friendr.info Open in urlscan Pro
2606:4700:3035::ac43:dab7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://photo.jtre3t.pw/Y1qpNv6
Effective URL:
https://friendr.info/geo/jollygirls/main/
Submission: On January 27 via manual (January 27th 2023, 9:11:03 am UTC) from IT — Scanned from IT

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 8 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3035::ac43:dab7, located in United States and belongs to CLOUDFLARENET, US. The main domain is friendr.info.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 10th 2022. Valid for: a year.

This is the only time friendr.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.135.33.74 194.135.33.74	213373 (IPCONNECT) (IPCONNECT)
1 1	64.227.23.114 64.227.23.114	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	99.198.108.194 99.198.108.194	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 3	51.68.82.147 51.68.82.147	16276 (OVH) (OVH)
1 1	34.147.1.177 34.147.1.177	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	162.209.115.23 162.209.115.23	27357 (RACKSPACE) (RACKSPACE)
1 1	34.147.12.223 34.147.12.223	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	2606:4700:303... 2606:4700:3035::ac43:dab7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	3

1 194.135.33.74 (Czech Republic) 1 redirects

ASN213373 (IPCONNECT, SC)
PTR: retail-desired.fareastmix.com

photo.jtre3t.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.23.114 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

polo.thegadgetguru.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.198.108.194 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

monkey.redirectmaster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.68.82.147 (France) 2 redirects

ASN16276 (OVH, FR)

www.turbotrck.art	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.147.1.177 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 177.1.147.34.bc.googleusercontent.com

admoustache.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.209.115.23 (Toms River, United States) 1 redirects

ASN27357 (RACKSPACE, US)

track.clickeoads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.147.12.223 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.12.147.34.bc.googleusercontent.com

s3.afflist.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3035::ac43:dab7 (United States)

ASN13335 (CLOUDFLARENET, US)

friendr.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	friendr.info friendr.info	271 KB
3	turbotrck.art 2 redirects www.turbotrck.art	8 KB
3	redirectmaster.com monkey.redirectmaster.com	7 KB
1	afflist.net 1 redirects s3.afflist.net — Cisco Umbrella Rank: 468857	368 B
1	clickeoads.com 1 redirects track.clickeoads.com	252 B
1	go2affise.com 1 redirects admoustache.go2affise.com	235 B
1	thegadgetguru.club 1 redirects polo.thegadgetguru.club — Cisco Umbrella Rank: 606155	295 B
1	jtre3t.pw 1 redirects photo.jtre3t.pw	318 B
18	8

	Domain	Requested by
14	friendr.info	www.turbotrck.art friendr.info
3	www.turbotrck.art	2 redirects monkey.redirectmaster.com
3	monkey.redirectmaster.com	monkey.redirectmaster.com
1	s3.afflist.net	1 redirects
1	track.clickeoads.com	1 redirects
1	admoustache.go2affise.com	1 redirects
1	polo.thegadgetguru.club	1 redirects
1	photo.jtre3t.pw	1 redirects
18	8

This site contains no links.

Subject Issuer	Validity	Valid
monkey.redirectmaster.com R3	`2023-01-11` - `2023-04-11`	3 months	crt.sh
www.turbotrck.art R3	`2022-12-30` - `2023-03-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://friendr.info/geo/jollygirls/main/
Frame ID: EAB09B7DD53FA071FA9EAD521D09F0AC
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🎄 Jolly Girls

Page URL History Show full URLs

http://photo.jtre3t.pw/Y1qpNv6 HTTP 302
https://polo.thegadgetguru.club/?k=4123f996a295663f7e7f12aa20e07876&type=mainstream&subtype=global HTTP 302
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
https://monkey.redirectmaster.com/?utm_term=7193256994529083501&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
https://monkey.redirectmaster.com/proc.php?36517b465ec4b6547027336aaee7c9b5dec8c3b1 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7193256994529083501&website... Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7193256994529083501&website... HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7193256994529083501&website... HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000de7e4c9898b3b806918de8d0853... HTTP 302
https://track.clickeoads.com/310216954?sub1=63d395214ea1cd0001915200&sub2=503 HTTP 307
https://s3.afflist.net/click?pid=1316&offer_id=1208&ref_id=bf4d72888445c16576ff6313 HTTP 302
https://friendr.info/geo/jollygirls/main/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

3
IPs

4
Countries

285 kB
Transfer

400 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://photo.jtre3t.pw/Y1qpNv6 HTTP 302
https://polo.thegadgetguru.club/?k=4123f996a295663f7e7f12aa20e07876&type=mainstream&subtype=global HTTP 302
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
https://monkey.redirectmaster.com/?utm_term=7193256994529083501&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673 Page URL
https://monkey.redirectmaster.com/proc.php?36517b465ec4b6547027336aaee7c9b5dec8c3b1 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7193256994529083501&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7193256994529083501&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673&eyeg=d55e9e8cdef2d92b76773c300ddfd96a&eyer=0.3448291311049896&eyei=0&eyew=1600&eyeh=1200&eyetd=222211114232&eyef=https%3A%2F%2Fmonkey.redirectmaster.com%2F HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7193256994529083501&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673&eyeg=3&eyer=0.3448291311049896&eyei=0&eyew=1600&eyeh=1200&eyetd=222211114232&eyef=https%3A%2F%2Fmonkey.redirectmaster.com%2F HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000de7e4c9898b3b806918de8d0853bd95a0127-202301-flb*5564921-b2be6*M7193256994529083501*sl_5564921-b2be6*094e75b2e47baa08571e27bdb7535acc95cecebc*4400-bd34abaz*4400 HTTP 302
https://track.clickeoads.com/310216954?sub1=63d395214ea1cd0001915200&sub2=503 HTTP 307
https://s3.afflist.net/click?pid=1316&offer_id=1208&ref_id=bf4d72888445c16576ff6313 HTTP 302
https://friendr.info/geo/jollygirls/main/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://photo.jtre3t.pw/Y1qpNv6 HTTP 302
https://polo.thegadgetguru.club/?k=4123f996a295663f7e7f12aa20e07876&type=mainstream&subtype=global HTTP 302
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
monkey.redirectmaster.com/
Redirect Chain

http://photo.jtre3t.pw/Y1qpNv6
https://polo.thegadgetguru.club/?k=4123f996a295663f7e7f12aa20e07876&type=mainstream&subtype=global
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

3 KB
2 KB

401ms
127ms

Document
text/html

99.198.108.194
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.2.0

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 27 Jan 2023 09:10:56 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://monkey.redirectmaster.com/?utm_term=7193256994529083501&ver=4viyaptcjo
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 27 Jan 2023 09:10:56 GMT
Location: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server: nginx/1.16.1 (Ubuntu)

GET
H2 200 / Show response
monkey.redirectmaster.com/ 8 KB
3 KB 207ms
205ms Document
text/html 99.198.108.194
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://monkey.redirectmaster.com/?utm_term=7193256994529083501&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673

Requested by

Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.2.0

Resource Hash

e6d7bfb2bf37c3b7fad9494bd159ba9ddaee1ab4a76ab4d12d22260fe895dc63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 27 Jan 2023 09:10:56 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H2 200 proc.php
monkey.redirectmaster.com/ 3 KB
2 KB 129ms
128ms Document
text/html 99.198.108.194
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://monkey.redirectmaster.com/proc.php?36517b465ec4b6547027336aaee7c9b5dec8c3b1

Requested by

Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_term=7193256994529083501&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.2.0

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://monkey.redirectmaster.com/?utm_term=7193256994529083501&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 27 Jan 2023 09:10:57 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7193256994529083501&website=4400-bd34abaz&placement=4400
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H/1.1 200
OK /
www.turbotrck.art/ 7 KB
7 KB 159ms
27ms Document
text/html 51.68.82.147
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7193256994529083501&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Requested by: Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/proc.php?36517b465ec4b6547027336aaee7c9b5dec8c3b1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.82.147 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://monkey.redirectmaster.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Accept-CH: Sec-CH-UA-Platform-Version
Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Fri, 27 Jan 2023 09:10:57 GMT
Transfer-Encoding: chunked

GET
H2

200

Primary Request / Show response
friendr.info/geo/jollygirls/main/
Redirect Chain

https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7193256994529083501&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858...
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7193256994529083501&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858...
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000de7e4c9898b3b806918de8d0853bd95a0127-202301-flb*5564921-b2be6*M7193256994529083501*sl_5564921-b2be6*094e75b2e47baa...
https://track.clickeoads.com/310216954?sub1=63d395214ea1cd0001915200&sub2=503
https://s3.afflist.net/click?pid=1316&offer_id=1208&ref_id=bf4d72888445c16576ff6313
https://friendr.info/geo/jollygirls/main/

5 KB
1 KB

377ms
27ms

Document
text/html

2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friendr.info/geo/jollygirls/main/
Requested by: Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7193256994529083501&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2339e7a1ce6860418e351494dc91782241d11acfd18e7376130b5c88fbc814dc

Request headers

Referer: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7193256994529083501&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 43
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 79005bbb3c5383ac-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 27 Jan 2023 09:10:59 GMT
last-modified: Fri, 27 Jan 2023 09:10:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBM5K8bCcABO%2BINbo3Vb3mdLK7yaDCMyncS9rFp%2FkqnnFc7aKUnX0b%2Fn0IIfGdgqMUpaQxl5JXnMtD0QTjh9tVEz4Zllmg1lDBKQbXJBDAtf9Raz%2FR%2FkIKTHe%2B%2FQvnDTD78dbZT%2BLuwg74k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Fri, 27 Jan 2023 09:10:58 GMT
location: https://friendr.info/geo/jollygirls/main/#b=1208&v=63d3952203bb5200012d457c&a=1316&sub1=&sub2=&platform=affise&affcountry=IT&push=true&noRedir=true
server: nginx
x-adjust-use-original-forwarded-for: 1

GET
H2 200 style.css
friendr.info/static/friendr_info/jollygirls/assets/ 2 KB
964 B 27ms
26ms Stylesheet
text/css 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friendr.info/static/friendr_info/jollygirls/assets/style.css
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2801274469484fa047c5ba0c066e80e9db65d0a922cd80be433c9d31c57871e6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:10:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 09:01:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 313
etag: W/"173e1ee740b0a400-7d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSBs0lAQFwgEWIC6I5geQA9%2BCY7y%2FEW5XLBq0pi%2BZIksrqo4LgghPVgoA3bzwPuCIr%2FK%2F9x9HFMmS0A1Pe0sAUrE9gk6OtaBZLCaRyZjP6EKZvgv0yE6w6lzBjIemA1R1xRE1yPm70MTPDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79005bbb6cda83ac-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-1.12.1.min.js Show response
friendr.info/static/js/ 95 KB
34 KB 47ms
46ms Script
text/javascript 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friendr.info/static/js/jquery-1.12.1.min.js
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed95f702685545e4a5ec11684bab1be8040dd33959493c28ce110e47d188ad46

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:10:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 13:35:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 518
etag: W/"173ddf4ad83ad200-17c7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbodTMTINixTdOdlV%2F8dqGS%2FL0wXelnwJ0JGlVXyRZB0hnmMkP3cJ8bhKeuFfGlBcGNVQL1lPHwfZVPPBrJcPUw5N5iaJpreXtID87Q8KWDl2vRHql%2FGs2ikZDdzFWD%2Bl3P38y%2F5KSnv6Lw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 79005bbb6cde83ac-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pandoraWeb.0.1.js Show response
friendr.info/static/js/ 40 KB
12 KB 35ms
35ms Script
text/javascript 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friendr.info/static/js/pandoraWeb.0.1.js
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baa7dbe55a3d3fb18ccce00e05f817d7cbe591a76fb36cd333b59132511a25ee

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:10:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 13:35:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 518
etag: W/"173ddf4ad83ad200-9ea4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6dcnUmSIwYubaCiSO%2FVUV%2FdpKnNhFG583vc4SFTZeGEZqZyp%2F4TiYVYyI13oSldJoKuJ%2FuzoX1fij%2FiVDIo1gM62Mtxn1ni3ghKKJZFZrv5ien3S5GBp0FmhR4DOw1TOmvLmohteTmHIuw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 79005bbb6cdf83ac-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Logo.png
friendr.info/static/friendr_info/jollygirls/assets/ 2 KB
3 KB 28ms
27ms Image
image/png 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/assets/Logo.png
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d1480fe20487bc5ef21c1b033967ccc47676e767310cd31e7d15a6e975e464e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:10:59 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 09:01:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 313
etag: "173e1ee740b0a400-8f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tdoMPnPfbYk52RDgNRizB9i9rgY%2BqTEhIDTHOwNGaaeZKwW9NDv%2BIcX0aO5hB%2FdESabx1u%2B5irkvb0AK%2BLMwkxWsCv%2FljABvELraZnimi0Xe6h3VUodti7Q%2BgyYLxKQRBneHhtsgbnN%2B7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79005bbbaf8a5a25-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2294

GET
H3 200 1.png
friendr.info/static/friendr_info/jollygirls/main/ 48 KB
48 KB 319ms
318ms Image
image/png 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/main/1.png
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0be54d784712cefda9cf905286bc262360dfca1421d2f44ae2a4a9c18e015d81

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:10:59 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 27 Jan 2023 09:01:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "173e1ee740b0a400-bf3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHc0jynQApUuhgh0tkAU6CqQQ9L3v%2F7ltKWKTtRzTdCC5CEh2h%2BKDo9hyVlRmjOQ7WDbiotqYFKClzxONcD8We26xnJ0Ch2amTfEfN0LBu56WS2qVNXo4SyjxX1bKeN8FujPtU9DTuiMCAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79005bbbbfbc5a25-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48955

GET
H3 200 checkmark.svg
friendr.info/static/friendr_info/jollygirls/assets/ 726 B
912 B 26ms
25ms Image
image/svg+xml 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/assets/checkmark.svg
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c247993ed6ecaec285ef6ced155f6fb01a850d79107a051c0b146e297a615c9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:10:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 09:01:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 313
etag: W/"173e1ee740b0a400-2d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdRdYiHjoUphGZjg5vj6S0meFLsH0h54s6HfBxws2WLyjPsvVPjaT08b2mKdJbFP3Xf7c1EHIHcmxkGr8xtebLxORqLMhBBRIR7eg7TMws2ZvdZNVuxQZL%2BF69fmy4JHsVw1dWpOh7rMwZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 79005bbbdfd75a25-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 call.svg
friendr.info/static/friendr_info/jollygirls/assets/ 2 KB
2 KB 31ms
29ms Image
image/svg+xml 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/assets/call.svg
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52460ff45bd4b623016d1cec29d8c96b94ac81f1e787b7bdf57c0b9dfd272e88

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:10:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 09:01:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 313
etag: W/"173e1ee740b0a400-8b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n10QWJ4PadSyN%2FEzg3JDcyEEXDZm0mQXecDSYAyLxgoQzWMV%2B6RpEeYKtnp8av3gRN%2BxsJ9pY3higdRyeVVadbG3xDC7uNRT8ywwIs6xlJNhsh1XWcYSfioGCndcK5MhU4cuBZCWiplkQQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 79005bbbdfda5a25-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 2.png
friendr.info/static/friendr_info/jollygirls/main/ 47 KB
48 KB 375ms
373ms Image
image/png 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/main/2.png
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c752632854e9239e6ec97d150fa20de2a0ea2f5f224be8b64d2f61e154bdd7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:10:59 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 27 Jan 2023 09:01:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "173e1ee740b0a400-bdf1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSRQtkhjwWLEephd5g3tpySSqTNGZkMbQ%2FBVV11%2BIt4ZLrn%2FsWTWkdTl9DEqd5dBkRTpwmkpaEspXuMij8fc36HIlziFjkk6DaKheI4KI1Pr6QbNDJIpm03rb1kJll%2Fciq58BKf0hZ8EmRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79005bbbdfdd5a25-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48625

GET
H3 200 3.png
friendr.info/static/friendr_info/jollygirls/main/ 53 KB
53 KB 291ms
289ms Image
image/png 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/main/3.png
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d696bb4eb5b0886f39c5349369a73377b4ed20efd233e03210781e643328a834

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:10:59 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 27 Jan 2023 09:01:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "173e1ee740b0a400-d3cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfkDP1a44Giu73ZJhgFZLDABbgbsv2c7x7kKUcACM4BMGVAz%2BGUtUpBJrHTnBi1LpiotQKze0CqVQcPalBng5a3iaKsVuvsh2wReI4%2FuHBsJ1GbZpLwd6OpdpSUcl0Hpq9bwfFlH%2FfrmoRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79005bbbdfde5a25-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54220

GET
H3 200 4.png
friendr.info/static/friendr_info/jollygirls/main/ 57 KB
57 KB 353ms
352ms Image
image/png 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/main/4.png
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd395cd6cc2e1be29b5ff8492fa8ffed3932e8150aebc346940155ff622c0330

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:10:59 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 27 Jan 2023 09:01:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "173e1ee740b0a400-e335"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4I2LIvomgxhUI6ndBXq4J7quvZso%2B3i3nfMffgbVefzHH2BZRgaN7EN%2BgFkQubSynz0nW%2F7%2Bc%2FODz8ATX2nOhX32hDUmIZhD5zfendV%2FhjlLY2Eb6SVc504AQQykvdp1Ky%2Fz%2F%2F4tGhpyT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79005bbbdfdf5a25-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58165

GET
H3 200 bg-button.svg
friendr.info/static/friendr_info/jollygirls/assets/ 18 KB
7 KB 28ms
27ms Image
image/svg+xml 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/assets/bg-button.svg
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7670253ced562b7f3fc34a41fc844abfefacac3bb93d2ae49dde32d99e6351a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:10:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 09:01:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 313
etag: W/"173e1ee740b0a400-46f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDiCQHpC0UCXnJCJvs2op%2F7COTHycnmPB6nGDSxHo5bvHvyTOforu%2FdJMildpgvduwcLrmqPJxNlGtaNx9dco9hCOHtuvASkSIhX%2Bzd%2F5eyr1Fh7a7Z0jR%2FhcVTL3BIwWLauMXXoN37YUzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 79005bbbdfe05a25-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 style-fama.css
friendr.info/ 7 KB
2 KB 27ms
26ms Stylesheet
text/css 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friendr.info/style-fama.css
Requested by: Host: friendr.info
URL: https://friendr.info/static/js/jquery-1.12.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7fac70d01f49dc79fba2e84a651913c761b0ca7399c86d52b47be57f321077

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:10:59 GMT
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-edge-origin-shield-skipped: 0
x-amz-cf-pop: AMS1-C1
age: 532
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 08 Jun 2021 10:51:09 GMT
server: cloudflare
etag: W/"6eb837c1646703f52e43119b84a44032"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9nINEWw5dwZvvFmOTqjym97ruoeysK4yXGSW9yuN23GSlIxmnhv4jEK89dQEk3P53F0Q35U5TzqGTW6bpXjvjIYUP7xbOcuR6fK%2FnC2bpF5%2BATI9NEXFwaViiKWsC4kmcyx9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79005bbbdfed5a25-MXP
x-amz-cf-id: jsrqqLFz3_dAxNDvr0z5UBlfHG3895-EiDXpuXgf9yIg5Aq7uN5qjw==

POST
H3 201 assignation Show response
friendr.info/api/voice/ 335 B
826 B 105ms
105ms XHR
application/json 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friendr.info/api/voice/assignation
Requested by: Host: friendr.info
URL: https://friendr.info/static/js/jquery-1.12.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dbc6649761e542bb668061203c0fde13f4298c2fd367e5a6d2443c30facf306a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://friendr.info/geo/jollygirls/main/
X-Requested-With: XMLHttpRequest
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 27 Jan 2023 09:10:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"14f-i2jp9TPIOtcgwSHqs3d2RTA9ddA"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpgXYBr4UJnq308MZcT31HnR5Pk%2BP12lVxtKCbiw0Oh1wUKt8MRS91G2jv8PIRAC28SP%2FQh2PSYoPe14aW%2BEsg41jqIJbVbTRv7glFqqzS%2B6X0FUJYIUPGDGxCNYDNYHjlOJP37WYFzbbjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 79005bbbeffa5a25-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 335

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
monkey.redirectmaster.com/	1970-01-20 17:59:06	Name: u Value: 0a4a8f8f9e1be9807cdfab2c70ce0d7a
admoustache.go2affise.com/	1970-01-20 17:59:06	Name: afclick Value: 63d395214ea1cd0001915200
track.clickeoads.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: b2ivthlaoooqcjf43bt6su8elr
s3.afflist.net/	1970-01-20 17:59:06	Name: afclick Value: 63d3952203bb5200012d457c
s3.afflist.net/	1970-01-20 17:59:06	Name: afoffers Value: {"1208":1674810658}
friendr.info/	1970-01-20 09:13:30	Name: allocatedNumber Value: 212660234631

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admoustache.go2affise.com
friendr.info
monkey.redirectmaster.com
photo.jtre3t.pw
polo.thegadgetguru.club
s3.afflist.net
track.clickeoads.com
www.turbotrck.art
162.209.115.23
194.135.33.74
2606:4700:3035::ac43:dab7
34.147.1.177
34.147.12.223
51.68.82.147
64.227.23.114
99.198.108.194
0be54d784712cefda9cf905286bc262360dfca1421d2f44ae2a4a9c18e015d81
2339e7a1ce6860418e351494dc91782241d11acfd18e7376130b5c88fbc814dc
2801274469484fa047c5ba0c066e80e9db65d0a922cd80be433c9d31c57871e6
3b7fac70d01f49dc79fba2e84a651913c761b0ca7399c86d52b47be57f321077
3c247993ed6ecaec285ef6ced155f6fb01a850d79107a051c0b146e297a615c9
52460ff45bd4b623016d1cec29d8c96b94ac81f1e787b7bdf57c0b9dfd272e88
6d1480fe20487bc5ef21c1b033967ccc47676e767310cd31e7d15a6e975e464e
a7670253ced562b7f3fc34a41fc844abfefacac3bb93d2ae49dde32d99e6351a
baa7dbe55a3d3fb18ccce00e05f817d7cbe591a76fb36cd333b59132511a25ee
d696bb4eb5b0886f39c5349369a73377b4ed20efd233e03210781e643328a834
dbc6649761e542bb668061203c0fde13f4298c2fd367e5a6d2443c30facf306a
dd395cd6cc2e1be29b5ff8492fa8ffed3932e8150aebc346940155ff622c0330
e3c752632854e9239e6ec97d150fa20de2a0ea2f5f224be8b64d2f61e154bdd7
e6d7bfb2bf37c3b7fad9494bd159ba9ddaee1ab4a76ab4d12d22260fe895dc63
ed95f702685545e4a5ec11684bab1be8040dd33959493c28ce110e47d188ad46

friendr.info Open in urlscan Pro 2606:4700:3035::ac43:dab7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

13 %IPv6

8 Domains

8 Subdomains

3 IPs

4 Countries

285 kBTransfer

400 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

friendr.info Open in urlscan Pro
2606:4700:3035::ac43:dab7 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

3
IPs

4
Countries

285 kB
Transfer

400 kB
Size

6
Cookies

18 HTTP transactions
0 data transactions