Report - llvv.fun/

Report Overview

Visited public
2025-04-20 22:22:17
Tags
Submit Tags
URL
llvv.fun/
Finishing URL
jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
IP / ASN
167.172.187.233
#14061 DIGITALOCEAN-ASN
Title
The most popular dating site of this month

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
mb2j264.b2base252.top	unknown	2025-03-26	2025-03-28	2025-04-19	598 B	46 kB	104.21.21.49
code.jquery.com	634	2005-12-10	2012-05-21	2025-04-16	465 B	88 kB	151.101.194.137
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-04-16	565 B	20 kB	142.250.74.3
llvv.fun	unknown	2025-04-01	2025-04-20	2025-04-20	477 B	46 kB	167.172.187.233
sunfeb.top	unknown	2025-02-11	2025-04-09	2025-04-19	521 B	46 kB	172.67.128.57
jfgcac.bustydatng.com	unknown	2021-01-19	2025-04-19	2025-04-19	15 kB	2.0 MB	81.30.157.12
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-04-16	475 B	4.3 kB	104.18.187.31
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-04-16	467 B	2.6 kB	216.58.211.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-20	medium	sunfeb.top	Sinkholed
2025-04-20	medium	b2base252.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.3.1.min.js	ScriptElement	1.0 kB	2023-04-29	2025-06-30
Pretty URL code.jquery.com/jquery-3.3.1.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-29 08:43 Last Seen2025-06-30 17:09 Times Seen435 Hash c9a14b26aef8bba135e0749ec536f608 096cbb5ce5fe7992c85f0bac682974196ad78d09 cad9fc1485e97aca7816e5ef8406c7cb26648ee9fb2552e98c5dfc0e531474d4 Loading...

HTTP Transactions (13)

URL IP Response Size

GET llvv.fun/

167.172.187.233

302 Found

46 kB

URL User Request GET
llvv.fun/
IP
167.172.187.233:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectllvv.fun
FingerprintA6:41:96:B7:CE:87:FC:D3:58:81:ED:2A:D8:69:6A:70:F1:30:7C:25
ValidityTue, 01 Apr 2025 12:14:32 GMT - Mon, 30 Jun 2025 12:14:31 GMT

File type

Size
46 kB (45597 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: llvv.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sun, 20 Apr 2025 22:21:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sun, 20 Apr 2025 22:21:55 GMT
Location: https://sunfeb.top/click?o=2&a=5050&aff_click_id=1sjos4f3o1j6
Set-Cookie: _subid=1sjos4f3o1j6; expires=Wed, 21 May 2025 22:21:55 GMT; path=/
4b8a6=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ5NTVcIjoxNzQ1MTg3NzE1fSxcImNhbXBhaWduc1wiOntcIjk1NFwiOjE3NDUxODc3MTV9LFwidGltZVwiOjE3NDUxODc3MTV9In0.voJiSzBe9ka70GZJkeJERVv2JUEm8AQkSlI5OtCHiH8; expires=Mon, 21 Apr 2025 22:21:55 GMT; path=/
_token=uuid_1sjos4f3o1j6_1sjos4f3o1j6680573833c3062.63480275; expires=Wed, 21 May 2025 22:21:55 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

GET sunfeb.top/click?o=2&a=5050&aff_click_id=1sjos4f3o1j6

172.67.128.57

302 Found

46 kB

URL User Request GET
sunfeb.top/click?o=2&a=5050&aff_click_id=1sjos4f3o1j6
IP
172.67.128.57:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectsunfeb.top
FingerprintBF:83:D8:5D:1E:60:AF:F8:6B:36:D6:84:C7:63:15:C8:F9:F6:11:D8
ValidityMon, 07 Apr 2025 11:59:55 GMT - Sun, 06 Jul 2025 12:58:32 GMT

File type

Size
46 kB (45597 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /click?o=2&a=5050&aff_click_id=1sjos4f3o1j6 HTTP/1.1
Host: sunfeb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET jfgcac.bustydatng.com/bundle/1049/assets/css/style.css

81.30.157.12

200 OK

7.7 kB

URL GET
jfgcac.bustydatng.com/bundle/1049/assets/css/style.css
IP
81.30.157.12:443
ASN
#24961 WIIT AG

Requested by
https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
Certificate
IssuerLet's Encrypt
Subjectbustydatng.com
Fingerprint56:04:36:CB:7F:D5:90:F7:57:27:0E:AF:64:C9:26:26:9A:3D:11:18
ValidityFri, 07 Mar 2025 14:43:29 GMT - Thu, 05 Jun 2025 14:43:28 GMT

File type
ASCII text, with CRLF line terminators
Size
7.7 kB (7679 bytes)
Hash
e368d8ca62e3d7154a0c0364b84a4d26
1c458febbce0e5b4f95ef397101e0b7d99c57ce7
7f7481f6123e1d3c50804b2c2da1d4a6e4d3be0fb1b4253a131f7cbbeedbac80

HTTP Headers

GET /bundle/1049/assets/css/style.css HTTP/1.1
Host: jfgcac.bustydatng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
Cookie: s=H9RPhntkd7ZrsvkJfudJ1B97QAPWeDbV8gogdrjXBGmUOj%2FlosNdOOF1Y2C72aotKcEEnn7kM0Nt0lf1TuCW%2BCB%2BLvYRH%2BMr%2FTdQAmRnYY%2BnG9DMz7araMo%2BXdIkl%2Bzi4LQDmHNN06fmQgTkTctWOQ4fwVob%2BNxjaJHe8Vo7scbHqfS69cgwNui5q9aujJffGtBEtRAMnQckmvDVddbSZ7nyJDwvh1QnNEZ1ejQnUgjDEwyLq2A3dVRAHOkr%2BbAYV3HG2Y6b3dbgE%2FMpMRTR1qf8n3MDe2NC%2FGbWRkF3hx5bLSsYr9VvElFjYVgqW5JveQwM3ge7OCpbrBpZGYqMDsMUHUvjPXGcAAUv7GFUUJ85wsudIRnzqANqo8%2F0a3eDocbFLwn6yn%2FWmw%2BnK5ZDzxfjp07vWlmwq4RaqKuLxvgnCVrtKq49z6ylHE3T0meshQ8%2Buk1PUsY5iGYuLoQDFweEWbbW1uWcWjfd6jyvaGDNTinz9KJEPJYJU%2B57Lnklh8gN366l1UEjgZq2TMgASdEV6DYQ9aGWrvW16%2BqKX77Y3SluYoXnq%2BoxHCGdxXExcXEoYzqt%2FnOz1JR8hazdaQXPv2MlspahmqQB8ij4z%2FNfMidm8FMIfBW%2FvWzd2DL3TM2%2F8zZydNRMU%2FdldchbBCZz4uw81Q%2FaSyglfU9blltZr5N8mmMPVFW9pS0%2BCG9Ov1DB60%2F5hHXyhnVkUfjAJo7mpU%2BZKayaa68cLCT6yvFIA4r%2FBSsM7LSfr7OaJACTq0poSWoAAgthLnZuO2O8soAFJ0tBsSGmN9603wAKGOeo8Jfr7hqThQUSO3byOCM%2FuPxSaHZEU4oKf5iqJTmC%2BKKoSeM65ZTs0YEThI%2BOH9XKOUqM%2FgW7XegAa6ie8CgxX83kqYJZ6iZi7Nth%2B%2BERkweGTYrPbclXLtWhVlv5yKxA5QzT44Arf8XEIWNUYsG%2BlnTO5QFXhQ2c2E9ZVR3fDRSg%2FnMGDeRwfCZYLdFEKdXLz2L%2Frlh2%2BfEjt%2F5y0j6E6A0NUmZOCGLkeC5Iz7pfgv4Z3p3sZDRfFnOvoXXffJSuifdiLZPg2wuVBxy0YwAVJj%2BS7gSSN5lq6E0L6akOJUQ74PEG9KZhEpL6Ssqmydah4OuHgXeOOgMSdECvUURyo936851sI4aXUTGAYokq6BAHvZxvI8VaHWLB9d6q2QxCJLV0%2FEuIgzPiE2v%2F9%2BUsZJBUYeHNmEowRU36bVu6B%2FLLGbsu46c2nvviShgeOpJspcPSWW1kj%2BcoA3HX%2B8Xxlmtpu7tQxc%2BYrLh4RjUbMxowYPSF5QHXQ4TiSxXrlESlX1I%2Fo%2FGMUEpPkuhRpiYUIPgYbeauy4b8CNm9qcqzCwD2eImMatYPc%2BjeODl1eGYRtRdmH6Cmd6ubKk4i3iVpBn16V4SOYClvpDQTDLwUiJ71PweqbQylMUzpQoCU55rCbvX0OoqSm9enbfapcjecGOUSmqm%2FPreKXnIPUxKsxqIKxH%2BpOaGWsEdnL0DcO2%2FyTKfkwi6je3Pj0zHUrD6E0P13mzP6JQLaotVTUehwvjc61cZzTycQIM1bgWQjVoZeEC2%2F6xQdE%2F%2F76yJUywDoIKY4E3wo6aHa0VGoCZG0vkcKTb94ifH%2Bn5xJQWIE6CAB6hP1rMtoLc88wQpLuuZ2%2FFxl1W5ItDInRnupfcvx23HIE2PGbaEWPJAc4mgBemngpywv2jvi7dVqBQ4vhENDjrQm0zIrhwnMRdxpLnyzguEyz9bE8NucehDyCeSoUyl4srIQR1cDNz3elJbf5yGEaYJ52OxHl6yv1YKfIrZlf4CQYx10gv37GWW%2FszLXrvqxEGG0I3aWWOTW9gi%2BtFc9%2BLHsngbhWC%2B5NYAzAAIer7rHan6UUyJVXs6kbVSA21pzM53E9EG1P8Qpnf2OshMo7UU6wDgtNPbd%2FgdTQ8%2FpT%2FQNCcEWKu4Imt7mrtE9N9%2FIItWM7%2BWIa2BlqsInRuh5Xe%2Fuj9gR6KWl%2Brql2Jepvd3qYUB67s88Zf79WzxeU0%2BAtI54AqS8KBwEIEDPc3XyJHR2DWWTpQo9cD7IReNRnKUsm0x1k4NcxMoBKxOdKjy5M637kUfIwpg8nnOj7lp%2FA585Hx5%2B%2FXt1mg%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sun, 20 Apr 2025 22:21:57 GMT
cache-control: max-age=86400, public
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/jquery.background-video.min.js

104.18.187.31

200 OK

3.1 kB

URL GET
cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/jquery.background-video.min.js
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2776)
Size
3.1 kB (3131 bytes)
Hash
dc9a371cad01ec09e585eb3e25314280
94897da73119895ece986ae8fb5111daf1c9b58d
980080db04de0f4a4aa86505dfab04f57bfe273681d72017211c2be9f18c004b

HTTP Headers

GET /npm/jquery-background-video@1.1.0/jquery.background-video.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jfgcac.bustydatng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:21:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 1530
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.1.0
x-jsd-version-type: version
etag: W/"c3b-lIl9pzEZiV7OmGro+1ER2vHJtY0"
content-encoding: br
x-served-by: cache-fra-etou8220029-FRA, cache-lga21964-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 26909608
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fu4UP5R3U6R6oeU03hBN4O00uDVjrAo3d5TppXRWGIzukSCc3w%2BSM8%2BlXOh1oMlz7bx5A0LZij4jWXbV4Bxffjhdu79%2FOomKP%2FDarVxTSFaqPmeNJ%2BLd4K%2B7eNiRGnBH6Js%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 933809a5bdd256a5-OSL
X-Firefox-Spdy: h2

GET jfgcac.bustydatng.com/bundle/1049/assets/images/d1.mp4

81.30.157.12

200 OK

959 kB

URL GET
jfgcac.bustydatng.com/bundle/1049/assets/images/d1.mp4
IP
81.30.157.12:443
ASN
#24961 WIIT AG

Requested by
https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
Certificate
IssuerLet's Encrypt
Subjectbustydatng.com
Fingerprint56:04:36:CB:7F:D5:90:F7:57:27:0E:AF:64:C9:26:26:9A:3D:11:18
ValidityFri, 07 Mar 2025 14:43:29 GMT - Thu, 05 Jun 2025 14:43:28 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
959 kB (959394 bytes)
Hash
633612d82cc5035f578fd09f6dd54c95
500d6cf0bd97236db3d95102b4c2171bda76a1f7
0b91826188197f7ae9854e8f0b4e2114cd5ca8bbc056f52d0517ba42664f00ff

HTTP Headers

GET /bundle/1049/assets/images/d1.mp4 HTTP/1.1
Host: jfgcac.bustydatng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
Cookie: s=H9RPhntkd7ZrsvkJfudJ1B97QAPWeDbV8gogdrjXBGmUOj%2FlosNdOOF1Y2C72aotKcEEnn7kM0Nt0lf1TuCW%2BCB%2BLvYRH%2BMr%2FTdQAmRnYY%2BnG9DMz7araMo%2BXdIkl%2Bzi4LQDmHNN06fmQgTkTctWOQ4fwVob%2BNxjaJHe8Vo7scbHqfS69cgwNui5q9aujJffGtBEtRAMnQckmvDVddbSZ7nyJDwvh1QnNEZ1ejQnUgjDEwyLq2A3dVRAHOkr%2BbAYV3HG2Y6b3dbgE%2FMpMRTR1qf8n3MDe2NC%2FGbWRkF3hx5bLSsYr9VvElFjYVgqW5JveQwM3ge7OCpbrBpZGYqMDsMUHUvjPXGcAAUv7GFUUJ85wsudIRnzqANqo8%2F0a3eDocbFLwn6yn%2FWmw%2BnK5ZDzxfjp07vWlmwq4RaqKuLxvgnCVrtKq49z6ylHE3T0meshQ8%2Buk1PUsY5iGYuLoQDFweEWbbW1uWcWjfd6jyvaGDNTinz9KJEPJYJU%2B57Lnklh8gN366l1UEjgZq2TMgASdEV6DYQ9aGWrvW16%2BqKX77Y3SluYoXnq%2BoxHCGdxXExcXEoYzqt%2FnOz1JR8hazdaQXPv2MlspahmqQB8ij4z%2FNfMidm8FMIfBW%2FvWzd2DL3TM2%2F8zZydNRMU%2FdldchbBCZz4uw81Q%2FaSyglfU9blltZr5N8mmMPVFW9pS0%2BCG9Ov1DB60%2F5hHXyhnVkUfjAJo7mpU%2BZKayaa68cLCT6yvFIA4r%2FBSsM7LSfr7OaJACTq0poSWoAAgthLnZuO2O8soAFJ0tBsSGmN9603wAKGOeo8Jfr7hqThQUSO3byOCM%2FuPxSaHZEU4oKf5iqJTmC%2BKKoSeM65ZTs0YEThI%2BOH9XKOUqM%2FgW7XegAa6ie8CgxX83kqYJZ6iZi7Nth%2B%2BERkweGTYrPbclXLtWhVlv5yKxA5QzT44Arf8XEIWNUYsG%2BlnTO5QFXhQ2c2E9ZVR3fDRSg%2FnMGDeRwfCZYLdFEKdXLz2L%2Frlh2%2BfEjt%2F5y0j6E6A0NUmZOCGLkeC5Iz7pfgv4Z3p3sZDRfFnOvoXXffJSuifdiLZPg2wuVBxy0YwAVJj%2BS7gSSN5lq6E0L6akOJUQ74PEG9KZhEpL6Ssqmydah4OuHgXeOOgMSdECvUURyo936851sI4aXUTGAYokq6BAHvZxvI8VaHWLB9d6q2QxCJLV0%2FEuIgzPiE2v%2F9%2BUsZJBUYeHNmEowRU36bVu6B%2FLLGbsu46c2nvviShgeOpJspcPSWW1kj%2BcoA3HX%2B8Xxlmtpu7tQxc%2BYrLh4RjUbMxowYPSF5QHXQ4TiSxXrlESlX1I%2Fo%2FGMUEpPkuhRpiYUIPgYbeauy4b8CNm9qcqzCwD2eImMatYPc%2BjeODl1eGYRtRdmH6Cmd6ubKk4i3iVpBn16V4SOYClvpDQTDLwUiJ71PweqbQylMUzpQoCU55rCbvX0OoqSm9enbfapcjecGOUSmqm%2FPreKXnIPUxKsxqIKxH%2BpOaGWsEdnL0DcO2%2FyTKfkwi6je3Pj0zHUrD6E0P13mzP6JQLaotVTUehwvjc61cZzTycQIM1bgWQjVoZeEC2%2F6xQdE%2F%2F76yJUywDoIKY4E3wo6aHa0VGoCZG0vkcKTb94ifH%2Bn5xJQWIE6CAB6hP1rMtoLc88wQpLuuZ2%2FFxl1W5ItDInRnupfcvx23HIE2PGbaEWPJAc4mgBemngpywv2jvi7dVqBQ4vhENDjrQm0zIrhwnMRdxpLnyzguEyz9bE8NucehDyCeSoUyl4srIQR1cDNz3elJbf5yGEaYJ52OxHl6yv1YKfIrZlf4CQYx10gv37GWW%2FszLXrvqxEGG0I3aWWOTW9gi%2BtFc9%2BLHsngbhWC%2B5NYAzAAIer7rHan6UUyJVXs6kbVSA21pzM53E9EG1P8Qpnf2OshMo7UU6wDgtNPbd%2FgdTQ8%2FpT%2FQNCcEWKu4Imt7mrtE9N9%2FIItWM7%2BWIa2BlqsInRuh5Xe%2Fuj9gR6KWl%2Brql2Jepvd3qYUB67s88Zf79WzxeU0%2BAtI54AqS8KBwEIEDPc3XyJHR2DWWTpQo9cD7IReNRnKUsm0x1k4NcxMoBKxOdKjy5M637kUfIwpg8nnOj7lp%2FA585Hx5%2B%2FXt1mg%3D%3D
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sun, 20 Apr 2025 22:21:58 GMT
cache-control: max-age=86400, public
X-Firefox-Spdy: h2

GET jfgcac.bustydatng.com/bundle/1049/assets/images/m1.mp4

81.30.157.12

200 OK

938 kB

URL GET
jfgcac.bustydatng.com/bundle/1049/assets/images/m1.mp4
IP
81.30.157.12:443
ASN
#24961 WIIT AG

Requested by
https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
Certificate
IssuerLet's Encrypt
Subjectbustydatng.com
Fingerprint56:04:36:CB:7F:D5:90:F7:57:27:0E:AF:64:C9:26:26:9A:3D:11:18
ValidityFri, 07 Mar 2025 14:43:29 GMT - Thu, 05 Jun 2025 14:43:28 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
938 kB (938470 bytes)
Hash
60e557d230298fb4cf5c1ec1d206c237
74aab095bd247e6d838029a52a8ca00aab817d0d
29d1367823efab68d7339c0bad573660fae82569374b9e928e97f06c873e1b63

HTTP Headers

GET /bundle/1049/assets/images/m1.mp4 HTTP/1.1
Host: jfgcac.bustydatng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
Cookie: s=H9RPhntkd7ZrsvkJfudJ1B97QAPWeDbV8gogdrjXBGmUOj%2FlosNdOOF1Y2C72aotKcEEnn7kM0Nt0lf1TuCW%2BCB%2BLvYRH%2BMr%2FTdQAmRnYY%2BnG9DMz7araMo%2BXdIkl%2Bzi4LQDmHNN06fmQgTkTctWOQ4fwVob%2BNxjaJHe8Vo7scbHqfS69cgwNui5q9aujJffGtBEtRAMnQckmvDVddbSZ7nyJDwvh1QnNEZ1ejQnUgjDEwyLq2A3dVRAHOkr%2BbAYV3HG2Y6b3dbgE%2FMpMRTR1qf8n3MDe2NC%2FGbWRkF3hx5bLSsYr9VvElFjYVgqW5JveQwM3ge7OCpbrBpZGYqMDsMUHUvjPXGcAAUv7GFUUJ85wsudIRnzqANqo8%2F0a3eDocbFLwn6yn%2FWmw%2BnK5ZDzxfjp07vWlmwq4RaqKuLxvgnCVrtKq49z6ylHE3T0meshQ8%2Buk1PUsY5iGYuLoQDFweEWbbW1uWcWjfd6jyvaGDNTinz9KJEPJYJU%2B57Lnklh8gN366l1UEjgZq2TMgASdEV6DYQ9aGWrvW16%2BqKX77Y3SluYoXnq%2BoxHCGdxXExcXEoYzqt%2FnOz1JR8hazdaQXPv2MlspahmqQB8ij4z%2FNfMidm8FMIfBW%2FvWzd2DL3TM2%2F8zZydNRMU%2FdldchbBCZz4uw81Q%2FaSyglfU9blltZr5N8mmMPVFW9pS0%2BCG9Ov1DB60%2F5hHXyhnVkUfjAJo7mpU%2BZKayaa68cLCT6yvFIA4r%2FBSsM7LSfr7OaJACTq0poSWoAAgthLnZuO2O8soAFJ0tBsSGmN9603wAKGOeo8Jfr7hqThQUSO3byOCM%2FuPxSaHZEU4oKf5iqJTmC%2BKKoSeM65ZTs0YEThI%2BOH9XKOUqM%2FgW7XegAa6ie8CgxX83kqYJZ6iZi7Nth%2B%2BERkweGTYrPbclXLtWhVlv5yKxA5QzT44Arf8XEIWNUYsG%2BlnTO5QFXhQ2c2E9ZVR3fDRSg%2FnMGDeRwfCZYLdFEKdXLz2L%2Frlh2%2BfEjt%2F5y0j6E6A0NUmZOCGLkeC5Iz7pfgv4Z3p3sZDRfFnOvoXXffJSuifdiLZPg2wuVBxy0YwAVJj%2BS7gSSN5lq6E0L6akOJUQ74PEG9KZhEpL6Ssqmydah4OuHgXeOOgMSdECvUURyo936851sI4aXUTGAYokq6BAHvZxvI8VaHWLB9d6q2QxCJLV0%2FEuIgzPiE2v%2F9%2BUsZJBUYeHNmEowRU36bVu6B%2FLLGbsu46c2nvviShgeOpJspcPSWW1kj%2BcoA3HX%2B8Xxlmtpu7tQxc%2BYrLh4RjUbMxowYPSF5QHXQ4TiSxXrlESlX1I%2Fo%2FGMUEpPkuhRpiYUIPgYbeauy4b8CNm9qcqzCwD2eImMatYPc%2BjeODl1eGYRtRdmH6Cmd6ubKk4i3iVpBn16V4SOYClvpDQTDLwUiJ71PweqbQylMUzpQoCU55rCbvX0OoqSm9enbfapcjecGOUSmqm%2FPreKXnIPUxKsxqIKxH%2BpOaGWsEdnL0DcO2%2FyTKfkwi6je3Pj0zHUrD6E0P13mzP6JQLaotVTUehwvjc61cZzTycQIM1bgWQjVoZeEC2%2F6xQdE%2F%2F76yJUywDoIKY4E3wo6aHa0VGoCZG0vkcKTb94ifH%2Bn5xJQWIE6CAB6hP1rMtoLc88wQpLuuZ2%2FFxl1W5ItDInRnupfcvx23HIE2PGbaEWPJAc4mgBemngpywv2jvi7dVqBQ4vhENDjrQm0zIrhwnMRdxpLnyzguEyz9bE8NucehDyCeSoUyl4srIQR1cDNz3elJbf5yGEaYJ52OxHl6yv1YKfIrZlf4CQYx10gv37GWW%2FszLXrvqxEGG0I3aWWOTW9gi%2BtFc9%2BLHsngbhWC%2B5NYAzAAIer7rHan6UUyJVXs6kbVSA21pzM53E9EG1P8Qpnf2OshMo7UU6wDgtNPbd%2FgdTQ8%2FpT%2FQNCcEWKu4Imt7mrtE9N9%2FIItWM7%2BWIa2BlqsInRuh5Xe%2Fuj9gR6KWl%2Brql2Jepvd3qYUB67s88Zf79WzxeU0%2BAtI54AqS8KBwEIEDPc3XyJHR2DWWTpQo9cD7IReNRnKUsm0x1k4NcxMoBKxOdKjy5M637kUfIwpg8nnOj7lp%2FA585Hx5%2B%2FXt1mg%3D%3D
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sun, 20 Apr 2025 22:21:58 GMT
cache-control: max-age=86400, public
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Montserrat&subset=latin-ext

216.58.211.10

200 OK

1.9 kB

URL GET
fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint06:13:4C:49:F4:23:BB:58:C3:31:41:0E:F9:E0:C5:EF:74:A9:0C:67
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
ASCII text
Size
1.9 kB (1866 bytes)
Hash
14747b7ccb4842d4e00fc83ac1d84c36
a6b508cbe4e15066de1f6608dcd2640d9d90d377
d2985f60e922d8796396c202ffcb9f6f6c2a57f510cb49f9babf16d025c6b058

HTTP Headers

GET /css?family=Montserrat&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jfgcac.bustydatng.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 20 Apr 2025 22:21:58 GMT
date: Sun, 20 Apr 2025 22:21:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET mb2j264.b2base252.top/click?key=23815cdd29d290f7b533&externalid=5e6253b2e2784c7de8b71c315191e796&a=5050&landing=&sub_id1=&scGeo=NO

104.21.21.49

307 Temporary Redirect

46 kB

URL User Request GET
mb2j264.b2base252.top/click?key=23815cdd29d290f7b533&externalid=5e6253b2e2784c7de8b71c315191e796&a=5050&landing=&sub_id1=&scGeo=NO
IP
104.21.21.49:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectb2base252.top
Fingerprint7E:7C:79:C6:96:42:0B:F6:75:40:B2:0C:DD:81:8A:27:50:FA:C4:95
ValidityWed, 26 Mar 2025 11:15:51 GMT - Tue, 24 Jun 2025 12:14:30 GMT

File type

Size
46 kB (45597 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /click?key=23815cdd29d290f7b533&externalid=5e6253b2e2784c7de8b71c315191e796&a=5050&landing=&sub_id1=&scGeo=NO HTTP/1.1
Host: mb2j264.b2base252.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Sun, 20 Apr 2025 22:21:56 GMT
content-length: 0
location: https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
server: cloudflare
x-request-id: 12f19c8c-3f6e-4110-ad5d-625ed5a8a9cd
cf-cache-status: DYNAMIC
set-cookie: uclick=nujZwg1cPds10OTyPWCYt4kWzzAZC9trjLqW5alEO1xuxNJXbjst9Ri+fwL/+rrLrUzn; SameSite=Lax; Max-Age=31536000
uclick=nujZwg1cPds10OTyPWCYt4kWzzAZC9trjLqW5alEO1xuxNJXbjss9Ri+fwL/+rrL898UQj+lJ8DC7Scw; SameSite=Lax; Max-Age=31536000
uclick=nujZwg1cPds10OTyPWCYt4kWzzAZC9trjLqW5alEO1xuxNJXbjss9Ri+fwL/+rrL898UQj+lJ8DC7SdhvOAlZy+zS13r; SameSite=Lax; Max-Age=31536000
bcid=d02n71086g1c73dh5fcg; SameSite=Lax; Max-Age=31536000
cf-ray: 9338099c7a1c569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050

81.30.157.12

200 OK

46 kB

URL User Request GET
jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
IP
81.30.157.12:443
ASN
#24961 WIIT AG

Certificate
IssuerLet's Encrypt
Subjectbustydatng.com
Fingerprint56:04:36:CB:7F:D5:90:F7:57:27:0E:AF:64:C9:26:26:9A:3D:11:18
ValidityFri, 07 Mar 2025 14:43:29 GMT - Thu, 05 Jun 2025 14:43:28 GMT

File type
HTML document, ASCII text, with very long lines (30569), with CRLF, LF line terminators
Size
46 kB (45597 bytes)
Hash
9a45ebda4d253cbe2ed88c36c924570f
498300f41f6fca07bc700a3657824d7f94de4584
de2302dac8c3a089b1cc812dc0ef1846a695ad19bcc0d9c5228536dbe3bbd53d

HTTP Headers

GET /s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050 HTTP/1.1
Host: jfgcac.bustydatng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sun, 20 Apr 2025 22:21:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: s=H9RPhntkd7ZrsvkJfudJ1B97QAPWeDbV8gogdrjXBGmUOj%2FlosNdOOF1Y2C72aotKcEEnn7kM0Nt0lf1TuCW%2BCB%2BLvYRH%2BMr%2FTdQAmRnYY%2BnG9DMz7araMo%2BXdIkl%2Bzi4LQDmHNN06fmQgTkTctWOQ4fwVob%2BNxjaJHe8Vo7scbHqfS69cgwNui5q9aujJffGtBEtRAMnQckmvDVddbSZ7nyJDwvh1QnNEZ1ejQnUgjDEwyLq2A3dVRAHOkr%2BbAYV3HG2Y6b3dbgE%2FMpMRTR1qf8n3MDe2NC%2FGbWRkF3hx5bLSsYr9VvElFjYVgqW5JveQwM3ge7OCpbrBpZGYqMDsMUHUvjPXGcAAUv7GFUUJ85wsudIRnzqANqo8%2F0a3eDocbFLwn6yn%2FWmw%2BnK5ZDzxfjp07vWlmwq4RaqKuLxvgnCVrtKq49z6ylHE3T0meshQ8%2Buk1PUsY5iGYuLoQDFweEWbbW1uWcWjfd6jyvaGDNTinz9KJEPJYJU%2B57Lnklh8gN366l1UEjgZq2TMgASdEV6DYQ9aGWrvW16%2BqKX77Y3SluYoXnq%2BoxHCGdxXExcXEoYzqt%2FnOz1JR8hazdaQXPv2MlspahmqQB8ij4z%2FNfMidm8FMIfBW%2FvWzd2DL3TM2%2F8zZydNRMU%2FdldchbBCZz4uw81Q%2FaSyglfU9blltZr5N8mmMPVFW9pS0%2BCG9Ov1DB60%2F5hHXyhnVkUfjAJo7mpU%2BZKayaa68cLCT6yvFIA4r%2FBSsM7LSfr7OaJACTq0poSWoAAgthLnZuO2O8soAFJ0tBsSGmN9603wAKGOeo8Jfr7hqThQUSO3byOCM%2FuPxSaHZEU4oKf5iqJTmC%2BKKoSeM65ZTs0YEThI%2BOH9XKOUqM%2FgW7XegAa6ie8CgxX83kqYJZ6iZi7Nth%2B%2BERkweGTYrPbclXLtWhVlv5yKxA5QzT44Arf8XEIWNUYsG%2BlnTO5QFXhQ2c2E9ZVR3fDRSg%2FnMGDeRwfCZYLdFEKdXLz2L%2Frlh2%2BfEjt%2F5y0j6E6A0NUmZOCGLkeC5Iz7pfgv4Z3p3sZDRfFnOvoXXffJSuifdiLZPg2wuVBxy0YwAVJj%2BS7gSSN5lq6E0L6akOJUQ74PEG9KZhEpL6Ssqmydah4OuHgXeOOgMSdECvUURyo936851sI4aXUTGAYokq6BAHvZxvI8VaHWLB9d6q2QxCJLV0%2FEuIgzPiE2v%2F9%2BUsZJBUYeHNmEowRU36bVu6B%2FLLGbsu46c2nvviShgeOpJspcPSWW1kj%2BcoA3HX%2B8Xxlmtpu7tQxc%2BYrLh4RjUbMxowYPSF5QHXQ4TiSxXrlESlX1I%2Fo%2FGMUEpPkuhRpiYUIPgYbeauy4b8CNm9qcqzCwD2eImMatYPc%2BjeODl1eGYRtRdmH6Cmd6ubKk4i3iVpBn16V4SOYClvpDQTDLwUiJ71PweqbQylMUzpQoCU55rCbvX0OoqSm9enbfapcjecGOUSmqm%2FPreKXnIPUxKsxqIKxH%2BpOaGWsEdnL0DcO2%2FyTKfkwi6je3Pj0zHUrD6E0P13mzP6JQLaotVTUehwvjc61cZzTycQIM1bgWQjVoZeEC2%2F6xQdE%2F%2F76yJUywDoIKY4E3wo6aHa0VGoCZG0vkcKTb94ifH%2Bn5xJQWIE6CAB6hP1rMtoLc88wQpLuuZ2%2FFxl1W5ItDInRnupfcvx23HIE2PGbaEWPJAc4mgBemngpywv2jvi7dVqBQ4vhENDjrQm0zIrhwnMRdxpLnyzguEyz9bE8NucehDyCeSoUyl4srIQR1cDNz3elJbf5yGEaYJ52OxHl6yv1YKfIrZlf4CQYx10gv37GWW%2FszLXrvqxEGG0I3aWWOTW9gi%2BtFc9%2BLHsngbhWC%2B5NYAzAAIer7rHan6UUyJVXs6kbVSA21pzM53E9EG1P8Qpnf2OshMo7UU6wDgtNPbd%2FgdTQ8%2FpT%2FQNCcEWKu4Imt7mrtE9N9%2FIItWM7%2BWIa2BlqsInRuh5Xe%2Fuj9gR6KWl%2Brql2Jepvd3qYUB67s88Zf79WzxeU0%2BAtI54AqS8KBwEIEDPc3XyJHR2DWWTpQo9cD7IReNRnKUsm0x1k4NcxMoBKxOdKjy5M637kUfIwpg8nnOj7lp%2FA585Hx5%2B%2FXt1mg%3D%3D; expires=Mon, 21 Apr 2025 22:21:57 GMT; Max-Age=86400; path=/; domain=bustydatng.com
cache-control: must-revalidate, no-cache, no-store, private
pragma: no-cache
expires: 0
content-encoding: gzip
X-Firefox-Spdy: h2

GET jfgcac.bustydatng.com/bundle/1049/assets/js/functions.js

81.30.157.12

200 OK

2.4 kB

URL GET
jfgcac.bustydatng.com/bundle/1049/assets/js/functions.js
IP
81.30.157.12:443
ASN
#24961 WIIT AG

Requested by
https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
Certificate
IssuerLet's Encrypt
Subjectbustydatng.com
Fingerprint56:04:36:CB:7F:D5:90:F7:57:27:0E:AF:64:C9:26:26:9A:3D:11:18
ValidityFri, 07 Mar 2025 14:43:29 GMT - Thu, 05 Jun 2025 14:43:28 GMT

File type
JavaScript source, ASCII text, with very long lines (2381), with no line terminators
Size
2.4 kB (2381 bytes)
Hash
b91a376582aab12eaeaaff2111dd0471
f8d32e5318ae6d067401ff9916ea44ffd657ebd6
67ec49b24952e42cfde4be9621c6356cd01a21501632ae1c6e4e97c5f1766f88

HTTP Headers

GET /bundle/1049/assets/js/functions.js HTTP/1.1
Host: jfgcac.bustydatng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
Cookie: s=H9RPhntkd7ZrsvkJfudJ1B97QAPWeDbV8gogdrjXBGmUOj%2FlosNdOOF1Y2C72aotKcEEnn7kM0Nt0lf1TuCW%2BCB%2BLvYRH%2BMr%2FTdQAmRnYY%2BnG9DMz7araMo%2BXdIkl%2Bzi4LQDmHNN06fmQgTkTctWOQ4fwVob%2BNxjaJHe8Vo7scbHqfS69cgwNui5q9aujJffGtBEtRAMnQckmvDVddbSZ7nyJDwvh1QnNEZ1ejQnUgjDEwyLq2A3dVRAHOkr%2BbAYV3HG2Y6b3dbgE%2FMpMRTR1qf8n3MDe2NC%2FGbWRkF3hx5bLSsYr9VvElFjYVgqW5JveQwM3ge7OCpbrBpZGYqMDsMUHUvjPXGcAAUv7GFUUJ85wsudIRnzqANqo8%2F0a3eDocbFLwn6yn%2FWmw%2BnK5ZDzxfjp07vWlmwq4RaqKuLxvgnCVrtKq49z6ylHE3T0meshQ8%2Buk1PUsY5iGYuLoQDFweEWbbW1uWcWjfd6jyvaGDNTinz9KJEPJYJU%2B57Lnklh8gN366l1UEjgZq2TMgASdEV6DYQ9aGWrvW16%2BqKX77Y3SluYoXnq%2BoxHCGdxXExcXEoYzqt%2FnOz1JR8hazdaQXPv2MlspahmqQB8ij4z%2FNfMidm8FMIfBW%2FvWzd2DL3TM2%2F8zZydNRMU%2FdldchbBCZz4uw81Q%2FaSyglfU9blltZr5N8mmMPVFW9pS0%2BCG9Ov1DB60%2F5hHXyhnVkUfjAJo7mpU%2BZKayaa68cLCT6yvFIA4r%2FBSsM7LSfr7OaJACTq0poSWoAAgthLnZuO2O8soAFJ0tBsSGmN9603wAKGOeo8Jfr7hqThQUSO3byOCM%2FuPxSaHZEU4oKf5iqJTmC%2BKKoSeM65ZTs0YEThI%2BOH9XKOUqM%2FgW7XegAa6ie8CgxX83kqYJZ6iZi7Nth%2B%2BERkweGTYrPbclXLtWhVlv5yKxA5QzT44Arf8XEIWNUYsG%2BlnTO5QFXhQ2c2E9ZVR3fDRSg%2FnMGDeRwfCZYLdFEKdXLz2L%2Frlh2%2BfEjt%2F5y0j6E6A0NUmZOCGLkeC5Iz7pfgv4Z3p3sZDRfFnOvoXXffJSuifdiLZPg2wuVBxy0YwAVJj%2BS7gSSN5lq6E0L6akOJUQ74PEG9KZhEpL6Ssqmydah4OuHgXeOOgMSdECvUURyo936851sI4aXUTGAYokq6BAHvZxvI8VaHWLB9d6q2QxCJLV0%2FEuIgzPiE2v%2F9%2BUsZJBUYeHNmEowRU36bVu6B%2FLLGbsu46c2nvviShgeOpJspcPSWW1kj%2BcoA3HX%2B8Xxlmtpu7tQxc%2BYrLh4RjUbMxowYPSF5QHXQ4TiSxXrlESlX1I%2Fo%2FGMUEpPkuhRpiYUIPgYbeauy4b8CNm9qcqzCwD2eImMatYPc%2BjeODl1eGYRtRdmH6Cmd6ubKk4i3iVpBn16V4SOYClvpDQTDLwUiJ71PweqbQylMUzpQoCU55rCbvX0OoqSm9enbfapcjecGOUSmqm%2FPreKXnIPUxKsxqIKxH%2BpOaGWsEdnL0DcO2%2FyTKfkwi6je3Pj0zHUrD6E0P13mzP6JQLaotVTUehwvjc61cZzTycQIM1bgWQjVoZeEC2%2F6xQdE%2F%2F76yJUywDoIKY4E3wo6aHa0VGoCZG0vkcKTb94ifH%2Bn5xJQWIE6CAB6hP1rMtoLc88wQpLuuZ2%2FFxl1W5ItDInRnupfcvx23HIE2PGbaEWPJAc4mgBemngpywv2jvi7dVqBQ4vhENDjrQm0zIrhwnMRdxpLnyzguEyz9bE8NucehDyCeSoUyl4srIQR1cDNz3elJbf5yGEaYJ52OxHl6yv1YKfIrZlf4CQYx10gv37GWW%2FszLXrvqxEGG0I3aWWOTW9gi%2BtFc9%2BLHsngbhWC%2B5NYAzAAIer7rHan6UUyJVXs6kbVSA21pzM53E9EG1P8Qpnf2OshMo7UU6wDgtNPbd%2FgdTQ8%2FpT%2FQNCcEWKu4Imt7mrtE9N9%2FIItWM7%2BWIa2BlqsInRuh5Xe%2Fuj9gR6KWl%2Brql2Jepvd3qYUB67s88Zf79WzxeU0%2BAtI54AqS8KBwEIEDPc3XyJHR2DWWTpQo9cD7IReNRnKUsm0x1k4NcxMoBKxOdKjy5M637kUfIwpg8nnOj7lp%2FA585Hx5%2B%2FXt1mg%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sun, 20 Apr 2025 22:21:58 GMT
cache-control: max-age=86400, public
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-3.3.1.min.js

151.101.194.137

200 OK

87 kB

URL GET
code.jquery.com/jquery-3.3.1.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jfgcac.bustydatng.com
DNT: 1
Connection: keep-alive
Referer: https://jfgcac.bustydatng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1538f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Apr 2025 22:21:58 GMT
age: 4084200
x-served-by: cache-lga13622-LGA, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 65, 247809
x-timer: S1745187718.086441,VS0,VE0
vary: Accept-Encoding
content-length: 30288
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

142.250.74.3

200 OK

19 kB

URL GET
fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18792, version 1.0
Size
19 kB (18792 bytes)
Hash
74795056a2358804684c7e9d0479f484
7030f4f33183b8de843e82eedb9cb6a6cdd107c3
1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac

HTTP Headers

GET /s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jfgcac.bustydatng.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18792
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 09:23:29 GMT
expires: Fri, 17 Apr 2026 09:23:29 GMT
cache-control: public, max-age=31536000
age: 305910
last-modified: Wed, 06 Nov 2024 17:30:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET jfgcac.bustydatng.com/bundle/1049/assets/images/favicon.png

81.30.157.12

200 OK

2.9 kB

URL GET
jfgcac.bustydatng.com/bundle/1049/assets/images/favicon.png
IP
81.30.157.12:443
ASN
#24961 WIIT AG

Requested by
https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
Certificate
IssuerLet's Encrypt
Subjectbustydatng.com
Fingerprint56:04:36:CB:7F:D5:90:F7:57:27:0E:AF:64:C9:26:26:9A:3D:11:18
ValidityFri, 07 Mar 2025 14:43:29 GMT - Thu, 05 Jun 2025 14:43:28 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
2.9 kB (2947 bytes)
Hash
0323b188dc065c025cf0cb855b797e66
770b1b71b59983c97c0088afe5f65c660b08895a
0a72f6edc9034364a75d3e8a7169ba329bb9f84ad9fc38b8f3f1fe1ec87e4d33

HTTP Headers

GET /bundle/1049/assets/images/favicon.png HTTP/1.1
Host: jfgcac.bustydatng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jfgcac.bustydatng.com/s/1b2734a146fcc?ext_click_id=d02n71086g1c73dh5fcg&subsource=5050
Cookie: s=H9RPhntkd7ZrsvkJfudJ1B97QAPWeDbV8gogdrjXBGmUOj%2FlosNdOOF1Y2C72aotKcEEnn7kM0Nt0lf1TuCW%2BCB%2BLvYRH%2BMr%2FTdQAmRnYY%2BnG9DMz7araMo%2BXdIkl%2Bzi4LQDmHNN06fmQgTkTctWOQ4fwVob%2BNxjaJHe8Vo7scbHqfS69cgwNui5q9aujJffGtBEtRAMnQckmvDVddbSZ7nyJDwvh1QnNEZ1ejQnUgjDEwyLq2A3dVRAHOkr%2BbAYV3HG2Y6b3dbgE%2FMpMRTR1qf8n3MDe2NC%2FGbWRkF3hx5bLSsYr9VvElFjYVgqW5JveQwM3ge7OCpbrBpZGYqMDsMUHUvjPXGcAAUv7GFUUJ85wsudIRnzqANqo8%2F0a3eDocbFLwn6yn%2FWmw%2BnK5ZDzxfjp07vWlmwq4RaqKuLxvgnCVrtKq49z6ylHE3T0meshQ8%2Buk1PUsY5iGYuLoQDFweEWbbW1uWcWjfd6jyvaGDNTinz9KJEPJYJU%2B57Lnklh8gN366l1UEjgZq2TMgASdEV6DYQ9aGWrvW16%2BqKX77Y3SluYoXnq%2BoxHCGdxXExcXEoYzqt%2FnOz1JR8hazdaQXPv2MlspahmqQB8ij4z%2FNfMidm8FMIfBW%2FvWzd2DL3TM2%2F8zZydNRMU%2FdldchbBCZz4uw81Q%2FaSyglfU9blltZr5N8mmMPVFW9pS0%2BCG9Ov1DB60%2F5hHXyhnVkUfjAJo7mpU%2BZKayaa68cLCT6yvFIA4r%2FBSsM7LSfr7OaJACTq0poSWoAAgthLnZuO2O8soAFJ0tBsSGmN9603wAKGOeo8Jfr7hqThQUSO3byOCM%2FuPxSaHZEU4oKf5iqJTmC%2BKKoSeM65ZTs0YEThI%2BOH9XKOUqM%2FgW7XegAa6ie8CgxX83kqYJZ6iZi7Nth%2B%2BERkweGTYrPbclXLtWhVlv5yKxA5QzT44Arf8XEIWNUYsG%2BlnTO5QFXhQ2c2E9ZVR3fDRSg%2FnMGDeRwfCZYLdFEKdXLz2L%2Frlh2%2BfEjt%2F5y0j6E6A0NUmZOCGLkeC5Iz7pfgv4Z3p3sZDRfFnOvoXXffJSuifdiLZPg2wuVBxy0YwAVJj%2BS7gSSN5lq6E0L6akOJUQ74PEG9KZhEpL6Ssqmydah4OuHgXeOOgMSdECvUURyo936851sI4aXUTGAYokq6BAHvZxvI8VaHWLB9d6q2QxCJLV0%2FEuIgzPiE2v%2F9%2BUsZJBUYeHNmEowRU36bVu6B%2FLLGbsu46c2nvviShgeOpJspcPSWW1kj%2BcoA3HX%2B8Xxlmtpu7tQxc%2BYrLh4RjUbMxowYPSF5QHXQ4TiSxXrlESlX1I%2Fo%2FGMUEpPkuhRpiYUIPgYbeauy4b8CNm9qcqzCwD2eImMatYPc%2BjeODl1eGYRtRdmH6Cmd6ubKk4i3iVpBn16V4SOYClvpDQTDLwUiJ71PweqbQylMUzpQoCU55rCbvX0OoqSm9enbfapcjecGOUSmqm%2FPreKXnIPUxKsxqIKxH%2BpOaGWsEdnL0DcO2%2FyTKfkwi6je3Pj0zHUrD6E0P13mzP6JQLaotVTUehwvjc61cZzTycQIM1bgWQjVoZeEC2%2F6xQdE%2F%2F76yJUywDoIKY4E3wo6aHa0VGoCZG0vkcKTb94ifH%2Bn5xJQWIE6CAB6hP1rMtoLc88wQpLuuZ2%2FFxl1W5ItDInRnupfcvx23HIE2PGbaEWPJAc4mgBemngpywv2jvi7dVqBQ4vhENDjrQm0zIrhwnMRdxpLnyzguEyz9bE8NucehDyCeSoUyl4srIQR1cDNz3elJbf5yGEaYJ52OxHl6yv1YKfIrZlf4CQYx10gv37GWW%2FszLXrvqxEGG0I3aWWOTW9gi%2BtFc9%2BLHsngbhWC%2B5NYAzAAIer7rHan6UUyJVXs6kbVSA21pzM53E9EG1P8Qpnf2OshMo7UU6wDgtNPbd%2FgdTQ8%2FpT%2FQNCcEWKu4Imt7mrtE9N9%2FIItWM7%2BWIa2BlqsInRuh5Xe%2Fuj9gR6KWl%2Brql2Jepvd3qYUB67s88Zf79WzxeU0%2BAtI54AqS8KBwEIEDPc3XyJHR2DWWTpQo9cD7IReNRnKUsm0x1k4NcxMoBKxOdKjy5M637kUfIwpg8nnOj7lp%2FA585Hx5%2B%2FXt1mg%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sun, 20 Apr 2025 22:21:59 GMT
cache-control: max-age=86400, public
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (13)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size