moregirlsflirt.life/media/tiktok/faptok/css/style.css

185.155.186.18

200 OK

10 kB

URL GET HTTP/1.1
moregirlsflirt.life/media/tiktok/faptok/css/style.css
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
ASCII text, with CRLF line terminators
Size
10 kB (10282 bytes)
Hash
f830629e41b9ea64e5e8f36ed7131d4f
98c3dba829f7d5c7a418f42c7f7dffbe9e0b8211
eb90976f1d72a48f4f2993b51fb7a9b0b5c017adb799a108f2a0412301810d08

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/tiktok/faptok/css/style.css HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: text/css
Content-Length: 10282
Connection: keep-alive
ETag: "f830629e41b9ea64e5e8f36ed7131d4f"
Last-Modified: Tue, 21 Nov 2023 12:30:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C74AA6F7AF75BD
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223569#44107288/gid:0/gname:root/mode:33188/mtime:1689795350#213926943/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2023-07-19T19:35:50.213926943Z
Expires: Fri, 18 Apr 2025 06:31:21 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

moregirlsflirt.life/cookie/js.cookie15.js

185.155.186.18

200 OK

4.1 kB

URL GET HTTP/1.1
moregirlsflirt.life/cookie/js.cookie15.js
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
JavaScript source, ASCII text, with very long lines (1709), with CRLF line terminators
Size
4.1 kB (4132 bytes)
Hash
65bbeb3210d81c80c6cd1c107b4c9e62
12026c41cbf857483df251e85062b90555459241
91c33ae56b4793659a144e99961144c04ef412120914d660699559bdcf923b61

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cookie/js.cookie15.js HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: text/javascript
Content-Length: 4132
Connection: keep-alive
ETag: "65bbeb3210d81c80c6cd1c107b4c9e62"
Last-Modified: Tue, 21 Nov 2023 12:29:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C74AEA46190C8C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223193#727267444/gid:0/gname:root/mode:33188/mtime:1687535825#0/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2023-06-23T15:57:05Z
Expires: Fri, 18 Apr 2025 06:31:21 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

moregirlsflirt.life/util/utils.js

185.155.186.18

200 OK

7.5 kB

URL GET HTTP/1.1
moregirlsflirt.life/util/utils.js
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
JavaScript source, ASCII text, with very long lines (641), with CRLF line terminators
Size
7.5 kB (7512 bytes)
Hash
01816d15ca03032751161a746e2fb7c3
dcc72ea5fa1356490ba473288159df9786b4a3c3
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /util/utils.js HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: application/javascript
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Mon, 20 Feb 2023 09:36:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C74AEA484FEF2F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676885559#334512232/gid:0/gname:root/mode:33188/mtime:1659085489#684136000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:04:49.684136Z
Expires: Fri, 18 Apr 2025 06:31:21 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

moregirlsflirt.life/util/flag-icon/css/flag-icon.css

185.155.186.18

200 OK

41 kB

URL GET HTTP/1.1
moregirlsflirt.life/util/flag-icon/css/flag-icon.css
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
ASCII text, with CRLF line terminators
Size
41 kB (40627 bytes)
Hash
0a47b937981e7389e3ebe63e4a503066
01b395ad016a1d9d15016d765f7d2c51a6e2809b
d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /util/flag-icon/css/flag-icon.css HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: text/css
Content-Length: 40627
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0a47b937981e7389e3ebe63e4a503066"
Last-Modified: Mon, 20 Feb 2023 09:36:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C74AF580DC3931
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676841679#813157920/gid:0/gname:root/mode:33188/mtime:1655386274#684017000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:14.684017Z
Expires: Fri, 18 Apr 2025 06:31:21 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

moregirlsflirt.life/media/tiktok/faptok/js/jquery-3.3.1.min.js

185.155.186.18

200 OK

87 kB

URL GET HTTP/1.1
moregirlsflirt.life/media/tiktok/faptok/js/jquery-3.3.1.min.js
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators
Size
87 kB (86929 bytes)
Hash
378087a64e1394fc51f300bb9c11878c
0c3192b500a4fd550e483cf77a49806a5872185b
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/tiktok/faptok/js/jquery-3.3.1.min.js HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: application/javascript
Content-Length: 86929
Connection: keep-alive
ETag: "378087a64e1394fc51f300bb9c11878c"
Last-Modified: Wed, 20 Sep 2023 15:26:09 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C74BBC0E3E4764
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134512#792035547/gid:0/gname:root/mode:33188/mtime:1688039202#88448258/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2023-06-29T11:46:42.088448258Z
Expires: Fri, 18 Apr 2025 06:31:21 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

moregirlsflirt.life/media/tiktok/faptok/js/main.js

185.155.186.18

200 OK

1.8 kB

URL GET HTTP/1.1
moregirlsflirt.life/media/tiktok/faptok/js/main.js
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.8 kB (1816 bytes)
Hash
f04c909429257d488e71be1b339dc598
e88202bdd779e7e8c8bde0c3dbf33c3554579689
702a748e4761a6ab03c7e65f1e9f2f022772e6412d9c0f6945834304fedca613

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/tiktok/faptok/js/main.js HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: application/javascript
Content-Length: 1816
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "f04c909429257d488e71be1b339dc598"
Last-Modified: Thu, 29 Jun 2023 11:46:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C74BBC108BFA14
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1688039202#536449146/gid:0/gname:root/mode:33188/mtime:1688039202#536449146/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2023-06-29T11:46:42.592Z
Expires: Fri, 18 Apr 2025 06:31:21 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

moregirlsflirt.life/media/bbdt.js

185.155.186.18

200 OK

1.1 kB

URL GET HTTP/1.1
moregirlsflirt.life/media/bbdt.js
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1132 bytes)
Hash
d916677e9c4c13cedf4e0c92d57729bd
9efc1e6f2360cbb94dee8b7828bebdb85c12b944
ed8c8e53a2860f204533c7368c68aadaa4169d1e46f7b0ef8015adc7b9587cbb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/bbdt.js HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: application/javascript
Content-Length: 1132
Connection: keep-alive
ETag: "d916677e9c4c13cedf4e0c92d57729bd"
Last-Modified: Wed, 20 Sep 2023 15:21:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C74C169439533D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134512#756035434/gid:0/gname:root/mode:33188/mtime:1687536460#0/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2023-06-23T16:07:40Z
Expires: Fri, 18 Apr 2025 06:31:21 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

moregirlsflirt.life/media/exit-new/exit1.js

185.155.186.18

200 OK

3.5 kB

URL GET HTTP/1.1
moregirlsflirt.life/media/exit-new/exit1.js
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
JavaScript source, ASCII text, with very long lines (641), with CRLF line terminators
Size
3.5 kB (3473 bytes)
Hash
625e5e2950612f771e246beb33c9ea61
e4fc251c6c000496c285f8dc3fa097040b031681
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/exit-new/exit1.js HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: application/javascript
Content-Length: 3473
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "625e5e2950612f771e246beb33c9ea61"
Last-Modified: Mon, 20 Feb 2023 09:32:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C74C1698430798
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843279#623580037/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z
Expires: Fri, 18 Apr 2025 06:31:21 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

moregirlsflirt.life/media/tiktok/faptok/images/poster.jpg

185.155.186.18

200 OK

67 kB

URL GET HTTP/1.1
moregirlsflirt.life/media/tiktok/faptok/images/poster.jpg
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 606x1080, components 3
Size
67 kB (66645 bytes)
Hash
b7b02d3d1027cbe3136aefe188471b0d
f935e4d4586029aa0e798e3d645ac6139b33eb87
06048bb32bcf38e25e7aa789d1785e4e9b443e4a3b0d49445ffac918473a01b2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/tiktok/faptok/images/poster.jpg HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: image/jpeg
Content-Length: 66645
Connection: keep-alive
ETag: "b7b02d3d1027cbe3136aefe188471b0d"
Last-Modified: Tue, 21 Nov 2023 12:30:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C74B94EE1BFC34
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223569#56107314/gid:0/gname:root/mode:33188/mtime:1688039200#544445198/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2023-06-29T11:46:40.544445198Z
Expires: Fri, 18 Apr 2025 06:31:21 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

moregirlsflirt.life/media/tiktok/faptok/images/logo.png

185.155.186.18

200 OK

3.0 kB

URL GET HTTP/1.1
moregirlsflirt.life/media/tiktok/faptok/images/logo.png
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
PNG image data, 214 x 68, 8-bit/color RGBA, non-interlaced
Size
3.0 kB (2958 bytes)
Hash
bf9af287aec520573d2af4e839270648
5d85652e58cdd0673d34b735e1112408070ec995
1a45bc7df84b0fc27e2a4f75c6e2e8acf42c697256394fe1349ed33539379b37

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/tiktok/faptok/images/logo.png HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: image/png
Content-Length: 2958
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "bf9af287aec520573d2af4e839270648"
Last-Modified: Thu, 29 Jun 2023 11:46:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C74B5B4C13D9B2
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1688039200#136444389/gid:0/gname:root/mode:33188/mtime:1688039200#80444278/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2023-06-29T11:46:40.138Z
Expires: Fri, 18 Apr 2025 06:31:21 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

moregirlsflirt.life/media/tiktok/faptok/js/trls.js

185.155.186.18

200 OK

49 kB

URL GET HTTP/1.1
moregirlsflirt.life/media/tiktok/faptok/js/trls.js
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
Unicode text, UTF-8 text, with very long lines (308), with CRLF line terminators
Size
49 kB (48880 bytes)
Hash
0a7df12f641552f384ef3be0a7007077
4f3bb83537b25a6bbcaee23f8994e1318b0e0351
132e58bfc1989ba3b8605eb7c82f3e359da1f9c18a0c5ef794dea93071caf821

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/tiktok/faptok/js/trls.js HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: text/javascript
Content-Length: 48880
Connection: keep-alive
ETag: "0a7df12f641552f384ef3be0a7007077"
Last-Modified: Tue, 21 Nov 2023 12:30:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C74B94D33F4F38
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223569#72107349/gid:0/gname:root/mode:33188/mtime:1688039203#8450082/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2023-06-29T11:46:43.008450082Z
Expires: Fri, 18 Apr 2025 06:31:21 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

moregirlsflirt.life/util/push-dt4/notification-ext.js

185.155.186.18

200 OK

44 kB

URL GET HTTP/1.1
moregirlsflirt.life/util/push-dt4/notification-ext.js
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (703), with CRLF line terminators
Size
44 kB (43567 bytes)
Hash
abac32869d9f63fb3cf298c3b1c07763
d7db573d2113f15152fe8245a910e86c2469114b
d01390d74fced6d81ba0279ce1152a3c3512cd0a7d6bed3e234677d92216479f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /util/push-dt4/notification-ext.js HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: text/javascript
Content-Length: 43567
Connection: keep-alive
ETag: "abac32869d9f63fb3cf298c3b1c07763"
Last-Modified: Mon, 12 Feb 2024 17:05:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C74B7D31ED275F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1707757533#797025877/gid:0/gname:root/mode:33188/mtime:1707757546#781048365/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-12T17:05:46.81Z
Expires: Fri, 18 Apr 2025 06:31:21 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

moregirlsflirt.life/util/push-dt4/style4.css?v=1.4

185.155.186.18

200 OK

16 kB

URL GET HTTP/1.1
moregirlsflirt.life/util/push-dt4/style4.css?v=1.4
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
ASCII text, with very long lines (15716), with no line terminators
Size
16 kB (15716 bytes)
Hash
643a833b3c4665ace4b23bf73550a2d1
94fd767725ccec36447cc3b292671d1b74698f34
85a45b676efc7c60d6f4fa4bf4ae4bf5b02ce7cdc6b192fe4478f7bb519ffaba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /util/push-dt4/style4.css?v=1.4 HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: text/css
Content-Length: 15716
Connection: keep-alive
ETag: "643a833b3c4665ace4b23bf73550a2d1"
Last-Modified: Tue, 21 Nov 2023 12:30:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C74B7D5367FF16
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223578#560127777/gid:0/gname:root/mode:33188/mtime:1655386320#580109000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:32:00.580109Z
Expires: Fri, 18 Apr 2025 06:31:21 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

moregirlsflirt.life/media/tiktok/faptok/media/video.mp4

185.155.186.18

206 Partial Content

904 kB

URL GET HTTP/1.1
moregirlsflirt.life/media/tiktok/faptok/media/video.mp4
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
904 kB (903450 bytes)
Hash
b343542c8aedd50241ed042dc74d99c4
c1a0a5c60b47cbb175253b7df0a4870db7ac197c
e20d248150bf731e12bb6098187baa85e6eb7df0dc48a5ad750cd819bd4aa4f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/tiktok/faptok/media/video.mp4 HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Server: nginx
Date: Thu, 18 Apr 2024 06:31:21 GMT
Content-Type: video/mp4
Content-Length: 903450
Connection: keep-alive
ETag: "b343542c8aedd50241ed042dc74d99c4"
Last-Modified: Wed, 20 Sep 2023 15:26:09 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C74C170A60AF2C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134512#796035560/gid:0/gname:root/mode:33188/mtime:1688039204#660453356/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2023-06-29T11:46:44.660453356Z
Expires: Fri, 18 Apr 2025 06:31:21 GMT
Cache-Control: max-age=31536000, no-transform
Content-Range: bytes 0-903449/903450

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15752, version 1.0
Size
16 kB (15752 bytes)
Hash
b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://moregirlsflirt.life
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 13:20:59 GMT
expires: Fri, 11 Apr 2025 13:20:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 580222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

moregirlsflirt.life/util/flag-icon/flags/1x1/no.svg

185.155.186.18

200 OK

331 B

URL GET HTTP/1.1
moregirlsflirt.life/util/flag-icon/flags/1x1/no.svg
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type
SVG Scalable Vector Graphics image
Size
331 B (331 bytes)
Hash
d748f0d9f64c0ca1a40a0f6ec6bbb746
a76adb95e9ea9a737c72e4640b8d49b9e28cbb38
bdfbd626e4e76d0dc506e10be7dd429e4c4da684986cbd45e5398f1e9e1f28cc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /util/flag-icon/flags/1x1/no.svg HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://moregirlsflirt.life/util/flag-icon/css/flag-icon.css
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:31:22 GMT
Content-Type: image/svg+xml
Content-Length: 331
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "d748f0d9f64c0ca1a40a0f6ec6bbb746"
Last-Modified: Mon, 20 Feb 2023 09:36:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C74C1FA4F150D4
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676841679#825157938/gid:0/gname:root/mode:33188/mtime:1655386287#980044000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:27.980044Z
Expires: Fri, 18 Apr 2025 06:31:22 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

moregirlsflirt.life/favicon.ico

185.155.186.18

204 No Content

0 B

URL GET HTTP/1.1
moregirlsflirt.life/favicon.ico
IP
185.155.186.18:443
ASN
#203639 Teknology SA

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerLet's Encrypt
Subjectmoregirlsflirt.life
FingerprintBF:23:C1:D0:8D:A8:6F:BE:2B:AC:F8:3A:83:F4:D6:41:A9:5E:B4:B2
ValidityMon, 25 Mar 2024 22:14:31 GMT - Sun, 23 Jun 2024 22:14:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: moregirlsflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sid=t3~tw5uctaylgmk4dzf0b32lbuo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 18 Apr 2024 06:31:22 GMT
Connection: keep-alive
Cache-Control: no-transform

fonts.googleapis.com/css2?family=Roboto:wght@400;900&display=swap

142.250.74.74

200 OK

4.7 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;900&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://moregirlsflirt.life/?u=q9nyu1c&o=w83ky0b&cid=3ve14a41jcfm
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (4786), with no line terminators
Size
4.7 kB (4660 bytes)
Hash
de9edebde7e4d325045588af23269981
a5e8fe7ae2371a75ade452d3bd1d8a93276f23a3
92ad356cef2291bc6b2fc43a7a33ef04e5b816645e9c337e2b4ba133b757af08

HTTP Headers

GET /css2?family=Roboto:wght@400;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:31:21 GMT
date: Thu, 18 Apr 2024 06:31:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML