Report - jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign/index.php

Report Overview

Submitted URL
jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign/index.php
IP
93.115.28.104
ASN
#16125 UAB Cherry Servers
Submitted
2023-03-25 14:14:59
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
jiggasha.com	unknown	2015-06-30T01:03:14Z	2023-03-25T16:45:38Z	1.3 kB	1.7 kB	93.115.28.104
ishku-wbq.com	unknown	2023-03-24T13:11:22Z	2023-03-29T14:46:31Z	1.6 kB	4.0 kB	3.231.116.86
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	52.34.238.244
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-29T10:13:53Z	432 B	1.8 kB	172.217.21.170
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
lpmedia.servefilesonly.com	unknown	2022-03-22T14:18:13Z	2023-03-29T15:15:25Z	6.9 kB	572 kB	104.18.10.149
cdn.onesignal.com	3015	2015-04-22T15:41:50Z	2023-03-29T12:45:09Z	945 B	4.9 kB	104.18.214.59
ww2.teenfinder.com	unknown	2023-01-27T15:28:20Z	2023-03-29T17:24:13Z	678 B	875 B	104.18.24.171
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	3.4 kB	8.9 kB	23.36.77.32
go.proffering.xyz	unknown	2022-06-08T00:13:21Z	2023-03-29T04:29:32Z	554 B	1.3 kB	20.113.188.243
trk.cloudtraff.com	119489	2021-02-23T19:30:34Z	2023-03-29T06:15:24Z	906 B	1.3 kB	104.18.25.64
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	1.4 kB	2.8 kB	142.250.74.131
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-29T05:20:03Z	373 B	31 kB	69.16.175.10
go.gkrtmc.com	unknown	2022-01-24T13:45:18Z	2023-03-29T05:09:45Z	584 B	1.4 kB	172.255.248.105
imedia.servefilesonly.com	unknown	2022-03-22T22:58:22Z	2023-03-29T06:15:24Z	6.0 kB	891 kB	104.18.10.149
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-29T07:56:22Z	929 B	79 kB	104.18.11.207
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T11:19:48Z	960 B	48 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	52 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-25	medium	jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign/index.php	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	lpmedia.servefilesonly.com/js/helpers/validation.js?1024012	8.6 kB	2023-03-09	2024-04-19
Pretty URL lpmedia.servefilesonly.com/js/helpers/validation.js?1024012 IP 104.18.10.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:55:53 Last Seen2024-04-19 15:06:17 Times Seen302 Hash 860a78fd6ed490a9bcb2ea1164899bb1 8d7cca90e830e5b9e909b220ec2c3643630449f0 b56914c53473fc49765ab22a85fed52ae193fe32e7c469f1fdc0aad51186d5ce Loading...

	ww2.teenfinder.com/landing/dd862?clickId=41d61828-c352-44d0-ad0c-e62068362a39&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=41d61828-c352-44d0-ad0c-e62068362a39&tp_redirect_id=41d61828-c352-44d0-ad0c-e62068362a39	2.9 kB	2023-03-26	2023-04-05
Pretty URL ww2.teenfinder.com/landing/dd862?clickId=41d61828-c352-44d0-ad0c-e62068362a39&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=41d61828-c352-44d0-ad0c-e62068362a39&tp_redirect_id=41d61828-c352-44d0-ad0c-e62068362a39 IP 104.18.24.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:45:47 Last Seen2023-04-05 02:05:55 Times Seen29 Hash 99da9f3b42cb021977bc3ad263d17ea5 811f5f95f4ac2a5821f7bfb39828a3e200bbe647 f9b79b8160daa3b8a935a43e1cb3bdda9de21281f1332a136e3392277429d6fb Loading...

	ww2.teenfinder.com/landing/dd862?clickId=41d61828-c352-44d0-ad0c-e62068362a39&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=41d61828-c352-44d0-ad0c-e62068362a39&tp_redirect_id=41d61828-c352-44d0-ad0c-e62068362a39	471 B	2023-03-07	2023-11-12
Pretty URL ww2.teenfinder.com/landing/dd862?clickId=41d61828-c352-44d0-ad0c-e62068362a39&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=41d61828-c352-44d0-ad0c-e62068362a39&tp_redirect_id=41d61828-c352-44d0-ad0c-e62068362a39 IP 104.18.24.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:32 Last Seen2023-11-12 14:28:09 Times Seen41 Hash ffe7a972bf267351a1b66f28659a74fc 53d5bf199335c369709309d8a44d29e13fb889b1 e853683554ff6fdd2e85a2072f6443dbc474e5e07c84c8b7d84fb915b9e152db Loading...

	ishku-wbq.com/zcredirect?visitid=664be696-cb17-11ed-848d-127f134720fb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	141 B	2023-03-25	2023-04-01
Pretty URL ishku-wbq.com/zcredirect?visitid=664be696-cb17-11ed-848d-127f134720fb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP 3.231.116.86 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:20 Last Seen2023-04-01 10:50:53 Times Seen3 Hash 090bcbb74866d0e5c6edff6b1f531db6 13037f9bb016fbc1a8cc6d79ff10870baf1a3aba 0ba3e8d8d791980818c28c4b71d1e2c9bdb17c823afb046946567313370d4572 Loading...

	lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form_helper.js?1024012	3.0 kB	2023-03-07	2024-04-19
Pretty URL lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form_helper.js?1024012 IP 104.18.10.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:02 Last Seen2024-04-19 15:06:17 Times Seen298 Hash c9d92782d7d76c9ff14f6119d2a26cb9 819f552b5c8a91199c337076a9ecd14a9c9249dc 4e75ae93db20aa0df330f606a6f4a2cb92356595cd8361bf65c0eac44148afa8 Loading...

	ww2.teenfinder.com/landing/dd862?clickId=41d61828-c352-44d0-ad0c-e62068362a39&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=41d61828-c352-44d0-ad0c-e62068362a39&tp_redirect_id=41d61828-c352-44d0-ad0c-e62068362a39	2.0 kB	2023-03-10	2023-11-19
Pretty URL ww2.teenfinder.com/landing/dd862?clickId=41d61828-c352-44d0-ad0c-e62068362a39&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=41d61828-c352-44d0-ad0c-e62068362a39&tp_redirect_id=41d61828-c352-44d0-ad0c-e62068362a39 IP 104.18.24.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:32:38 Last Seen2023-11-19 08:46:33 Times Seen10 Hash c83a4df55cf44bcc55fa504628d4c510 223eeda5230393762a83b6bf14a9a874d76bcbb6 6ec41c9259ca639fff00d45807ef47226f2e0a50dfc038a1d65717a067f2e3eb Loading...

	ww2.teenfinder.com/landing/dd862?clickId=41d61828-c352-44d0-ad0c-e62068362a39&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=41d61828-c352-44d0-ad0c-e62068362a39&tp_redirect_id=41d61828-c352-44d0-ad0c-e62068362a39	7.7 kB	2023-03-26	2023-03-29
Pretty URL ww2.teenfinder.com/landing/dd862?clickId=41d61828-c352-44d0-ad0c-e62068362a39&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=41d61828-c352-44d0-ad0c-e62068362a39&tp_redirect_id=41d61828-c352-44d0-ad0c-e62068362a39 IP 104.18.24.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:20:24 Last Seen2023-03-29 23:37:06 Times Seen10 Hash d77cabdd71bdc310be580afeb2210b33 a66ba8458a25591ba846a7fc4a6a7817714cba1a f16f838538ed3b8c48a393de85946691dbc3e0e8a0f8160c64e7061ac4a9b4f0 Loading...

	cdn.onesignal.com/sdks/OneSignalSDK.js	9.2 kB	2023-03-26	2023-04-01
Pretty URL cdn.onesignal.com/sdks/OneSignalSDK.js IP 104.18.214.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 05:33:26 Last Seen2023-04-01 11:08:50 Times Seen397 Hash 8256f101039245592bc7dcc5496ed987 8dad8f5ab79c5d95d30bf70e0aca90ecdbde04b8 459dc02737a8127153538d8b7811fbaff4e4e0ce003936a61f2d06b3975b10e2 Loading...

	lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form.js?1024012	3.9 kB	2023-03-07	2023-07-21
Pretty URL lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form.js?1024012 IP 104.18.10.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:02 Last Seen2023-07-21 21:39:58 Times Seen108 Hash d62dddb2779427142b897be3245580a4 6c36e6106ca5df89802a5e440c3d02031e42b45a b4125c603fd9bb1df2927fa954f952f6e5ebd62d9d51b6458314b78a3df6dfe1 Loading...

	lpmedia.servefilesonly.com/js/popwin.js?1024012	854 B	2023-03-07	2024-04-19
Pretty URL lpmedia.servefilesonly.com/js/popwin.js?1024012 IP 104.18.10.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:48 Last Seen2024-04-19 15:07:14 Times Seen706 Hash 1473163411300cc29cba72790aae07ec 98d09d850ee7d4de2ccef7f897fb9f0af8369db5 10f46a9e64c756a7af5ec1e9793f711be5c81aa8b473edd28f6a0e419cfd0299 Loading...

	lpmedia.servefilesonly.com/widgets/loginFormBuilder/login_form.js	4.3 kB	2023-03-09	2024-01-07
Pretty URL lpmedia.servefilesonly.com/widgets/loginFormBuilder/login_form.js IP 104.18.10.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:55:53 Last Seen2024-01-07 16:48:03 Times Seen224 Hash 1479213289937aa05466c3335806a7d1 7a961f1d0f6d860d062de68e48638ef06d71d52f fe063b5f7fa72c9263d8f48efa0cdaf098b6e04b323fd6a3eade055bedcab884 Loading...

	onesignal.com/api/v1/sync/2da48e0c-2776-48aa-83d4-9ff7ecad3444/web?callback=__jp0	3.4 kB	2023-03-29	2023-03-29
Pretty URL onesignal.com/api/v1/sync/2da48e0c-2776-48aa-83d4-9ff7ecad3444/web?callback=__jp0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:22:43 Last Seen2023-03-29 22:22:43 Times Seen1 Hash 040e780c2b35885a7ce4ad7c2411ccab 71f04591f6ca2369096f510afd57ec64c273a4fa 50edd72c5864cce3495964d7f0a0f6729e5d95843bcfdbafbea1e9ee900948f6 Loading...

	jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign/index.php	438 B	2023-03-29	2023-03-29
Pretty URL jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign/index.php IP 93.115.28.104 ASN #16125 UAB Cherry Servers Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:22:43 Last Seen2023-03-29 22:22:43 Times Seen1 Hash 9b781cb1f03e31903a52c3a5d811c5cf 0aeccceaece76621cc92c0e2b0582ec4cebef850 e1e738a5891d89e05748abc2c79ae52872a32f15cfd9296a1be13256318eeeae Loading...

	ishku-wbq.com/zcvisitor/664be696-cb17-11ed-848d-127f134720fb/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=f841d760-8df2-11ed-b4b7-128084d1ce51	849 B	2023-03-29	2023-03-29
Pretty URL ishku-wbq.com/zcvisitor/664be696-cb17-11ed-848d-127f134720fb/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=f841d760-8df2-11ed-b4b7-128084d1ce51 IP 3.231.116.86 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:22:43 Last Seen2023-03-29 22:22:43 Times Seen1 Hash 1b83be365ecb7b5c17646ab6cd04ac09 02cef4d1aa719568f1f55dfd1b1bfeef039ae68d f4cd91f69ee1002b1c28d4283a48e7184a4420afa368c4c7a82a86a4c7212357 Loading...

	cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600	290 kB	2023-03-26	2023-04-01
Pretty URL cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600 IP 104.18.214.59 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 05:33:27 Last Seen2023-04-01 11:08:32 Times Seen366 Hash 3d37cd0d64713e75df2c67fb7c907496 7158694ef1181f362104acc5dddc6808735fa5b4 19a2e703c09b3d066e18f4426c332665bf08ec02456bcccdb20d2fffe4645ab9 Loading...

	ww2.teenfinder.com/landing/dd862?clickId=41d61828-c352-44d0-ad0c-e62068362a39&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=41d61828-c352-44d0-ad0c-e62068362a39&tp_redirect_id=41d61828-c352-44d0-ad0c-e62068362a39	4.9 kB	2023-03-07	2023-04-09
Pretty URL ww2.teenfinder.com/landing/dd862?clickId=41d61828-c352-44d0-ad0c-e62068362a39&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=41d61828-c352-44d0-ad0c-e62068362a39&tp_redirect_id=41d61828-c352-44d0-ad0c-e62068362a39 IP 104.18.24.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:33:26 Last Seen2023-04-09 11:28:05 Times Seen6 Hash e3fbe4d7b927ded3e619604546a8da30 85d26b6278199866f0dae7da4887eafaf515e18d fddf85bb2d77e113f4bc397c41d8b14408f3e5cc608f5c45fbe759018711957c Loading...

	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-04-19
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-19 23:32:27 Times Seen259921 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	lpmedia.servefilesonly.com/widgets/registrationFormBuilder/step.js?1024012	1.9 kB	2023-03-07	2024-04-19
Pretty URL lpmedia.servefilesonly.com/widgets/registrationFormBuilder/step.js?1024012 IP 104.18.10.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:02 Last Seen2024-04-19 15:06:17 Times Seen299 Hash 393d8503a611b1b6072a53d84e010fb4 7df2aea9dbcd4a927c9815986eab601d0cc2a334 de73d66aa453ef904f76ad9ec2be146492ccc25b7f5bcd81be3b1e04b429a54f Loading...

HTTP Transactions (70)

URL IP Response Size

jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign/index.php

93.115.28.104

200 OK

542 B

URL HTTP/1.1
jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign/index.php
IP
93.115.28.104:0
ASN
#16125 UAB Cherry Servers

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (542), with no line terminators
Size
542 B (542 bytes)
Hash
96c632fb69fd31aec4cb1ff3894e4b49
19b9de52d5adc5ac9a0751f24fda9caca3071bb4
e2b8dbda3adc2bbdd3d0f4ff90726a6fb43f6a0b7451dc5542c081147be6b5be

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bec/docusignOffice2017/docusignOffice2017/docusign/docusign/index.php HTTP/1.1
Host: jiggasha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
Cache-Control: max-age=0, private, must-revalidate
Content-Length: 542
Content-Type: text/html; charset=utf-8
Date: Sat, 25 Mar 2023 14:14:46 GMT
Server: nginx
Set-Cookie: sid=65fe385a-cb17-11ed-8edc-78850df9ed22; path=/; domain=.jiggasha.com; expires=Thu, 12 Apr 2091 17:28:54 GMT; max-age=2147483647; HttpOnly
X-Cache: MISS from shluota
X-Cache-Lookup: MISS from shluota:3128
Via: 1.1 shluota (squid)
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5726
Expires: Sat, 25 Mar 2023 15:50:13 GMT
Date: Sat, 25 Mar 2023 14:14:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7769
Expires: Sat, 25 Mar 2023 16:24:16 GMT
Date: Sat, 25 Mar 2023 14:14:47 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 13:15:26 GMT
content-type: application/json
age: 3561
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14637
Expires: Sat, 25 Mar 2023 18:18:44 GMT
Date: Sat, 25 Mar 2023 14:14:47 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: sX6MzGBpV1hbcp1NOAWkzts39zFcUU9zcfjuL3RHbvZ/mC63Be1R+0c6jNbAYZNyXSPnvwxSC9o=
x-amz-request-id: SZCHRYGF86CARVZ9
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 13:54:56 GMT
age: 1191
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 14:14:47 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign/index.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTc2MDg4NywiaWF0IjoxNjc5NzUzNjg3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdxdTUxcDBqbWQwdXR2NHMwNDc3dTEiLCJuYmYiOjE2Nzk3NTM2ODcsInRzIjoxNjc5NzUzNjg3NDIzMjg0fQ.OnHcj-qVGiZvRsBFee7eU1AYvuWi5cmjIftpmtm06as&sid=65fe385a-cb17-11ed-8edc-78850df9ed22

93.115.28.104

302 Found

11 B

URL HTTP/1.1
jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign/index.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTc2MDg4NywiaWF0IjoxNjc5NzUzNjg3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdxdTUxcDBqbWQwdXR2NHMwNDc3dTEiLCJuYmYiOjE2Nzk3NTM2ODcsInRzIjoxNjc5NzUzNjg3NDIzMjg0fQ.OnHcj-qVGiZvRsBFee7eU1AYvuWi5cmjIftpmtm06as&sid=65fe385a-cb17-11ed-8edc-78850df9ed22
IP
93.115.28.104:0
ASN
#16125 UAB Cherry Servers

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

HTTP Headers

GET /bec/docusignOffice2017/docusignOffice2017/docusign/docusign/index.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTc2MDg4NywiaWF0IjoxNjc5NzUzNjg3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdxdTUxcDBqbWQwdXR2NHMwNDc3dTEiLCJuYmYiOjE2Nzk3NTM2ODcsInRzIjoxNjc5NzUzNjg3NDIzMjg0fQ.OnHcj-qVGiZvRsBFee7eU1AYvuWi5cmjIftpmtm06as&sid=65fe385a-cb17-11ed-8edc-78850df9ed22 HTTP/1.1
Host: jiggasha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign/index.php
Cookie: sid=65fe385a-cb17-11ed-8edc-78850df9ed22
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: max-age=0, private, must-revalidate
Content-Length: 11
Date: Sat, 25 Mar 2023 14:14:47 GMT
Location: http://ishku-wbq.com/zcvisitor/664be696-cb17-11ed-848d-127f134720fb/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=f841d760-8df2-11ed-b4b7-128084d1ce51
Server: nginx
Set-Cookie: sid=65fe385a-cb17-11ed-8edc-78850df9ed22; path=/; domain=.jiggasha.com; expires=Thu, 12 Apr 2091 17:28:55 GMT; max-age=2147483647; HttpOnly
X-Cache: MISS from shluota
X-Cache-Lookup: MISS from shluota:3128
Via: 1.1 shluota (squid)
Connection: keep-alive

ishku-wbq.com/zcvisitor/664be696-cb17-11ed-848d-127f134720fb/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=f841d760-8df2-11ed-b4b7-128084d1ce51

3.231.116.86

200

1.1 kB

URL HTTP/1.1
ishku-wbq.com/zcvisitor/664be696-cb17-11ed-848d-127f134720fb/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=f841d760-8df2-11ed-b4b7-128084d1ce51
IP
3.231.116.86:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1098 bytes)
Hash
88c9b27d8af6f83a94703f381f06a484
48fbe90c754bff9a20735bb436abede4abef4e01
bdfb6f364552624346db90f9788b42a1e1951055ab69facb07ad71c5dda3d9aa

HTTP Headers

GET /zcvisitor/664be696-cb17-11ed-848d-127f134720fb/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=f841d760-8df2-11ed-b4b7-128084d1ce51 HTTP/1.1
Host: ishku-wbq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://jiggasha.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Sat, 25 Mar 2023 14:14:48 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: aZRHehlx

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 13:17:24 GMT
age: 3444
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
70300b32357c46f3448d567189b64cb3
6ba66a5cf63cdbfeaec59b936151cc812bac56df
5a2b4f9fc5ebaa8062058bf68eae75fc28e06c6ef6a0e79c3c761c1d92f81cb9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A2B4F9FC5EBAA8062058BF68EAE75FC28E06C6EF6A0E79C3C761C1D92F81CB9"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10816
Expires: Sat, 25 Mar 2023 17:15:04 GMT
Date: Sat, 25 Mar 2023 14:14:48 GMT
Connection: keep-alive

ishku-wbq.com/zcredirect?visitid=664be696-cb17-11ed-848d-127f134720fb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

3.231.116.86

200

412 B

URL HTTP/1.1
ishku-wbq.com/zcredirect?visitid=664be696-cb17-11ed-848d-127f134720fb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
3.231.116.86:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
412 B (412 bytes)
Hash
3a5f8903ef0ffb3db487251d4e584b95
cebbd92150f3c3a4b348fdeb2191ca9425e8db90
9dd6f3ef5daa835b9c2979ff23a0abf5e43e3bed0f7c0b8c93d745a1e5a0b42c

HTTP Headers

GET /zcredirect?visitid=664be696-cb17-11ed-848d-127f134720fb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: ishku-wbq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ishku-wbq.com/zcvisitor/664be696-cb17-11ed-848d-127f134720fb/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=f841d760-8df2-11ed-b4b7-128084d1ce51
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Sat, 25 Mar 2023 14:14:48 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: VZxopCWl

push.services.mozilla.com/

52.34.238.244

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.34.238.244:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0yHny50pqJhwdqPsa1nGNg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PslQ0Dr0yj201vHq1ELOqg7iSho=

ishku-wbq.com/favicon.ico

3.231.116.86

404

653 B

URL HTTP/1.1
ishku-wbq.com/favicon.ico
IP
3.231.116.86:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size
653 B (653 bytes)
Hash
ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ishku-wbq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ishku-wbq.com/zcredirect?visitid=664be696-cb17-11ed-848d-127f134720fb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

HTTP/1.1 404 
Date: Sat, 25 Mar 2023 14:14:49 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: cCKeCBFY

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d11cf24ea8124ce38b068a56925f421
677979bfd4eb25cf9d6b98c8259f7c3a50970a3f
d4b9726d11bb0d91a1acdafc1933f6ff1bc7f0d8435a7601f8402aa7b908ca3b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4B9726D11BB0D91A1ACDAFC1933F6FF1BC7F0D8435A7601F8402AA7B908CA3B"
Last-Modified: Wed, 22 Mar 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1095
Expires: Sat, 25 Mar 2023 14:33:04 GMT
Date: Sat, 25 Mar 2023 14:14:49 GMT
Connection: keep-alive

go.proffering.xyz/15GRtg?zoneid=badious-buzzard&campaignid=2020224&target=yankee-mop-QPcGY84k&cost=0.001200

20.113.188.243

302 Found

366 B

URL HTTP/1.1
go.proffering.xyz/15GRtg?zoneid=badious-buzzard&campaignid=2020224&target=yankee-mop-QPcGY84k&cost=0.001200
IP
20.113.188.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document, ASCII text, with very long lines (366), with no line terminators
Size
366 B (366 bytes)
Hash
29e807445ea74303119626d5065d83dd
c8fe53a5be10287993b8b5df62b76003b19aa92d
631b454ec30bc1d0fa28047f40565945dc66ef743165bde719ab055c0e910f4b

HTTP Headers

GET /15GRtg?zoneid=badious-buzzard&campaignid=2020224&target=yankee-mop-QPcGY84k&cost=0.001200 HTTP/1.1
Host: go.proffering.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ishku-wbq.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Sat, 25 Mar 2023 14:14:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 366
Connection: keep-alive
X-Powered-By: Express
Set-Cookie: 15GRtgo=20230325171679753980943; domain=.go.proffering.xyz; path=/;expires=Sun, 26 Mar 2023 14:14:49 GMT;  httpOnly=true;SameSite=None; Secure;
_pc_lc_id=15GRtg; domain=.go.proffering.xyz; path=/;expires=Sun, 26 Mar 2023 14:14:49 GMT;  httpOnly=true;SameSite=None; Secure;
peerclickcid=ee3d5d8296780f10a1a8dcfc1dbdd0aa-11246-0325; domain=.go.proffering.xyz; path=/;expires=Sun, 26 Mar 2023 14:14:49 GMT;  httpOnly=true;SameSite=None; Secure;
_norg=1; domain=.go.proffering.xyz; path=/;expires=Sun, 26 Mar 2023 14:14:49 GMT;  httpOnly=true;SameSite=None; Secure;
Location: https://go.gkrtmc.com/aff_c?offer_id=7826&aff_id=64923&url_id=0&aff_sub5=popunder-clickunder&click_id=ee3d5d8296780f10a1a8dcfc1dbdd0aa-11246-0325
Vary: Accept

go.gkrtmc.com/aff_c?offer_id=7826&aff_id=64923&url_id=0&aff_sub5=popunder-clickunder&click_id=ee3d5d8296780f10a1a8dcfc1dbdd0aa-11246-0325

172.255.248.105

302 Found

350 B

URL HTTP/1.1
go.gkrtmc.com/aff_c?offer_id=7826&aff_id=64923&url_id=0&aff_sub5=popunder-clickunder&click_id=ee3d5d8296780f10a1a8dcfc1dbdd0aa-11246-0325
IP
172.255.248.105:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (350), with no line terminators
Size
350 B (350 bytes)
Hash
f710ef0de4ebaea37c201f6dca44dff0
18da1ff5f9a989a71b6bfabaa2650a8e41491084
12af10cc7c4e4fe338b4ba70f2db4874da75efe5a9477891ba6fea9818816882

HTTP Headers

GET /aff_c?offer_id=7826&aff_id=64923&url_id=0&aff_sub5=popunder-clickunder&click_id=ee3d5d8296780f10a1a8dcfc1dbdd0aa-11246-0325 HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ishku-wbq.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 25 Mar 2023 14:14:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 350
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Mon, 24 Apr 2023 14:14:49 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
7826=37_64923_7826_9a8e41a49a655a32535b14d2632373ed; Domain=go.gkrtmc.com; Path=/; Expires=Mon, 24 Apr 2023 14:14:49 GMT
op_7826=0; Domain=go.gkrtmc.com; Path=/; Expires=Mon, 24 Apr 2023 14:14:49 GMT
user_id=d5ddc043-c22f-40ee-9db6-b56ec8599ec9_d251ce214af612b2726d5797d4091827; Domain=go.gkrtmc.com; Path=/; Expires=Thu, 23 Mar 2028 14:14:49 GMT; Secure; SameSite=None
Location: https://trk.cloudtraff.com/9031cb30-13d0-4ee2-af2b-acedf34ce775?o=2791&subPublisher=64923&clicktag=37_64923_7826_9a8e41a49a655a32535b14d2632373ed
Vary: Accept
Cache-Control: no-store, no-cache

trk.cloudtraff.com/9031cb30-13d0-4ee2-af2b-acedf34ce775?o=2791&subPublisher=64923&clicktag=37_64923_7826_9a8e41a49a655a32535b14d2632373ed

104.18.25.64

302 Found

0 B

URL HTTP/2
trk.cloudtraff.com/9031cb30-13d0-4ee2-af2b-acedf34ce775?o=2791&subPublisher=64923&clicktag=37_64923_7826_9a8e41a49a655a32535b14d2632373ed
IP
104.18.25.64:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /9031cb30-13d0-4ee2-af2b-acedf34ce775?o=2791&subPublisher=64923&clicktag=37_64923_7826_9a8e41a49a655a32535b14d2632373ed HTTP/1.1
Host: trk.cloudtraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ishku-wbq.com/
Connection: keep-alive
Cookie: vcid=%7B%22id%22%3A%22a99d2416-3eb7-4ebb-9f7f-2bfb8b8a3fca%22%2C%22firstTime%22%3A%22Jun+6%2C+2022+2%3A04%3A21+PM%22%2C%22visitCount%22%3A1%2C%22firstTimeDay%22%3A%22Jun+6%2C+2022+2%3A04%3A21+PM%22%2C%22visitDays%22%3A1%2C%22origin%22%3A%22routing%22%2C%22lastLocation%22%3A%22routing%22%2C%22ageInSecs%22%3A0%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 25 Mar 2023 14:14:49 GMT
content-length: 0
location: https://ww2.teenfinder.com/landing/dd862?clickId=41d61828-c352-44d0-ad0c-e62068362a39&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=41d61828-c352-44d0-ad0c-e62068362a39&tp_redirect_id=41d61828-c352-44d0-ad0c-e62068362a39
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
set-cookie: attrk=yes;Version=1;Max-Age=86400
vcid=%7B%22id%22%3A%22a99d2416-3eb7-4ebb-9f7f-2bfb8b8a3fca%22%2C%22firstTime%22%3A%22Jun+6%2C+2022+2%3A04%3A21+PM%22%2C%22lastTime%22%3A%22Mar+25%2C+2023+2%3A14%3A49+PM%22%2C%22visitCount%22%3A2%2C%22firstTimeDay%22%3A%22Mar+25%2C+2023+2%3A14%3A49+PM%22%2C%22visitDays%22%3A2%2C%22origin%22%3A%22routing%22%2C%22lastLocation%22%3A%22routing%22%2C%22ageInSecs%22%3A25229428%7D;Version=1;Domain=cloudtraff.com;Path=/;Max-Age=2147483647;Expires=Thu, 12 Apr 2091 17:28:56 GMT
__cf_bm=NEtWfN99wNW_JNyscmSuKWjqgAqnRzHBslyipBl_mwI-1679753689-0-AXJ7laIMJtRTLqAZVlo/OqyfyBBcrut0lVJeLAs+Bk/74hDI+cOHTkky3tHbOpZ6KF9ul7HUFz7E0Wpm202i40g=; path=/; expires=Sat, 25-Mar-23 14:44:49 GMT; domain=.cloudtraff.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad7c3302ea91bfa-OSL
X-Firefox-Spdy: h2

imedia.servefilesonly.com/4a2de243-baf2-492a-98b1-65afd93710f6_dd_fsk18_friendbox_20.jpg

104.18.10.149

200 OK

47 kB

URL HTTP/2
imedia.servefilesonly.com/4a2de243-baf2-492a-98b1-65afd93710f6_dd_fsk18_friendbox_20.jpg
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Size
47 kB (46828 bytes)
Hash
77d4367a8de9f9bfc6121776837d0ce0
4001f883967a85ed418888f4199011fa6cf71d54
13569bd991c86f0246dcf751127f142de89030a357e60c4f2060b23095eed633

HTTP Headers

GET /4a2de243-baf2-492a-98b1-65afd93710f6_dd_fsk18_friendbox_20.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/jpeg
content-length: 46828
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "77d4367a8de9f9bfc6121776837d0ce0"
last-modified: Thu, 15 Oct 2020 02:13:10 GMT
x-hw: 1654671305.cds067.sk1.hn,1654671305.cds243.sk1.c
cf-cache-status: HIT
age: 325855
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=xdLn5Kdj8bDHBXUIxtmQMc99SJw4H97xXW0udAGTjQg-1679753690-0-AfO9baYZk9F7w88h8/AGJnuD4k4SgvRwjj2of9ucjJE2wfQKJEsmoYCN5MKkRPUraDLtJzRYZcWqiidlgojFU9Y=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c332ec6ab4ed-OSL
X-Firefox-Spdy: h2

imedia.servefilesonly.com/8ff41f3a-99c0-47cd-a301-c96b90892d69_dd_fsk18_picturebox_19.jpg

104.18.10.149

200 OK

54 kB

URL HTTP/2
imedia.servefilesonly.com/8ff41f3a-99c0-47cd-a301-c96b90892d69_dd_fsk18_picturebox_19.jpg
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x480, components 3\012- data
Size
54 kB (53935 bytes)
Hash
87bae35ce35b537c2ac89642a49abf48
6f5de2b74422f779aeedd4549069566b42270cf7
065087ee1cd17e864757b59fdd8e1e5586ce35effc409dc7de8565ddb194a166

HTTP Headers

GET /8ff41f3a-99c0-47cd-a301-c96b90892d69_dd_fsk18_picturebox_19.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/jpeg
content-length: 53935
cf-bgj: h2pri
etag: "87bae35ce35b537c2ac89642a49abf48"
last-modified: Thu, 15 Oct 2020 02:13:17 GMT
vary: Accept-Encoding
via: 1.1 21258ec71c1aa4499bcd08c6ad0eba38.cloudfront.net (CloudFront)
x-amz-cf-id: Iu9hcjO4OBZKG5v_hfHJBtRo9jYEMLPgFjDmvJdZSvK9tTeKxKQPZQ==
x-amz-cf-pop: ARN1-C1
x-cache: Hit from cloudfront
cf-cache-status: HIT
age: 201955
expires: Sun, 02 Apr 2023 14:14:50 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
set-cookie: __cf_bm=3PXRB71zB3fXOipRgk7tbyPsfQa_gahcx6ZTV.d.LF4-1679753690-0-AXi/Jo0xHuysuEUaa6OrqkivKMIOSPMCAzf+rJjATmQxNRH00nlZjl+BYaQngTqciZeZUrbjCdVZCoamePHg+lQ=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad7c332ec62b4ed-OSL
X-Firefox-Spdy: h2

imedia.servefilesonly.com/40e57ac9-5afc-42c8-a1e8-83784777241e_dd_fsk18_friendbox_16.jpg

104.18.10.149

200 OK

39 kB

URL HTTP/2
imedia.servefilesonly.com/40e57ac9-5afc-42c8-a1e8-83784777241e_dd_fsk18_friendbox_16.jpg
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Size
39 kB (39173 bytes)
Hash
e9d97ab74fd62cedf5f2702b838f1995
34cb535c983cc07ef05cbd598592a7764bbf3b9e
e4c8d4b5935d1887ae21a7280b2470aef78d14646e81c26fd13ea87e78bed9d3

HTTP Headers

GET /40e57ac9-5afc-42c8-a1e8-83784777241e_dd_fsk18_friendbox_16.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/jpeg
content-length: 39173
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "e9d97ab74fd62cedf5f2702b838f1995"
last-modified: Thu, 15 Oct 2020 02:13:08 GMT
x-hw: 1654671305.cds213.sk1.hn,1654671305.cds202.sk1.c
cf-cache-status: HIT
age: 330764
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=kSD5gL3BKAa7zReCKpV04HT7kJxjEtmkI_gdLnOAeEU-1679753690-0-Ac8/7O8z2xX5y1758XJRxywhIQgPrmO5IPNjFvMRz2KACXOBqxf2y9NQtTwIY1+zc1yJ0nnb/AOB3uZEqYXblZE=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c332ec67b4ed-OSL
X-Firefox-Spdy: h2

imedia.servefilesonly.com/e76cc476-c317-43cb-9810-0a89dac02dac_dd_fsk18_friendbox_19.jpg

104.18.10.149

200 OK

45 kB

URL HTTP/2
imedia.servefilesonly.com/e76cc476-c317-43cb-9810-0a89dac02dac_dd_fsk18_friendbox_19.jpg
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Size
45 kB (44783 bytes)
Hash
b88c9e25d130061e33aff91d08d15739
f9f5ff1e16bb706d70eaaa8a332a8e8dad2e47d4
18b190915c86aa4356d83d6ba4ec3ce927f2b17232b6ecb313c0bdadd5030d12

HTTP Headers

GET /e76cc476-c317-43cb-9810-0a89dac02dac_dd_fsk18_friendbox_19.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/jpeg
content-length: 44783
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "b88c9e25d130061e33aff91d08d15739"
last-modified: Thu, 15 Oct 2020 02:13:09 GMT
x-hw: 1654671305.cds021.sk1.hn,1654671305.cds257.sk1.c
cf-cache-status: HIT
age: 325855
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=4Eqhq2vJZdoK2S7IxWhgPVZ8Mys_6.TThnGX9OFCCe4-1679753690-0-AZJYFjRpLG76/rDQRLh3pecyDnPAEgKABB18XbvTwLe+7AE0CqbkJnxXRueEykEOz0HMVea+RnHOp1hIvL/zc6Q=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c332ec6bb4ed-OSL
X-Firefox-Spdy: h2

imedia.servefilesonly.com/18e507c8-2a5d-4b39-9077-6d75a11d812f_dd_fsk18_picturebox_22.jpg

104.18.10.149

200 OK

86 kB

URL HTTP/2
imedia.servefilesonly.com/18e507c8-2a5d-4b39-9077-6d75a11d812f_dd_fsk18_picturebox_22.jpg
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x480, components 3\012- data
Size
86 kB (86458 bytes)
Hash
c61b98ac49012b768cd06d8921ac7c38
df4df54f22a450e01acbc29777bf8a38a6948f60
9e01c46f8546629d13640c9b903e50770811d6f6ade37a5214c33be4305a3399

HTTP Headers

GET /18e507c8-2a5d-4b39-9077-6d75a11d812f_dd_fsk18_picturebox_22.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/jpeg
content-length: 86458
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "c61b98ac49012b768cd06d8921ac7c38"
last-modified: Thu, 15 Oct 2020 02:13:19 GMT
x-hw: 1654671305.cds264.sk1.hn,1654671305.cds225.sk1.c
cf-cache-status: HIT
age: 330764
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=MruY5iIQlS.LaNNmk3ZLX.VX84qc2W2H98Y_BmpiSTQ-1679753690-0-AS0EQ9xBlNw+kjxmM0bUCZFND3DzAlw0O31/TguAHkExYMERpG5dNZvj4etdOxy8dJ1/Gvi5k+tk2mhNXKaaYss=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c332ec69b4ed-OSL
X-Firefox-Spdy: h2

imedia.servefilesonly.com/73619dad-5dc7-41a4-b087-6b4342cbfee2_dd_fsk18_friendbox_18.jpg

104.18.10.149

200 OK

62 kB

URL HTTP/2
imedia.servefilesonly.com/73619dad-5dc7-41a4-b087-6b4342cbfee2_dd_fsk18_friendbox_18.jpg
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Size
62 kB (61487 bytes)
Hash
bc0c7d6172408aac22b4aa4f95919a64
035ff2bb8674e72828dec1cf1c4fc41011876990
5701d57d6b126bfa14b4d031e95e0fcb3a6f23419738d3f99c01af6b589fdcd8

HTTP Headers

GET /73619dad-5dc7-41a4-b087-6b4342cbfee2_dd_fsk18_friendbox_18.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/jpeg
content-length: 61487
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "bc0c7d6172408aac22b4aa4f95919a64"
last-modified: Thu, 15 Oct 2020 02:13:09 GMT
x-hw: 1654671305.cds202.sk1.hn,1654671305.cds254.sk1.c
cf-cache-status: HIT
age: 330764
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=CjY3nWsV0fy84vstKdg0n.m9v3yyp1I5Y40yIB_oEEY-1679753690-0-ASGlHTCtbOreuichMp0DwasEi57kSQcBUxIlpFOnIu4gYZFVUi9+9F25ozQWRpdRmgkgVGsdzUtCsPnhOTmnySc=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c332fc6eb4ed-OSL
X-Firefox-Spdy: h2

imedia.servefilesonly.com/d3e2de6a-974d-4414-a6a5-c218ac9f2d9d_dd_fsk18_picturebox_18.jpg

104.18.10.149

200 OK

48 kB

URL HTTP/2
imedia.servefilesonly.com/d3e2de6a-974d-4414-a6a5-c218ac9f2d9d_dd_fsk18_picturebox_18.jpg
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x480, components 3\012- data
Size
48 kB (48024 bytes)
Hash
73dd854f50b0d9ffb5a9f193320bb848
43b2d6531bf2aa17f1f120db5bc3a0a07806d0bc
61f956916eb3b700e7a1d1f416f31c4d3adefe0d509f2dc24c14789986ffdc3c

HTTP Headers

GET /d3e2de6a-974d-4414-a6a5-c218ac9f2d9d_dd_fsk18_picturebox_18.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/jpeg
content-length: 48024
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "73dd854f50b0d9ffb5a9f193320bb848"
last-modified: Thu, 15 Oct 2020 02:13:17 GMT
x-hw: 1654671305.cds257.sk1.hn,1654671305.cds206.sk1.c
cf-cache-status: HIT
age: 330764
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=vBWQqG1w6KByzxesqvVohJgMmyW483aQAZf1RmYNuz8-1679753690-0-AS2YVfVSHcCvyC/6e533BXrk3fqtlx+L2AjDp7Ix8sYkskAZ9Ttw7r30tECkLKTsH8M4SPNB5rQY7SLCr9jsnUk=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c332fc74b4ed-OSL
X-Firefox-Spdy: h2

imedia.servefilesonly.com/f33f1e52-be5a-4e18-bffd-be29c8d24352_dd_fsk18_friendbox_17.jpg

104.18.10.149

200 OK

43 kB

URL HTTP/2
imedia.servefilesonly.com/f33f1e52-be5a-4e18-bffd-be29c8d24352_dd_fsk18_friendbox_17.jpg
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Size
43 kB (42797 bytes)
Hash
4d8628eebbf646f0b7225a1c4077d226
804eb68fba9f02d03ada8c2137d89f736f77f53c
5fd29eedcc96dcba7a93d442caeb9f91683fcb470f6e56b7bb8030e966fa03fe

HTTP Headers

GET /f33f1e52-be5a-4e18-bffd-be29c8d24352_dd_fsk18_friendbox_17.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/jpeg
content-length: 42797
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "4d8628eebbf646f0b7225a1c4077d226"
last-modified: Thu, 15 Oct 2020 02:13:09 GMT
x-hw: 1654671305.cds208.sk1.hn,1654671305.cds252.sk1.c
cf-cache-status: HIT
age: 330764
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=rDYZjw0S0Z8T3yPFVujUPp6THiRr_4fcSBO4F3nPGOI-1679753690-0-Aew1IAXYtNnqFvwLHDhlnOkibeg9f5DxPgGcrN25f/+bHb4LRqHhhUc5S/+rKrK241FYFLyrRfO0HqjHshjtjis=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c332ec66b4ed-OSL
X-Firefox-Spdy: h2

imedia.servefilesonly.com/e95d414d-44d9-4394-a29a-5f6dc20e302c_dd_fsk18_picturebox_17.jpg

104.18.10.149

200 OK

70 kB

URL HTTP/2
imedia.servefilesonly.com/e95d414d-44d9-4394-a29a-5f6dc20e302c_dd_fsk18_picturebox_17.jpg
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x480, components 3\012- data
Size
70 kB (69607 bytes)
Hash
82ffbca5a27947a609f2157176922c67
d52ceed40ed9bf9db4953fa82a4a14821973d165
90f3cb23432c785780c05d731c89300230324505cc2f37477619e5e188fc98da

HTTP Headers

GET /e95d414d-44d9-4394-a29a-5f6dc20e302c_dd_fsk18_picturebox_17.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/jpeg
content-length: 69607
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "82ffbca5a27947a609f2157176922c67"
last-modified: Thu, 15 Oct 2020 02:13:16 GMT
x-hw: 1654671305.cds207.sk1.hn,1654671305.cds215.sk1.c
cf-cache-status: HIT
age: 330764
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=v8RDTESnDse6Mm1aGUj8vuu36RchNsnDCY0H0KbRHhw-1679753690-0-AcPoJ2Ex5bV7HXYB0Fn1qGzUW0xXckRWbe1UZx+RlOdQyJDsFgIuG60IuG5dj1JV/AMa8XbNIjb1+gU8L4HxZTk=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c332fc71b4ed-OSL
X-Firefox-Spdy: h2

imedia.servefilesonly.com/c6759769-b586-4ba4-ae3d-6253cd87f439_dd_fsk18_friendbox_21.jpg

104.18.10.149

200 OK

44 kB

URL HTTP/2
imedia.servefilesonly.com/c6759769-b586-4ba4-ae3d-6253cd87f439_dd_fsk18_friendbox_21.jpg
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Size
44 kB (43628 bytes)
Hash
1df1bea57c3af95e55066cd94b766bf3
f91508ab1c052c3aacf428e3b8eeb43c25a9de1b
37da0c1fa158c08c25ba93432987bdc7ea872d979e1e2e06d013eed7e2380046

HTTP Headers

GET /c6759769-b586-4ba4-ae3d-6253cd87f439_dd_fsk18_friendbox_21.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/jpeg
content-length: 43628
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "1df1bea57c3af95e55066cd94b766bf3"
last-modified: Thu, 15 Oct 2020 02:13:10 GMT
x-hw: 1654671307.cds010.sk1.hn,1654671307.cds230.sk1.c
cf-cache-status: HIT
age: 325855
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=kLNDR1vHFZ6.gjqSYXRyQNHFSpDU_N28TGfeUaKuZ0k-1679753690-0-Ac6T6aWVUAdms6JRDfBs8Tti5KCCV2aiCYV4o/8HopeCYDbm9JBe/ZW66+6oOxJui2x3ELvwOsulYYhdL5xL6qA=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c332fc75b4ed-OSL
X-Firefox-Spdy: h2

lpmedia.servefilesonly.com/img/_logos/Teenfinder_Logo_w.png

104.18.10.149

200 OK

536 kB

URL HTTP/2
lpmedia.servefilesonly.com/img/_logos/Teenfinder_Logo_w.png
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1398 x 222, 8-bit/color RGBA, non-interlaced\012- data
Size
536 kB (535807 bytes)
Hash
569c93bcc249806fccd1f4f4953bf10b
444b3ea1e28b4dba68a7dc6ee01b31817f041f0f
41f25072f35ab6ffd186dc3f371e9181a79794c794b180e02e575cadc9fe6a23

HTTP Headers

GET /img/_logos/Teenfinder_Logo_w.png HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/png
content-length: 535807
last-modified: Wed, 15 Mar 2023 08:34:15 GMT
etag: "64118307-82cff"
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-cache-status: HIT
age: 349333
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=j6Ha5BfU67O1Uv1L6gpXEJEtB7ct05HH1qre48Flzb4-1679753690-0-AZhG+HZOVHqx1EEw+iOL0LjDO+iad8xjou6T9T2ZulrGGsxbYPu3GuzOpeMtCKmbJF70eD5gbLCycORtZuIEme4=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c332ec5db4ed-OSL
X-Firefox-Spdy: h2

imedia.servefilesonly.com/ec63ca50-2d82-42ca-8034-7c3d34465b5b_dd_fsk18_picturebox_20.jpg

104.18.10.149

200 OK

54 kB

URL HTTP/2
imedia.servefilesonly.com/ec63ca50-2d82-42ca-8034-7c3d34465b5b_dd_fsk18_picturebox_20.jpg
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x480, components 3\012- data
Size
54 kB (54012 bytes)
Hash
ba00f8dbf3a7c69f2511ab21d7301a8a
b0af6dc7673d0cbef0ae147406a19a3b1c52d51a
6a9e13a9795dd8365f8a2278e89a55b1dba7416d2bc4f63ff43f40b19c777a1f

HTTP Headers

GET /ec63ca50-2d82-42ca-8034-7c3d34465b5b_dd_fsk18_picturebox_20.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/jpeg
content-length: 54012
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "ba00f8dbf3a7c69f2511ab21d7301a8a"
last-modified: Thu, 15 Oct 2020 02:13:18 GMT
x-hw: 1654671305.cds262.sk1.hn,1654671305.cds226.sk1.c
cf-cache-status: HIT
age: 325855
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=d37rtk7eCG1EM2p8PA25LvBYM3sePbbC7wqdZSkecGg-1679753690-0-AcPCKmMObOl+QFZkjUTuCvRe9fTS3O4QGFXqmsgELKhYvcMS4vGtzX0fDk8S5a4nZxl50TVN4TWGxNbfg9DEdCk=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c3334cfab4ed-OSL
X-Firefox-Spdy: h2

imedia.servefilesonly.com/15078462-9e49-4f1c-a910-ab9e8f4b4784_dd862.jpg

104.18.10.149

200 OK

229 kB

URL HTTP/2
imedia.servefilesonly.com/15078462-9e49-4f1c-a910-ab9e8f4b4784_dd862.jpg
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1300, components 3\012- data
Size
229 kB (228570 bytes)
Hash
b16a3b01447038d1e0142e0b64ae3efb
d7a022e07b58426c6c62a32e5ed77b5e790c402d
da5b38965497b564a82d998c02ae2d98a6526a626294675156ebd171461112c7

HTTP Headers

GET /15078462-9e49-4f1c-a910-ab9e8f4b4784_dd862.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/jpeg
content-length: 228570
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "b16a3b01447038d1e0142e0b64ae3efb"
last-modified: Thu, 15 Oct 2020 02:12:22 GMT
x-hw: 1654671305.cds222.sk1.hn,1654671305.cds018.sk1.c
cf-cache-status: HIT
age: 330764
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=o9qAG5.Ap5CVHAdbRO8GxoFrZPmzo1z1oEafCFCT8EE-1679753690-0-Ad0vo9sdqsnsKBp6nSnC4Ii9DuVPfxo7b3sg71dQx05g1q9P+h2ipfgvq4G8E38LJlOx1HYMvNVBhk6UE+WM2PQ=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c3336d24b4ed-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3a85d9c2de0b1015b62c81a1ab7fe625
389c7fe2d0d53ff607a3fd8e27283c8f1cb3a238
717fa1c4098bd6e282c24452a39aafc0b436941b2f398ef0086960effcc3f2ca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 14:14:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

imedia.servefilesonly.com/fb55bd7b-ee42-4205-996c-8fd00fe94dd2_dd_fsk18_picturebox_21.jpg

104.18.10.149

200 OK

61 kB

URL HTTP/2
imedia.servefilesonly.com/fb55bd7b-ee42-4205-996c-8fd00fe94dd2_dd_fsk18_picturebox_21.jpg
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x480, components 3\012- data
Size
61 kB (61356 bytes)
Hash
6c1088d2d194729d915c7feb417f950e
fd76beef93d50ff0fd9b525145014a4b0fb7615c
9371b788d867cc0421a8dd71fdb76b3543c09a8ca2267cc3f9a682ccd3b1ddff

HTTP Headers

GET /fb55bd7b-ee42-4205-996c-8fd00fe94dd2_dd_fsk18_picturebox_21.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/jpeg
content-length: 61356
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "6c1088d2d194729d915c7feb417f950e"
last-modified: Thu, 15 Oct 2020 02:13:18 GMT
x-hw: 1654671305.cds026.sk1.hn,1654671305.cds258.sk1.c
cf-cache-status: HIT
age: 330764
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=jc6JoBM51BXWqiI2FU5eODPYYvymtvyVxqJLjS27LsQ-1679753690-0-AWFOwhaR50Ng9TMY7TqLlQKCI1hX1CJIsEUZhEn7Ve4EgHciIwNyWl57zqjBQma2qc0g1SKChzSgv9RqBQwMRq4=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c3336d22b4ed-OSL
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

69.16.175.10

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1679753690.dop206.sk1.t,1679753690.cds010.sk1.hn,1679753690.cds210.sk1.c
X-Firefox-Spdy: h2

cdn.onesignal.com/sdks/OneSignalSDK.js

104.18.214.59

200 OK

3.5 kB

URL HTTP/2
cdn.onesignal.com/sdks/OneSignalSDK.js
IP
104.18.214.59:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (9163)
Size
3.5 kB (3486 bytes)
Hash
10b93fbb9c4dd9700b0160dfbb51566e
70a1adbdd865dfc539836f913e6d971d37900485
b8ac28e5fffb857a0511d6548a2e635701caa8e4ee7cc7107f890a3b09b5e746

HTTP Headers

GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: application/javascript
etag: W/"8256f101039245592bc7dcc5496ed987"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2935
expires: Tue, 28 Mar 2023 14:14:50 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=ehHZp948zLwe6.m36FNAnX9d5P6GQe9FwjGoPtrc5Rk-1679753690-0-ATZHdQHppx3TVh5tro6DoYu+I2hPF3wSO9Db6nlL93L3wR9qrbboK4Yuztb55sLurIwYY4LAjkckVF8HORJTjWI=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7ad7c3334d6db50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:400,700,900|Droid+Sans:400,700&display=swap

172.217.21.170

200 OK

1.2 kB

URL HTTP/2
fonts.googleapis.com/css?family=Lato:400,700,900|Droid+Sans:400,700&display=swap
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1173 bytes)
Hash
36aa4c4d27693ab014fc18e76dd638bb
876084a53abc116d57661b51f8d51379d27cb8c1
37c95e104d058c24484850253935b3d41d51aa471811a3089149ef1aa7edff51

HTTP Headers

GET /css?family=Lato:400,700,900|Droid+Sans:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 25 Mar 2023 14:14:50 GMT
date: Sat, 25 Mar 2023 14:14:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form.css?1024012

104.18.10.149

200 OK

1.8 kB

URL HTTP/2
lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form.css?1024012
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.8 kB (1810 bytes)
Hash
9034c5b06bae9c0ec2d250cd8430202c
ebe002c30cefbb914b90fcb62c55fe3476aed163
57652f47ea98b7ae6a86dca7bde2c8283c3d869fcac9c91b9abd3f26993f09a3

HTTP Headers

GET /widgets/registrationFormBuilder/form.css?1024012 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7148
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: W/"6419692a-1bec"
last-modified: Tue, 21 Mar 2023 08:22:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 364002
expires: Sun, 02 Apr 2023 14:14:50 GMT
set-cookie: __cf_bm=NSSXiy8v8YRcSN9rGUZxpI443uyH29M2.9F.Hyl50Cs-1679753690-0-AUZngWvjM/lvCdlIL9VRLgKKdIfz3C0ufxF4rKSOb/+OqNoXa7hsEdJB4BsbOsfh2oxlUffMncTxdWNVo76MzQU=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad7c332ec50b4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.18.11.207

200 OK

77 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww2.teenfinder.com
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: c3c723431cb469a48c7a10096d31c7ed
cdn-cache: HIT
cf-cache-status: HIT
age: 4929575
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ad7c3345f46b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 14:14:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 14:14:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.35

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww2.teenfinder.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:45 GMT
expires: Sat, 23 Mar 2024 10:26:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
age: 100085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.35

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww2.teenfinder.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:46 GMT
expires: Sat, 23 Mar 2024 10:26:46 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
age: 100084
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 14:14:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6960
Expires: Sat, 25 Mar 2023 16:10:50 GMT
Date: Sat, 25 Mar 2023 14:14:50 GMT
Connection: keep-alive

lpmedia.servefilesonly.com/img/_patterns/apple-touch-icon.png?1024012

104.18.10.149

200 OK

67 B

URL HTTP/2
lpmedia.servefilesonly.com/img/_patterns/apple-touch-icon.png?1024012
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 1, 1-bit grayscale, non-interlaced\012- data
Size
67 B (67 bytes)
Hash
87e729aeec558580ccce1056cba7379b
1b739b74ebf7b2baaf4981301f48a15858cb5431
15d0d8531d9628928db8adcd1c3d3406d6ce67fa01926a3b73b054b4f34b93a4

HTTP Headers

GET /img/_patterns/apple-touch-icon.png?1024012 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Cookie: __cf_bm=xufk2F2gzkETIGLNK0pCCEWlGFYLx5rEL9eh.bvignY-1679753690-0-AUlShvqTMyY6BwBsTcj3jN4s5E96W0zjvkQzOTY61CWGAdYKd4A1hMAvCeQPKRWCP5a5S83aeXx/VuAgUG0PLv0=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/png
content-length: 67
last-modified: Tue, 21 Mar 2023 08:21:02 GMT
etag: "641968ee-43"
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-cache-status: HIT
age: 364001
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c335781db4ed-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6960
Expires: Sat, 25 Mar 2023 16:10:50 GMT
Date: Sat, 25 Mar 2023 14:14:50 GMT
Connection: keep-alive

lpmedia.servefilesonly.com/img/_favicons/Teenfinder_fav.png?1024012

104.18.10.149

200 OK

25 kB

URL HTTP/2
lpmedia.servefilesonly.com/img/_favicons/Teenfinder_fav.png?1024012
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 243 x 222, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (24857 bytes)
Hash
777ee9df084224e1c79e83314028df63
55b34bc7b4e1a08d979aba6201fbd8a00feb7ac8
12bf3aafa2accefa545c5d5b1a388566afd4d8c725a93734697449f1875644f7

HTTP Headers

GET /img/_favicons/Teenfinder_fav.png?1024012 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Cookie: __cf_bm=xufk2F2gzkETIGLNK0pCCEWlGFYLx5rEL9eh.bvignY-1679753690-0-AUlShvqTMyY6BwBsTcj3jN4s5E96W0zjvkQzOTY61CWGAdYKd4A1hMAvCeQPKRWCP5a5S83aeXx/VuAgUG0PLv0=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: image/png
content-length: 24857
last-modified: Tue, 21 Mar 2023 08:21:01 GMT
etag: "641968ed-6119"
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-cache-status: HIT
age: 364001
expires: Sun, 02 Apr 2023 14:14:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad7c335781eb4ed-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6960
Expires: Sat, 25 Mar 2023 16:10:50 GMT
Date: Sat, 25 Mar 2023 14:14:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6960
Expires: Sat, 25 Mar 2023 16:10:50 GMT
Date: Sat, 25 Mar 2023 14:14:50 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (4000 bytes)
Hash
85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: I3GuoZ4ZxAtz0sKe3wrW67aitLlCAbaZkiPw23fl0F3FoumJDEnXiQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 05:56:24 GMT
age: 29906
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6960
Expires: Sat, 25 Mar 2023 16:10:50 GMT
Date: Sat, 25 Mar 2023 14:14:50 GMT
Connection: keep-alive

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7800 bytes)
Hash
5773974a7341690f006b052ad02c94db
1b11316c952e2195da1646dd94671669e7e3bc2b
a06b72138745500cacc919fea29536ebd4188a1c483f6123e3402458e299f16a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: bad99b1e-3923-4de9-8bea-4dd04e96f7cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfFGcIAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-0826b92d4c4af16553503600;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 9AGLmjvUSTKIsYIWECOR8QwdF4PP1tP1TweUm0VYvxQ0qskqj3YuLA==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:43:53 GMT
age: 59457
etag: "1b11316c952e2195da1646dd94671669e7e3bc2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5296 bytes)
Hash
aecd210f66f83c73c3450d047ae7448a
d68861e96e12e8a3f293dbae8b687f05b6e15afb
22b69c41c56e5538d91f824d5dc2e63ab5563f99ae8e429c9166f4b397cacd0e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5296
x-amzn-requestid: 11fdf0c8-244c-4cd5-bfa7-4c77d777174f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzEqkIAMFXOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-5c241d63598dbf595b54ead5;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: b1KWFmKdRQ4DU0v5JmC7AJatpv2B5FAHKVWL7pFiyh13fqYDA5qydA==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:57:13 GMT
age: 58657
etag: "d68861e96e12e8a3f293dbae8b687f05b6e15afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8635 bytes)
Hash
73f9697594d173d623b331b5c35eab8d
6323f751f6b7517f062a0442480f672086ea02a1
116cb71658b31e87f19c390b242c684f6505cc8edf90b7fc934ac726fc7ddd18

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8635
x-amzn-requestid: fc715b03-f48f-4300-b752-ab157a684f08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihcETyIAMFhYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a2-68f685ec0f50dae026ea3f64;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: i6dsVaC_gPijsRqh_EL5tZYZpjNEbQJvKIpPq501TIJZzcLUWeRz9w==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:45:56 GMT
age: 59334
etag: "6323f751f6b7517f062a0442480f672086ea02a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
14 kB (13589 bytes)
Hash
eb5ec7d9e19cf5da60ec5cf6f6121f57
5bd0d1e3c69c14616e74725f61f8ec5b69ba16a8
7484a9882b3bae003bc1437a28d0cf4d902fbdab74dd2a72e442c69f03a97555

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12071
x-amzn-requestid: 02bb2a93-c0aa-4d43-aa99-759a0418bc20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfGHYoAMF8BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-2258162e1901b5cd6e7144d3;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: n7Xm67vDO9_X3Xoe2HXJs4Y9dLE6cZgx16lmW7c3KHv-sOg7rZo9wg==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:47:23 GMT
age: 59247
etag: "4cd24b81bd6ade3ab5ff90fc88b0f7497e93391d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6185 bytes)
Hash
dd191e3a122d6e31f81e6e9d434c58d6
aec88022970c93289434f8097e4a663da33e5271
1f00c901ef479637ec703d7924526a970cb13dd2635b2bbb68b285df9d98e011

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6185
x-amzn-requestid: 223de50b-9a7e-4ac7-9305-336658eec4ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiwYHoLoAMFXtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e1802-226bd8524ade75234053ff50;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:37:06 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ye0ADORg1hFVLxcNVj-qS60tlfguOEtyTx_XFU4ooJOcDHqNsqV3kw==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:57:14 GMT
age: 58656
etag: "aec88022970c93289434f8097e4a663da33e5271"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form.js?1024012

104.18.10.149

200 OK

0 B

URL HTTP/2
lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form.js?1024012
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widgets/registrationFormBuilder/form.js?1024012 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6373
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: W/"6419692a-18e5"
last-modified: Tue, 21 Mar 2023 08:22:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 364002
expires: Sun, 02 Apr 2023 14:14:50 GMT
set-cookie: __cf_bm=anrROhIxpP2zd.uxuQ7sUAojLMMt0VwOB5xAhJL.qzU-1679753690-0-Ab2jmmaI/rQ9TopRIGF4Q1vTDuGFken1Drd2F4hveyjUlS2QfEixm/WBfzh5dYBe1QadLEaRSaGNHRqwq+/8dCM=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad7c332ec56b4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

lpmedia.servefilesonly.com/build/templates/DailyDate2/age-filter.min.css?1024012

104.18.10.149

200 OK

0 B

URL HTTP/2
lpmedia.servefilesonly.com/build/templates/DailyDate2/age-filter.min.css?1024012
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /build/templates/DailyDate2/age-filter.min.css?1024012 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: text/css
last-modified: Tue, 21 Mar 2023 08:20:59 GMT
vary: Accept-Encoding
etag: W/"641968eb-1b3"
access-control-allow-origin: *
cache-control: public, max-age=691200
content-encoding: gzip
cf-cache-status: HIT
age: 363971
expires: Sun, 02 Apr 2023 14:14:50 GMT
set-cookie: __cf_bm=hOeE3W9rcDFOh1qp.CkiEYAQgOB4XgDpCsfBngJIYcc-1679753690-0-AeaXsz3pxlRa+Y8Km2CIZi3wXrXt3hk4i/1Vi6FOZC4viF9aCJcwpUnmrxuNEVHz8zFPwgp9eL8Lig6OjQZJcIc=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad7c332ec53b4ed-OSL
X-Firefox-Spdy: h2

lpmedia.servefilesonly.com/js/popwin.js?1024012

104.18.10.149

200 OK

0 B

URL HTTP/2
lpmedia.servefilesonly.com/js/popwin.js?1024012
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/popwin.js?1024012 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1177
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: W/"64196927-499"
last-modified: Tue, 21 Mar 2023 08:21:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 364003
expires: Sun, 02 Apr 2023 14:14:50 GMT
set-cookie: __cf_bm=Sx5R2IAxOE1SceTEPA5Pz72UGBwx42TQs3AQ6RmCTAo-1679753690-0-ATVzP661WvRFeHtIilZyB5ubMNpWUKK/OHwMEGr0g/MYev18U1/caqKiZ3QV7H2LYvYCcUPxSdcFXd6eKf9ihME=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad7c332ec5ab4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

lpmedia.servefilesonly.com/js/helpers/validation.js?1024012

104.18.10.149

200 OK

0 B

URL HTTP/2
lpmedia.servefilesonly.com/js/helpers/validation.js?1024012
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/helpers/validation.js?1024012 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=11311
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: W/"64196927-2c2f"
last-modified: Tue, 21 Mar 2023 08:21:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 364002
expires: Sun, 02 Apr 2023 14:14:50 GMT
set-cookie: __cf_bm=Sr0yqHapkIvDP_iBelP.SXiDnkl2jOCMz4x9iHnKqIA-1679753690-0-AV3NzPKFWvL+T09LTgHJ1dMh53DsgiKtLf0g2ID6cKjYwZmLjsyzi5yaryU21feU0IJxOlmEf9r125sDK2NQ6lg=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad7c332ec54b4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600

104.18.214.59

200 OK

0 B

URL HTTP/2
cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600
IP
104.18.214.59:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sdks/OneSignalPageSDKES6.js?v=151600 HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Cookie: __cf_bm=ehHZp948zLwe6.m36FNAnX9d5P6GQe9FwjGoPtrc5Rk-1679753690-0-ATZHdQHppx3TVh5tro6DoYu+I2hPF3wSO9Db6nlL93L3wR9qrbboK4Yuztb55sLurIwYY4LAjkckVF8HORJTjWI=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: application/javascript
etag: W/"3d37cd0d64713e75df2c67fb7c907496"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1144
expires: Tue, 28 Mar 2023 14:14:50 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7ad7c333bdfbb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

ww2.teenfinder.com/landing/dd862?clickId=41d61828-c352-44d0-ad0c-e62068362a39&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=41d61828-c352-44d0-ad0c-e62068362a39&tp_redirect_id=41d61828-c352-44d0-ad0c-e62068362a39

104.18.24.171

200 OK

0 B

URL HTTP/2
ww2.teenfinder.com/landing/dd862?clickId=41d61828-c352-44d0-ad0c-e62068362a39&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=41d61828-c352-44d0-ad0c-e62068362a39&tp_redirect_id=41d61828-c352-44d0-ad0c-e62068362a39
IP
104.18.24.171:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /landing/dd862?clickId=41d61828-c352-44d0-ad0c-e62068362a39&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=41d61828-c352-44d0-ad0c-e62068362a39&tp_redirect_id=41d61828-c352-44d0-ad0c-e62068362a39 HTTP/1.1
Host: ww2.teenfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ishku-wbq.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
pragma: no-cache
cf-cache-status: DYNAMIC
set-cookie: PHPSESSID=f949mvsq0sjriihak3ep2kqdem; path=/
__cf_bm=AazuuwvT0BjblzuIupHxtloPizO8xC0gCo4DxXIA90A-1679753689-0-AfF05ZFdSVdAF3XlANGeX7C3QT2XDvAXGRqnGRMwZ9q9es3sqqKx60P835XNQ2iXfDlFudh1j14PmixEPQdTz4s=; path=/; expires=Sat, 25-Mar-23 14:44:49 GMT; domain=.teenfinder.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad7c330e9941c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

lpmedia.servefilesonly.com/widgets/loginFormBuilder/login_form.js

104.18.10.149

200 OK

0 B

URL HTTP/2
lpmedia.servefilesonly.com/widgets/loginFormBuilder/login_form.js
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widgets/loginFormBuilder/login_form.js HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6012
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: W/"6419692a-177c"
last-modified: Tue, 21 Mar 2023 08:22:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 329695
expires: Sun, 02 Apr 2023 14:14:50 GMT
set-cookie: __cf_bm=3SSZqJZH20S15OR.EZA06yNMimB79o.LYNt.F1gz1oQ-1679753690-0-AWhUyCeOp1rpmdc4Zn1/2MDp4cr9ixk0w+gGOPsSxRFayV/ttCSFSATq86kpBXRW34BDFF1dS1BekOatrffSJ7A=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad7c332ec5bb4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

lpmedia.servefilesonly.com/widgets/registrationFormBuilder/step.js?1024012

104.18.10.149

200 OK

0 B

URL HTTP/2
lpmedia.servefilesonly.com/widgets/registrationFormBuilder/step.js?1024012
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widgets/registrationFormBuilder/step.js?1024012 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2920
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: W/"6419692a-b68"
last-modified: Tue, 21 Mar 2023 08:22:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 364002
expires: Sun, 02 Apr 2023 14:14:50 GMT
set-cookie: __cf_bm=ja0UbL66o0veEcmRb5vWWAXud_5dOO61ViRCdYuspxM-1679753690-0-AfNOyQsEbvJLYzszuIVXaNuujnUp5rjoTsV924M/LCiqpESWHiUMpzXvRru9j58upxJVavIVTbtu+RdCJd1Atv4=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad7c332ec58b4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

lpmedia.servefilesonly.com/build/templates/DailyDate2/style.min.css?1024012

104.18.10.149

200 OK

0 B

URL HTTP/2
lpmedia.servefilesonly.com/build/templates/DailyDate2/style.min.css?1024012
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /build/templates/DailyDate2/style.min.css?1024012 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: text/css
last-modified: Tue, 21 Mar 2023 08:20:59 GMT
vary: Accept-Encoding
etag: W/"641968eb-459b"
access-control-allow-origin: *
cache-control: public, max-age=691200
content-encoding: gzip
cf-cache-status: HIT
age: 364002
expires: Sun, 02 Apr 2023 14:14:50 GMT
set-cookie: __cf_bm=cSMmkmk_gu4T7wSMIgUWq2vUlhjUZVlTJqXUZD1yD_A-1679753690-0-Afk8qAdgpbLcWvLW4WxM8JbuPJRepzEV02nl4iTE95n4cnLxR/lRImFGr0IUZ6i8kTggcth24go19S+mxoqL4Fo=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad7c332ec52b4ed-OSL
X-Firefox-Spdy: h2

lpmedia.servefilesonly.com/style/plugins/mobirise-icons.css

104.18.10.149

200 OK

0 B

URL HTTP/2
lpmedia.servefilesonly.com/style/plugins/mobirise-icons.css
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /style/plugins/mobirise-icons.css HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpmedia.servefilesonly.com/build/templates/DailyDate2/style.min.css?1024012
Cookie: __cf_bm=rDYZjw0S0Z8T3yPFVujUPp6THiRr_4fcSBO4F3nPGOI-1679753690-0-Aew1IAXYtNnqFvwLHDhlnOkibeg9f5DxPgGcrN25f/+bHb4LRqHhhUc5S/+rKrK241FYFLyrRfO0HqjHshjtjis=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7626
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: W/"6419692a-1dca"
last-modified: Tue, 21 Mar 2023 08:22:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 357769
expires: Sun, 02 Apr 2023 14:14:50 GMT
server: cloudflare
cf-ray: 7ad7c333cd9bb4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/18/2022 06:18:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: be050c61329891fb4ef880afd785a1b0
cdn-cache: HIT
cf-cache-status: HIT
age: 227461
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ad7c332fa56fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form_helper.js?1024012

104.18.10.149

200 OK

0 B

URL HTTP/2
lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form_helper.js?1024012
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widgets/registrationFormBuilder/form_helper.js?1024012 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5565
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: W/"6419692a-15bd"
last-modified: Tue, 21 Mar 2023 08:22:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 364002
expires: Sun, 02 Apr 2023 14:14:50 GMT
set-cookie: __cf_bm=LxlfMsXtQVjCe99ZujBhvGVCf_ZgHryREh.YQVOrZaA-1679753690-0-AbOd+8hgdATGzLVSWdVf15lH/8QDVTIzjSiGP/xbluA0cdc645/ugQ0mSW1LsZblj/ioj8nEaEFJ/DEw0D4qSOA=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad7c332ec55b4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

lpmedia.servefilesonly.com/widgets/loginFormBuilder/login_form.css?1024012

104.18.10.149

200 OK

0 B

URL HTTP/2
lpmedia.servefilesonly.com/widgets/loginFormBuilder/login_form.css?1024012
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widgets/loginFormBuilder/login_form.css?1024012 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1425
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: W/"6419692a-591"
last-modified: Tue, 21 Mar 2023 08:22:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 364002
expires: Sun, 02 Apr 2023 14:14:50 GMT
set-cookie: __cf_bm=o1zvzHzDYp.0XfDdgXtvGyPgqovzm3J1Xn2m66.YLq8-1679753690-0-AecDG833ih+TS/V1qDU1MP+Eu5d3ltPM7O1XVQIwYW29nZfg75SeXCEZgJnuuNYURqJUGtstBYPHzt8vsM3Dm4Q=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad7c3337d3ab4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

lpmedia.servefilesonly.com/widgets/corner/corner.css?1024012

104.18.10.149

200 OK

0 B

URL HTTP/2
lpmedia.servefilesonly.com/widgets/corner/corner.css?1024012
IP
104.18.10.149:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widgets/corner/corner.css?1024012 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 14:14:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=246
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: W/"6419692a-f6"
last-modified: Tue, 21 Mar 2023 08:22:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 364003
expires: Sun, 02 Apr 2023 14:14:50 GMT
set-cookie: __cf_bm=xufk2F2gzkETIGLNK0pCCEWlGFYLx5rEL9eh.bvignY-1679753690-0-AUlShvqTMyY6BwBsTcj3jN4s5E96W0zjvkQzOTY61CWGAdYKd4A1hMAvCeQPKRWCP5a5S83aeXx/VuAgUG0PLv0=; path=/; expires=Sat, 25-Mar-23 14:44:50 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad7c333ad72b4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML