Report - tonightfindthe.one/security.php?u=aHR0cHM6Ly90LmFjYW0ubGluay8yMjM2NDYvMzY2NC8wP2JvPTI3NzksMjc3OCwyNzc3LDI3NzYsMjc3NSZwbz02NTMzJmFmZl9zdWI9Y2xhc3NpYyZhZmZfc3ViMj1kaXJlY3QmYWZmX3N1YjM9VVM=

Report Overview

Submitted URL
tonightfindthe.one/security.php?u=aHR0cHM6Ly90LmFjYW0ubGluay8yMjM2NDYvMzY2NC8wP2JvPTI3NzksMjc3OCwyNzc3LDI3NzYsMjc3NSZwbz02NTMzJmFmZl9zdWI9Y2xhc3NpYyZhZmZfc3ViMj1kaXJlY3QmYWZmX3N1YjM9VVM=
IP
104.21.66.213
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-10 04:40:59
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
a.vfgtg.com	279695	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	673 B	943 B	18.192.108.151
t.anmdr.link	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	576 B	1.9 kB	54.230.111.38
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	2.0 kB	143.204.42.88
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.155.171.116
tonightfindthe.one	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	2.2 kB	104.21.66.213
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
a.vfgtc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	622 B	897 B	18.192.108.151
girlsjungle.life	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.1 kB	759 kB	194.87.208.72
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.77.32
t.acam.link	519885	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	534 B	2.2 kB	54.230.111.117
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	75 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed
2022-12-09	medium	girlsjungle.life	Sinkholed

JavaScript (10)

	URL	Size	First Seen	Last Seen
	girlsjungle.life/media/bbradar.js	639 B	2023-03-07	2024-04-26
Pretty URL girlsjungle.life/media/bbradar.js IP 194.87.208.72 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-26 07:29:11 Times Seen13548 Hash 0d553e4bac91c74bfee2dbabba61e99e 5af71e2377c9c012a7826a695f2724901941b19b 1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68 Loading...

	girlsjungle.life/media/exit-new/exit1.js	3.5 kB	2023-03-07	2024-04-26
Pretty URL girlsjungle.life/media/exit-new/exit1.js IP 194.87.208.72 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-26 07:29:11 Times Seen13220 Hash 625e5e2950612f771e246beb33c9ea61 e4fc251c6c000496c285f8dc3fa097040b031681 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46 Loading...

	girlsjungle.life/util/utils.js	7.5 kB	2023-03-07	2024-04-26
Pretty URL girlsjungle.life/util/utils.js IP 194.87.208.72 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-26 07:29:11 Times Seen20659 Hash 01816d15ca03032751161a746e2fb7c3 dcc72ea5fa1356490ba473288159df9786b4a3c3 8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea Loading...

	girlsjungle.life/media/d/radarnew/js/bootstrap.min.js	29 kB	2023-03-07	2024-04-26
Pretty URL girlsjungle.life/media/d/radarnew/js/bootstrap.min.js IP 194.87.208.72 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-26 07:28:56 Times Seen9748 Hash ba847811448ef90d98d272aeccef2a95 5814e91bb6276f4de8b7951c965f2f190a03978d 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1 Loading...

	girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0	75 B	2023-03-07	2024-04-26
Pretty URL girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0 IP 194.87.208.72 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-26 07:28:56 Times Seen544 Hash bd4d30b70b543d5719fe8ca0688d062d 38ac976596589395658a6e567aaa214f2e141ff1 2fe9da1e756d85ba1e13044ef14139f26d23c500b63fcefaaa90a685b03fa734 Loading...

	girlsjungle.life/media/d/radarnew/js/main.js	1.4 kB	2023-03-07	2024-04-26
Pretty URL girlsjungle.life/media/d/radarnew/js/main.js IP 194.87.208.72 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:50 Last Seen2024-04-26 07:28:56 Times Seen1046 Hash e2a64608889abbe3782f28e512a421dd 6c5e589d6cf3c8ee1eb63f057f9852ff67887c44 ebd7a92af4d051891df2bbad59bbf1b2a36fc68f1108b15504d12550d656f566 Loading...

	girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0	526 B	2023-03-09	2023-03-09
Pretty URL girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0 IP 194.87.208.72 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:58:12 Last Seen2023-03-09 00:58:12 Times Seen1 Hash c0b25e78c27cde99dc415d129ae774b0 200f8287539000c5b75f251dae72d08175866d1d 9e3ce91e30ef70ed34f736bbc63e7c11130012cd9cd2450155fbf6bfe62c0e71 Loading...

	girlsjungle.life/media/d/radarnew/js/trls.js	48 kB	2023-03-07	2024-04-26
Pretty URL girlsjungle.life/media/d/radarnew/js/trls.js IP 194.87.208.72 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:50 Last Seen2024-04-26 07:28:56 Times Seen1036 Hash acbcd82ae39db3a4cc2eb4a43d8b4338 4bbfdc1fca56ef2aba7b5fd95034ea6860f30a5a 3fc88d3968cd86f76bc3d071b1d3de64729f06840621ab9a39b93f7e2add6303 Loading...

	girlsjungle.life/media/d/radarnew/js/bootstrap-slider.min.js	26 kB	2023-03-07	2024-04-26
Pretty URL girlsjungle.life/media/d/radarnew/js/bootstrap-slider.min.js IP 194.87.208.72 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:50 Last Seen2024-04-26 07:28:56 Times Seen1059 Hash bb00d9d835171fe905a76787cbea604a 428580aaa3688c5dcca79b6428248b31af85ac1f 926ac5c114974a527367752eef1ab86bdb364c34fafb39e9b976c7ab0c2adda6 Loading...

	girlsjungle.life/media/d/radarnew/js/jquery.min.js	93 kB	2023-03-07	2024-04-26
Pretty URL girlsjungle.life/media/d/radarnew/js/jquery.min.js IP 194.87.208.72 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:05 Last Seen2024-04-26 07:28:56 Times Seen6247 Hash 0b6ecf17e30037994d3ffee51b525914 d09d3a99ed25d0f1fbe6856de9e14ffd33557256 f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729 Loading...

HTTP Transactions (46)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3077
Expires: Sat, 10 Dec 2022 05:32:04 GMT
Date: Sat, 10 Dec 2022 04:40:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11664
Expires: Sat, 10 Dec 2022 07:55:11 GMT
Date: Sat, 10 Dec 2022 04:40:47 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 04:08:23 GMT
content-type: application/json
age: 1944
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5019
Expires: Sat, 10 Dec 2022 06:04:26 GMT
Date: Sat, 10 Dec 2022 04:40:47 GMT
Connection: keep-alive

tonightfindthe.one/security.php?u=aHR0cHM6Ly90LmFjYW0ubGluay8yMjM2NDYvMzY2NC8wP2JvPTI3NzksMjc3OCwyNzc3LDI3NzYsMjc3NSZwbz02NTMzJmFmZl9zdWI9Y2xhc3NpYyZhZmZfc3ViMj1kaXJlY3QmYWZmX3N1YjM9VVM=

104.21.66.213

301 Moved Permanently

162 B

URL HTTP/1.1
tonightfindthe.one/security.php?u=aHR0cHM6Ly90LmFjYW0ubGluay8yMjM2NDYvMzY2NC8wP2JvPTI3NzksMjc3OCwyNzc3LDI3NzYsMjc3NSZwbz02NTMzJmFmZl9zdWI9Y2xhc3NpYyZhZmZfc3ViMj1kaXJlY3QmYWZmX3N1YjM9VVM=
IP
104.21.66.213:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /security.php?u=aHR0cHM6Ly90LmFjYW0ubGluay8yMjM2NDYvMzY2NC8wP2JvPTI3NzksMjc3OCwyNzc3LDI3NzYsMjc3NSZwbz02NTMzJmFmZl9zdWI9Y2xhc3NpYyZhZmZfc3ViMj1kaXJlY3QmYWZmX3N1YjM9VVM= HTTP/1.1
Host: tonightfindthe.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 04:40:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://tonightfindthe.one/security.php?u=aHR0cHM6Ly90LmFjYW0ubGluay8yMjM2NDYvMzY2NC8wP2JvPTI3NzksMjc3OCwyNzc3LDI3NzYsMjc3NSZwbz02NTMzJmFmZl9zdWI9Y2xhc3NpYyZhZmZfc3ViMj1kaXJlY3QmYWZmX3N1YjM9VVM=
X-Powered-By: EasyEngine v4.6.2
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2B%2F8lHrrFizo4b0u72g%2FZZQMMcbHGqiSMh%2FmDBw%2BoiNnXg2Utu6FCsLlsuZmnat6riRRHXb%2By1MBUoYKYFT%2FC7HbPZ%2BQNcsnIs1FZuz1mgNpQxt5HS39CEQMeuWF6kG6A23Ub0A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77734df00f650b06-OSL
alt-svc: h2=":443"; ma=60

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: e1Hs86Wa6fcljaxPVzotvJjgplPzH+xxnQdWXOocL52fra0DIu2+esJ2Fvt9NgH1B+8x39oND8kbxQSOtU4hYA==
x-amz-request-id: TAZW5QNCZ7RY1HJP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 03:48:38 GMT
age: 3129
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 04:40:47 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
c74d0ff03e2ca17a7f3a983181f35297
76694287c09e13bfe7670061231db14a89aa6bf8
4bf80a142b33fab135746f0ef98c0410f437e80718938f81c892325078f660ab

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4BF80A142B33FAB135746F0EF98C0410F437E80718938F81C892325078F660AB"
Last-Modified: Sat, 10 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21590
Expires: Sat, 10 Dec 2022 10:40:37 GMT
Date: Sat, 10 Dec 2022 04:40:47 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 04:07:55 GMT
age: 1973
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

tonightfindthe.one/security.php?u=aHR0cHM6Ly90LmFjYW0ubGluay8yMjM2NDYvMzY2NC8wP2JvPTI3NzksMjc3OCwyNzc3LDI3NzYsMjc3NSZwbz02NTMzJmFmZl9zdWI9Y2xhc3NpYyZhZmZfc3ViMj1kaXJlY3QmYWZmX3N1YjM9VVM=

104.21.66.213

302 Found

471 B

URL HTTP/2
tonightfindthe.one/security.php?u=aHR0cHM6Ly90LmFjYW0ubGluay8yMjM2NDYvMzY2NC8wP2JvPTI3NzksMjc3OCwyNzc3LDI3NzYsMjc3NSZwbz02NTMzJmFmZl9zdWI9Y2xhc3NpYyZhZmZfc3ViMj1kaXJlY3QmYWZmX3N1YjM9VVM=
IP
104.21.66.213:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38

HTTP Headers

GET /security.php?u=aHR0cHM6Ly90LmFjYW0ubGluay8yMjM2NDYvMzY2NC8wP2JvPTI3NzksMjc3OCwyNzc3LDI3NzYsMjc3NSZwbz02NTMzJmFmZl9zdWI9Y2xhc3NpYyZhZmZfc3ViMj1kaXJlY3QmYWZmX3N1YjM9VVM= HTTP/1.1
Host: tonightfindthe.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Sat, 10 Dec 2022 04:40:48 GMT
content-type: text/html; charset=UTF-8
location: https://t.acam.link/223646/3664/0?bo=2779,2778,2777,2776,2775&po=6533&aff_sub=classic&aff_sub2=direct&aff_sub3=US
x-powered-by: EasyEngine v4.6.2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAaiwEk%2Fm4BWF74lyFHAi1q4gqqajQ%2Fc4rTcdr46y1nsUYPX6NRiS4DxVKJS9Sxp%2FqHejyyudO1hFyPCnkAkMpJwW8DBu2VE6WoiR%2FP39OepCxBhliorJwegwTpCkUWP9ylFn9k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77734df33a97b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
c74d0ff03e2ca17a7f3a983181f35297
76694287c09e13bfe7670061231db14a89aa6bf8
4bf80a142b33fab135746f0ef98c0410f437e80718938f81c892325078f660ab

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4BF80A142B33FAB135746F0EF98C0410F437E80718938F81C892325078F660AB"
Last-Modified: Sat, 10 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Sat, 10 Dec 2022 10:40:37 GMT
Date: Sat, 10 Dec 2022 04:40:48 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
7b3bc63f96020bee089f11e3d0702ed0
163a85a436431758f4979767f38e3b75414da32a
3d44b7be819b03064e6ed443a29960d252e83de23479b963771e90ab68fd4cba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141602
Date: Sat, 10 Dec 2022 04:40:48 GMT
Etag: "639388d4-1d7"
Expires: Sun, 11 Dec 2022 20:00:50 GMT
Last-Modified: Fri, 09 Dec 2022 19:13:24 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hcH5cJXQ_YMwsDreCZxSbngYmJzuORgs_KiFE8GEry_Ld6cwMezyHQ==
Age: 2846

push.services.mozilla.com/

35.155.171.116

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.155.171.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: po7JAcH/KXWbBJ9f6mxeXQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gZLU/7E8mxBBaD991cEcPPynJ+8=

t.acam.link/223646/3664/0?bo=2779,2778,2777,2776,2775&po=6533&aff_sub=classic&aff_sub2=direct&aff_sub3=US

54.230.111.117

303 See Other

608 B

URL HTTP/2
t.acam.link/223646/3664/0?bo=2779,2778,2777,2776,2775&po=6533&aff_sub=classic&aff_sub2=direct&aff_sub3=US
IP
54.230.111.117:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (608), with no line terminators
Size
608 B (608 bytes)
Hash
a9971b05c0cbfa8d1411a65008e6e21c
c4cb65bcbc4a0b25e11be1213068a1e921f02858
9854ffd992455d1fefd1a7c3b59070833247e76f645b0bd4fedbc35cd280c8bb

HTTP Headers

GET /223646/3664/0?bo=2779,2778,2777,2776,2775&po=6533&aff_sub=classic&aff_sub2=direct&aff_sub3=US HTTP/1.1
Host: t.acam.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 303 See Other
content-type: text/html; charset=utf-8
content-length: 608
location: https://a.vfgtg.com/ccdef8a3-26db-481e-bf27-b568f737488e?subID1=classic&affiliateID=43404&source=1029e9cd13e830d11140a5e13bc00a&subID2=223646&Target=91.90.42.154&affsource=&aff_click_id=1029e9cd13e830d11140a5e13bc00a&bo=2779%2C2778%2C2777%2C2776%2C2775
server: nginx/1.19.0
date: Sat, 10 Dec 2022 04:40:48 GMT
set-cookie: enc_aff_session_3664=ENC03f051e95456d7149db14cb7d371dd1851339343083eea26f24dee1cd3fcb0a25868fff3076e6aa48252961e62a821eba5e918b4ba99f9232ff82f0f9d7945da1f284cf4710048a128e850c0a0cf2045c738513406a64684c24fd010e0e95ffac2d8c1fb9d40cfc5c3e1f934132d26c8635ce5a18c444a2d04dca86a32cbfb0cd302cadcc3; Path=/; Expires=Mon, 09 Dec 2024 04:40:48 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Mon, 03 Nov 2025 15:20:48 GMT; Secure
tracking_id: 1029e9cd13e830d11140a5e13bc00a
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UlDabj3Op4QZ2rxlZ-dWSER1-YB862No2azWqXETR5xJd2Bcug7qJA==
X-Firefox-Spdy: h2

a.vfgtg.com/ccdef8a3-26db-481e-bf27-b568f737488e?subID1=classic&affiliateID=43404&source=1029e9cd13e830d11140a5e13bc00a&subID2=223646&Target=91.90.42.154&affsource=&aff_click_id=1029e9cd13e830d11140a5e13bc00a&bo=2779%2C2778%2C2777%2C2776%2C2775

18.192.108.151

302 Found

0 B

URL HTTP/2
a.vfgtg.com/ccdef8a3-26db-481e-bf27-b568f737488e?subID1=classic&affiliateID=43404&source=1029e9cd13e830d11140a5e13bc00a&subID2=223646&Target=91.90.42.154&affsource=&aff_click_id=1029e9cd13e830d11140a5e13bc00a&bo=2779%2C2778%2C2777%2C2776%2C2775
IP
18.192.108.151:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ccdef8a3-26db-481e-bf27-b568f737488e?subID1=classic&affiliateID=43404&source=1029e9cd13e830d11140a5e13bc00a&subID2=223646&Target=91.90.42.154&affsource=&aff_click_id=1029e9cd13e830d11140a5e13bc00a&bo=2779%2C2778%2C2777%2C2776%2C2775 HTTP/1.1
Host: a.vfgtg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Sat, 10 Dec 2022 04:40:48 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://a.vfgtc.com/e3e1481f-6eb8-41da-92a9-001454d7502d?aff_sub4=_bucket&subID1=classic&affiliateID=43404&source=1029e9cd13e830d11140a5e13bc00a&subID2=223646&Target=&Site=&cid=w7tcita9pufkck2lideqjub8
pragma: no-cache
set-cookie: ccdef8a3-26db-481e-bf27-b568f737488e-v4=3eJZTjRCERWsgFjd5GvTQG6Mp3Q7K2GirW4KTQzFOC4; Max-Age=86400; Expires=Sun, 11-Dec-2022 04:40:48 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=I2FgMwOZfM2XXgDed%2FksovfKlXlRMeL59h0M%2FPM3Csaa9%2FVXSV8Xp5Q59I01zo3lGJNz0B8zJ0jIDg6E9XePxY3fdIYWPosO4tdVjdFja%2F7bss09n2uTDipb2Y18256HbKHlqe3NYcCqNxc%2Bs4qJDg%3D%3D; Max-Age=31536000; Expires=Sun, 10-Dec-2023 04:40:48 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

a.vfgtc.com/e3e1481f-6eb8-41da-92a9-001454d7502d?aff_sub4=_bucket&subID1=classic&affiliateID=43404&source=1029e9cd13e830d11140a5e13bc00a&subID2=223646&Target=&Site=&cid=w7tcita9pufkck2lideqjub8

18.192.108.151

302 Found

0 B

URL HTTP/2
a.vfgtc.com/e3e1481f-6eb8-41da-92a9-001454d7502d?aff_sub4=_bucket&subID1=classic&affiliateID=43404&source=1029e9cd13e830d11140a5e13bc00a&subID2=223646&Target=&Site=&cid=w7tcita9pufkck2lideqjub8
IP
18.192.108.151:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /e3e1481f-6eb8-41da-92a9-001454d7502d?aff_sub4=_bucket&subID1=classic&affiliateID=43404&source=1029e9cd13e830d11140a5e13bc00a&subID2=223646&Target=&Site=&cid=w7tcita9pufkck2lideqjub8 HTTP/1.1
Host: a.vfgtc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Sat, 10 Dec 2022 04:40:48 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://t.anmdr.link/43404/4204/0/?aff_sub4=_bucket&aff_sub=classic&aff_sub2=223646&aff_sub3=w7tcita9pufkck2l2nscib2i&source=1029e9cd13e830d11140a5e13bc00a
pragma: no-cache
set-cookie: e3e1481f-6eb8-41da-92a9-001454d7502d-v4=agv8u0Zj8Z0X-pQE62awP3Rivq0oSM10Ng0b1kmk7mY; Max-Age=86400; Expires=Sun, 11-Dec-2022 04:40:48 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=7H93R4B70QFb5peXW6W57gtU3zk0n8diDMzSgEBXwD0vrnweEhWJKN%2BJ7SXhXKcaRP1%2BUEBFKMDLagnrdqJV0ST8vBT%2BR%2BhhCFycrJbNV%2FER5cPZXBpSpmTBBi6sQ9DM8kuejuoxNV6IhFRuPEMdlg%3D%3D; Max-Age=31536000; Expires=Sun, 10-Dec-2023 04:40:48 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
7b3bc63f96020bee089f11e3d0702ed0
163a85a436431758f4979767f38e3b75414da32a
3d44b7be819b03064e6ed443a29960d252e83de23479b963771e90ab68fd4cba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142348
Date: Sat, 10 Dec 2022 04:40:49 GMT
Etag: "639388d4-1d7"
Expires: Sun, 11 Dec 2022 20:13:17 GMT
Last-Modified: Fri, 09 Dec 2022 19:13:24 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2FtRUEFdNgTLibMzXH3AfB7PjCk4ceuvMtySMsdyFFbgiER8sz1aVQ==
Age: 3593

t.anmdr.link/43404/4204/0/?aff_sub4=_bucket&aff_sub=classic&aff_sub2=223646&aff_sub3=w7tcita9pufkck2l2nscib2i&source=1029e9cd13e830d11140a5e13bc00a

54.230.111.38

303 See Other

294 B

URL HTTP/2
t.anmdr.link/43404/4204/0/?aff_sub4=_bucket&aff_sub=classic&aff_sub2=223646&aff_sub3=w7tcita9pufkck2l2nscib2i&source=1029e9cd13e830d11140a5e13bc00a
IP
54.230.111.38:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with no line terminators
Size
294 B (294 bytes)
Hash
aa0a2b40be92e0569df5110f868cf078
a91a1864f83f46f566cae6cceb061323e7ee7630
15396c6a5b6c0a68821c687652a17dfdcc144e5b9b97a2c3679fcfdf035cc2cf

HTTP Headers

GET /43404/4204/0/?aff_sub4=_bucket&aff_sub=classic&aff_sub2=223646&aff_sub3=w7tcita9pufkck2l2nscib2i&source=1029e9cd13e830d11140a5e13bc00a HTTP/1.1
Host: t.anmdr.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 303 See Other
content-type: text/html; charset=utf-8
content-length: 294
location: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
server: nginx/1.19.0
date: Sat, 10 Dec 2022 04:40:49 GMT
set-cookie: enc_aff_session_4204=ENC03d8389a297873d44ec4476dbcf6e422e766a8e30267eef5fdbe21e66395aa00fd3ef868b4fe0ca005bf98d0648acac3798a247e60f4739095451fa630e0755b94aee6506bd62cd3a530c58587d6f6718a0acd0b83135630431f14f69c7e4f4b016ae5bc3be7f7b8ba6e08d2d7479cb2eb52ca2ddfecae442c21d5e2b1312d7256deb94acfc395e2eb33aa485e173ff945570003db33baf86380afb08e4decef3904c4c9cf13002da9e7e69798f6ee11e9e9886e8a176dcea497b83464c28de33a0d77d8a0; Path=/; Expires=Sat, 01 Jun 2030 19:40:49 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Mon, 03 Nov 2025 15:20:49 GMT; Secure
tracking_id: 102b15e65590b6bc2248426957cee1
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EPt7eTlE9fJLeijky6SlrqBvfIAfgr1qkiJpxFPirMZhoxB-9-1kyg==
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5169
Expires: Sat, 10 Dec 2022 06:06:58 GMT
Date: Sat, 10 Dec 2022 04:40:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5169
Expires: Sat, 10 Dec 2022 06:06:58 GMT
Date: Sat, 10 Dec 2022 04:40:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5169
Expires: Sat, 10 Dec 2022 06:06:58 GMT
Date: Sat, 10 Dec 2022 04:40:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5169
Expires: Sat, 10 Dec 2022 06:06:58 GMT
Date: Sat, 10 Dec 2022 04:40:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12743 bytes)
Hash
0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nD0bWCjTU6LNSsNYCNqT4rt7okG1dmPPWiw4FXSi_uNWpcZnxhZgKw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:03:37 GMT
age: 23832
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4acdd84d-55dd-4e5d-bcf3-ab9d63566335.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7535 bytes)
Hash
a81548132f6f176f60e4fc278114ff84
3f330d6c27242cc3d65b975ab4a1c39b08fb69de
82095572be60a13b933293fa38a956e366a854becc5532dfccbf5893366ab702

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4acdd84d-55dd-4e5d-bcf3-ab9d63566335.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7535
x-amzn-requestid: 9c904976-42b9-40c9-aefa-201f0f84358f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMUHw7IAMFSng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3a601e621f9f31c7509f4e52;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lqpcbADJan6TfJwh4c4A0pn6R11QwnLRxtyxQgFLLcCVvyVDMERfRg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:54:09 GMT
age: 24400
etag: "3f330d6c27242cc3d65b975ab4a1c39b08fb69de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32378252-8233-4d6b-b3d2-720e3ac2d0bd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (3963 bytes)
Hash
a2b4c44cc196e1f4263a895ef54e6650
c5cea524045b3394c1dfe5e5fcac4637416f8587
e31f4b95811c01b2f2f181e11b7a8e1b4c57c3c7fc067c304e8dacc6fb176442

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32378252-8233-4d6b-b3d2-720e3ac2d0bd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3963
x-amzn-requestid: f067a6cf-758c-4c35-be64-3970b690ea7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5e7VHdnoAMF0Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ab7b-485a18b738763b2029f6c653;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:41:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sNDbt-t6jZeVPGJ9M80vQ3HFMvmKPI_sPwdwHCf1L_ECXYtKUNrhGg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:54:59 GMT
age: 24350
etag: "c5cea524045b3394c1dfe5e5fcac4637416f8587"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34fa3dbc-1a29-4161-8687-d9c7b1b04f14.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9592 bytes)
Hash
386207bd6fea7388d5df993a32147431
d513b937a9be6e95bfe0fcea0f3f0cb7e611c0de
40fa6a8207008d1fceb11fc9fb37c458e1ed2deac83a2fb5fcac80d9b7ca32fa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34fa3dbc-1a29-4161-8687-d9c7b1b04f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9592
x-amzn-requestid: 1a8dca24-1776-4407-84d4-33fb975e49cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c3fOXFSxoAMF-EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6392df28-5ab03a853cf9c5ca57f4391f;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 07:09:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RmUsaiXxrKPHLNRZgIBd44p5MHFNnoHZCEQK500KNwHOP9-eE8NmDg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:25:02 GMT
age: 76547
etag: "d513b937a9be6e95bfe0fcea0f3f0cb7e611c0de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7557 bytes)
Hash
5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 03:28:41 GMT
age: 4328
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

17 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b7c7b21-97cc-48a2-a70c-c5a6cc643732.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
17 kB (17370 bytes)
Hash
54daaab012d7327bc46324026fff6cf5
20f3487c7d7ecbc3309751e768f4e720ea8572a2
c65a762ef8520b85e73dcff7d93d4ca6b5093360c45f408245630607f559e42f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b7c7b21-97cc-48a2-a70c-c5a6cc643732.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 17370
x-amzn-requestid: 9d40f44c-a43d-4776-9bcf-2234cc941088
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNkEWiIAMFbyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa56-1752d4c9022602137b933701;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1qS7IgODcaKMsgVBSg_oWjw8aBwsPmiwJJigZh0fXi8UmDYZgoctBg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:52:33 GMT
age: 24496
etag: "20f3487c7d7ecbc3309751e768f4e720ea8572a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d2a6b014f571e794bdb94fa4d5c30cf
e0cbf4356d3744993813d2f8d62b6574b23269bc
305036e7ccea1eaeaeaf71dfced708074e49984a05225af221bd4e78a6e91ea7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "305036E7CCEA1EAEAEAF71DFCED708074E49984A05225AF221BD4E78A6E91EA7"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 10 Dec 2022 10:40:49 GMT
Date: Sat, 10 Dec 2022 04:40:49 GMT
Connection: keep-alive

girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0

194.87.208.72

200 OK

14 kB

URL HTTP/1.1
girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
IP
194.87.208.72:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (531), with CRLF line terminators
Size
14 kB (13861 bytes)
Hash
edb56b11622d5fe16b7b77e80c4f7b55
7e881e40af61007bd3233e12ed12853f5763546b
7bd9615436f2d0a5979cfd5c46520c07e549ef28837e585d4f248b650b3fe2f5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0 HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:49 GMT
Content-Type: text/html
Content-Length: 13861
Connection: keep-alive
set-cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu; path=/
cache-control: private, no-transform

girlsjungle.life/media/d/radarnew/css/stylesoutdoor.css

194.87.208.72

200 OK

9.9 kB

URL HTTP/1.1
girlsjungle.life/media/d/radarnew/css/stylesoutdoor.css
IP
194.87.208.72:0
ASN
#0

File type
assembler source, ASCII text, with CRLF line terminators
Size
9.9 kB (9931 bytes)
Hash
03f7f67a73bff5cb76ca8b0c3086915d
db6689a7344d784c97b12467264bdc9cc003844f
3aff9e59a46b2cdd488813c4874a7f9668f74761f94222ef32841fd4350ac8cc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/d/radarnew/css/stylesoutdoor.css HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Content-Type: text/css
Content-Length: 9931
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "03f7f67a73bff5cb76ca8b0c3086915d"
Last-Modified: Wed, 31 Aug 2022 09:33:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172F54D28E4E1146
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 10 Dec 2023 04:40:50 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

girlsjungle.life/media/d/radarnew/css/bootstrap-slider.min.css

194.87.208.72

200 OK

7.2 kB

URL HTTP/1.1
girlsjungle.life/media/d/radarnew/css/bootstrap-slider.min.css
IP
194.87.208.72:0
ASN
#0

File type
ASCII text, with very long lines (6195)
Size
7.2 kB (7227 bytes)
Hash
4961224724899c120f62718d9a05a11a
edb2043d6a2727c124a9d2b64a461ef682e73dad
a27ecbe0f63af48cceb0dc93fb842d3161462ca44d16bae13ea4a85488a7a8ce

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/d/radarnew/css/bootstrap-slider.min.css HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Content-Type: text/css
Content-Length: 7227
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "4961224724899c120f62718d9a05a11a"
Last-Modified: Wed, 31 Aug 2022 09:33:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172F54D29507AE53
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 10 Dec 2023 04:40:50 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

girlsjungle.life/media/d/radarnew/css/blue.css

194.87.208.72

200 OK

1.5 kB

URL HTTP/1.1
girlsjungle.life/media/d/radarnew/css/blue.css
IP
194.87.208.72:0
ASN
#0

File type
ASCII text
Size
1.5 kB (1505 bytes)
Hash
53c8fc393280d00814bfcb0ac9a9948b
41411e8e1fae0b3a35cb70f547df9df643a6a6dc
0ca1d39f999294e137c538278732cd5f2e0f6bd54617ec7e347773ac5b3d8272

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/d/radarnew/css/blue.css HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Content-Type: text/css
Content-Length: 1505
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "53c8fc393280d00814bfcb0ac9a9948b"
Last-Modified: Wed, 31 Aug 2022 09:33:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172F54D296EBA44D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 10 Dec 2023 04:40:50 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

girlsjungle.life/media/d/radarnew/js/trls.js

194.87.208.72

200 OK

48 kB

URL HTTP/1.1
girlsjungle.life/media/d/radarnew/js/trls.js
IP
194.87.208.72:0
ASN
#0

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
48 kB (47770 bytes)
Hash
acbcd82ae39db3a4cc2eb4a43d8b4338
4bbfdc1fca56ef2aba7b5fd95034ea6860f30a5a
3fc88d3968cd86f76bc3d071b1d3de64729f06840621ab9a39b93f7e2add6303

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/d/radarnew/js/trls.js HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Content-Type: application/javascript
Content-Length: 47770
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "acbcd82ae39db3a4cc2eb4a43d8b4338"
Last-Modified: Wed, 31 Aug 2022 09:33:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172F53DD20AF4208
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 10 Dec 2023 04:40:50 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

girlsjungle.life/util/utils.js

194.87.208.72

200 OK

7.5 kB

URL HTTP/1.1
girlsjungle.life/util/utils.js
IP
194.87.208.72:0
ASN
#0

File type
ASCII text, with very long lines (641), with CRLF line terminators
Size
7.5 kB (7512 bytes)
Hash
01816d15ca03032751161a746e2fb7c3
dcc72ea5fa1356490ba473288159df9786b4a3c3
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /util/utils.js HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Content-Type: application/javascript
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Wed, 31 Aug 2022 09:38:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172F545D6BB4BAF7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 10 Dec 2023 04:40:50 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

girlsjungle.life/media/d/radarnew/js/bootstrap.min.js

194.87.208.72

200 OK

29 kB

URL HTTP/1.1
girlsjungle.life/media/d/radarnew/js/bootstrap.min.js
IP
194.87.208.72:0
ASN
#0

File type
ASCII text, with very long lines (28941)
Size
29 kB (29110 bytes)
Hash
ba847811448ef90d98d272aeccef2a95
5814e91bb6276f4de8b7951c965f2f190a03978d
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/d/radarnew/js/bootstrap.min.js HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Content-Type: application/javascript
Content-Length: 29110
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "ba847811448ef90d98d272aeccef2a95"
Last-Modified: Wed, 31 Aug 2022 09:33:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172F54D29761C93B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 10 Dec 2023 04:40:50 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

girlsjungle.life/media/d/radarnew/js/bootstrap-slider.min.js

194.87.208.72

200 OK

26 kB

URL HTTP/1.1
girlsjungle.life/media/d/radarnew/js/bootstrap-slider.min.js
IP
194.87.208.72:0
ASN
#0

File type
ASCII text, with very long lines (25087)
Size
26 kB (26183 bytes)
Hash
bb00d9d835171fe905a76787cbea604a
428580aaa3688c5dcca79b6428248b31af85ac1f
926ac5c114974a527367752eef1ab86bdb364c34fafb39e9b976c7ab0c2adda6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/d/radarnew/js/bootstrap-slider.min.js HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Content-Type: application/javascript
Content-Length: 26183
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "bb00d9d835171fe905a76787cbea604a"
Last-Modified: Wed, 31 Aug 2022 09:33:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172F54D29BF32FCA
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 10 Dec 2023 04:40:50 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

girlsjungle.life/media/exit-new/exit1.js

194.87.208.72

200 OK

3.5 kB

URL HTTP/1.1
girlsjungle.life/media/exit-new/exit1.js
IP
194.87.208.72:0
ASN
#0

File type
ASCII text, with very long lines (641), with CRLF line terminators
Size
3.5 kB (3473 bytes)
Hash
625e5e2950612f771e246beb33c9ea61
e4fc251c6c000496c285f8dc3fa097040b031681
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/exit-new/exit1.js HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Content-Type: application/javascript
Content-Length: 3473
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "625e5e2950612f771e246beb33c9ea61"
Last-Modified: Wed, 31 Aug 2022 09:34:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172F54650D9C8B5B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 10 Dec 2023 04:40:50 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

girlsjungle.life/media/d/radarnew/js/jquery.min.js

194.87.208.72

200 OK

93 kB

URL HTTP/1.1
girlsjungle.life/media/d/radarnew/js/jquery.min.js
IP
194.87.208.72:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (65480)
Size
93 kB (93435 bytes)
Hash
0b6ecf17e30037994d3ffee51b525914
d09d3a99ed25d0f1fbe6856de9e14ffd33557256
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/d/radarnew/js/jquery.min.js HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Content-Type: application/javascript
Content-Length: 93435
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0b6ecf17e30037994d3ffee51b525914"
Last-Modified: Wed, 31 Aug 2022 09:33:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172F54D29760AE0F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 10 Dec 2023 04:40:50 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

girlsjungle.life/media/d/radarnew/css/bootstrap.css

194.87.208.72

200 OK

110 kB

URL HTTP/1.1
girlsjungle.life/media/d/radarnew/css/bootstrap.css
IP
194.87.208.72:0
ASN
#0

File type
assembler source, ASCII text, with very long lines (540)
Size
110 kB (110239 bytes)
Hash
47ec8e4c717bce27e3dec25375b64c16
23ee6fedf86a1ebb17e96423086f910f72a9e8f5
37d237c2cfc632735d5a1c48184e7e7afc5358ffd8ab8d6bd9f90a16d1e2993f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/d/radarnew/css/bootstrap.css HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Content-Type: text/css
Content-Length: 110239
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "47ec8e4c717bce27e3dec25375b64c16"
Last-Modified: Wed, 31 Aug 2022 09:33:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172F54D296D81026
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 10 Dec 2023 04:40:50 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

girlsjungle.life/media/d/radarnew/js/main.js

194.87.208.72

200 OK

1.4 kB

URL HTTP/1.1
girlsjungle.life/media/d/radarnew/js/main.js
IP
194.87.208.72:0
ASN
#0

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1446 bytes)
Hash
e2a64608889abbe3782f28e512a421dd
6c5e589d6cf3c8ee1eb63f057f9852ff67887c44
ebd7a92af4d051891df2bbad59bbf1b2a36fc68f1108b15504d12550d656f566

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/d/radarnew/js/main.js HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Content-Type: application/javascript
Content-Length: 1446
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "e2a64608889abbe3782f28e512a421dd"
Last-Modified: Wed, 31 Aug 2022 09:33:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172F54D29F96FB77
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 10 Dec 2023 04:40:50 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

girlsjungle.life/media/bbradar.js

194.87.208.72

200 OK

639 B

URL HTTP/1.1
girlsjungle.life/media/bbradar.js
IP
194.87.208.72:0
ASN
#0

File type
ASCII text, with very long lines (639), with no line terminators
Size
639 B (639 bytes)
Hash
0d553e4bac91c74bfee2dbabba61e99e
5af71e2377c9c012a7826a695f2724901941b19b
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/bbradar.js HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Content-Type: application/javascript
Content-Length: 639
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0d553e4bac91c74bfee2dbabba61e99e"
Last-Modified: Wed, 31 Aug 2022 09:32:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172F54D2A0574624
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 10 Dec 2023 04:40:50 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

girlsjungle.life/media/d/radarnew/images/radar.gif

194.87.208.72

200 OK

176 kB

URL HTTP/1.1
girlsjungle.life/media/d/radarnew/images/radar.gif
IP
194.87.208.72:0
ASN
#0

File type
GIF image data, version 89a, 179 x 179\012- data
Size
176 kB (175791 bytes)
Hash
0d3a894b7b00a48996f702d71fe7e7c3
b4f278b2ff6d12f7fb38fdf91c42f3190a69e53c
89495896bcc3deb0b6a643cf55ddfe620ada0cdb66cd09ce4ba801a06396fcef

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/d/radarnew/images/radar.gif HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Content-Type: image/gif
Content-Length: 175791
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0d3a894b7b00a48996f702d71fe7e7c3"
Last-Modified: Wed, 31 Aug 2022 09:33:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172F54D2A6D90D03
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 10 Dec 2023 04:40:50 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

girlsjungle.life/media/d/radarnew/images/outdoor.jpg

194.87.208.72

200 OK

222 kB

URL HTTP/1.1
girlsjungle.life/media/d/radarnew/images/outdoor.jpg
IP
194.87.208.72:0
ASN
#0

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1422x800, components 3\012- data
Size
222 kB (222141 bytes)
Hash
fc523ba36d675d549f0c70815b6b1604
d8dc530c0e48382f06da7301a7bfb42072f28cfb
b0b9b668729dc630f2ff79478f74bdaa7d6eb53a5b8ae665a3144c5cf7629351

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/d/radarnew/images/outdoor.jpg HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/media/d/radarnew/css/stylesoutdoor.css
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Content-Type: image/jpeg
Content-Length: 222141
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "fc523ba36d675d549f0c70815b6b1604"
Last-Modified: Wed, 31 Aug 2022 09:33:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172F54D2A8F86580
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 10 Dec 2023 04:40:50 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

girlsjungle.life/favicon.ico

194.87.208.72

204 No Content

0 B

URL HTTP/1.1
girlsjungle.life/favicon.ico
IP
194.87.208.72:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: girlsjungle.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsjungle.life/?u=775wwwr&o=e6pp9za&t=43404_223646&cid=102b15e65590b6bc2248426957cee1&p=0&b=0
Cookie: sid=t2~ug3fbrnssd52kioftdh2h4nu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 10 Dec 2022 04:40:50 GMT
Connection: keep-alive
Cache-Control: no-transform

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9209 bytes)
Hash
4ccbd106eb57e1a4f6d60408118fe2dd
cc916150425f00b44ede3ec473e3e248afabaf8d
740c62dfdd20f2fb7270ea602825ba7eaad99c4fe5ab8d726072909c6b73c87f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9209
x-amzn-requestid: a740ddf7-5325-4ac1-a694-aaa3d4345fe4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNUGIroAMFdlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-08856c7b0757108a5c6811c9;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YUoiKVdDbKhNYwvJrsKp8RbC8Otq3ClQEmIx-HDe4wQYYompXjy2Yw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:44 GMT
age: 23772
etag: "cc916150425f00b44ede3ec473e3e248afabaf8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations