jennifers-summer.cfd Open in urlscan Pro
172.67.217.114 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://katebot.com/
Effective URL:
https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
Submission: On September 02 via api (September 2nd 2024, 4:06:37 am UTC) from AU — Scanned from AU

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 23 HTTP transactions. The main IP is 172.67.217.114, located in United States and belongs to CLOUDFLARENET, US. The main domain is jennifers-summer.cfd.
TLS certificate: Issued by WE1 on August 30th 2024. Valid for: 3 months.

This is the only time jennifers-summer.cfd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	138.124.182.51 138.124.182.51	41745 (FORTIS-AS...) (FORTIS-AS Hosting services)
1 22	172.67.217.114 172.67.217.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	136.243.216.252 136.243.216.252	24940 (HETZNER-AS) (HETZNER-AS)
23	3

1 138.124.182.51 (Balashikha, Russian Federation)

ASN41745 (FORTIS-AS Hosting services, RU)

katebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.67.217.114 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jennifers-summer.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.216.252 (Eitensheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.216.243.136.clients.your-server.de

bigdatajsext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	jennifers-summer.cfd 1 redirects jennifers-summer.cfd	307 KB
1	bigdatajsext.com bigdatajsext.com	559 B
1	katebot.com katebot.com	3 KB
23	3

	Domain	Requested by
22	jennifers-summer.cfd	1 redirects katebot.com jennifers-summer.cfd
1	bigdatajsext.com	jennifers-summer.cfd
1	katebot.com
23	3

This site contains no links.

Subject Issuer	Validity	Valid
katebot.com R11	`2024-09-01` - `2024-11-30`	3 months	crt.sh
jennifers-summer.cfd WE1	`2024-08-30` - `2024-11-28`	3 months	crt.sh
bigdatajsext.com E5	`2024-08-23` - `2024-11-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
Frame ID: 29CB3F89BF9D9AF778BC67BF496BB2C2
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mia69 wants to trade nude pics with you

Page URL History Show full URLs

http://katebot.com/ HTTP 307
https://katebot.com/ Page URL
https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1 Page URL
https://jennifers-summer.cfd/cdn-cgi/phish-bypass?atok=8DIRbOXTXZzXevO2mBI1Fn3JqBYlQ7GoMuluos_iJRE-172524... HTTP 301
https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

310 kB
Transfer

573 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://katebot.com/ HTTP 307
https://katebot.com/ Page URL
https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1 Page URL
https://jennifers-summer.cfd/cdn-cgi/phish-bypass?atok=8DIRbOXTXZzXevO2mBI1Fn3JqBYlQ7GoMuluos_iJRE-1725249981-0.0.1.1-%2F%3Fu%3Dpbvk602%26o%3D3fhpp4u%26m%3D1 HTTP 301
https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://katebot.com/ HTTP 307
https://katebot.com/

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
katebot.com/
Redirect Chain

http://katebot.com/
https://katebot.com/

6 KB
3 KB

1350ms
448ms

Document
text/html

138.124.182.51
FORTIS-AS Hosting...

General

Check archive.org

Show headers Download Go to

Full URL: https://katebot.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.124.182.51 Balashikha, Russian Federation, ASN41745 (FORTIS-AS Hosting services, RU),
Reverse DNS
Software: openresty / PHP/7.2.30
Resource Hash: cf3c873bad05d9a143a34679971504d0c1d61f50534643e2c9fb6fd2d4fe3631

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 02 Sep 2024 04:06:21 GMT
Server: openresty
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.30

Redirect headers

Location: https://katebot.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 / Show response
jennifers-summer.cfd/ 4 KB
2 KB 113ms
16ms Document
text/html 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Requested by

Host: katebot.com
URL: https://katebot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0adad80536f876483bd39305f76b46c652c854fa3a4f0232cd7466e6701e2848

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://katebot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-ray: 8bcaa082fd55aac9-SYD
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 02 Sep 2024 04:06:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gq8cMokpe3ZtDtvxJc8570ZUNdCbLR5OO93a%2B9tdtFo4aa2jS1XrLicKcIHfpDKVdqf1K4v%2BltZvAjn9qMTtmZtRv6mFLSKa1tXDji035Hbe1l2lV2s69IUgajrAz3lxIqzs%2BoW1bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 cf.errors.css
jennifers-summer.cfd/cdn-cgi/styles/ 23 KB
5 KB 22ms
21ms Stylesheet
text/css 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jennifers-summer.cfd/cdn-cgi/styles/cf.errors.css

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 19:10:22 GMT
server: cloudflare
etag: W/"66ce249e-5df3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 8bcaa0832edc2eee-MEL
expires: Mon, 02 Sep 2024 06:06:21 GMT

GET
H3 200 icon-exclamation.png
jennifers-summer.cfd/cdn-cgi/images/ 452 B
634 B 16ms
16ms Image
image/png 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jennifers-summer.cfd/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://jennifers-summer.cfd/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 19:10:22 GMT
server: cloudflare
etag: "66ce249e-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8bcaa0835f122eee-MEL
content-length: 452
expires: Mon, 02 Sep 2024 06:06:21 GMT

GET
H3 204 favicon.ico
jennifers-summer.cfd/ 0
411 B 34ms
33ms Other
text/plain 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifers-summer.cfd/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2886
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FXaKbwOj9IeCujUXmCtg6vUoCzVt9xKwnAUFKNBJDDgEj%2BK9HxVi0ps%2F6L855N2%2Bh7k8uu1IBfHwPcVbuHrRB3I2MW5N3jPiM7zWz48WUGKvqjntfOqnF0KJVoEEH84hsM9F37HbMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8bcaa0837f562eee-MEL
alt-svc: h3=":443"; ma=86400

GET
H3

200

Primary Request / Show response
jennifers-summer.cfd/
Redirect Chain

https://jennifers-summer.cfd/cdn-cgi/phish-bypass?atok=8DIRbOXTXZzXevO2mBI1Fn3JqBYlQ7GoMuluos_iJRE-1725249981-0.0.1.1-%2F%3Fu%3Dpbvk602%26o%3D3fhpp4u%26m%3D1
https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

13 KB
3 KB

1238ms
1238ms

Document
text/html

172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c03acbdf5acb45efba64f992df769065b575bdf94f4039cf738e8ceab1e5219

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8bcaa09c69ca2eee-MEL
content-encoding: br
content-type: text/html
date: Mon, 02 Sep 2024 04:06:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s3BP0g6ybdGasJEEPnfz2zwDiLRHQaNYhVb5Pw9hnGmay%2Bs%2BvKLSnqw5GY3mrc9oS%2B7CC4ymQQoSL0KKvu4iI4WF5ZewZH6r2W7h2OLxNxS%2B1Qa%2BG3m6DWZogyOpx1j1OOGc%2BXbwVg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cache-control: private, no-cache
cf-ray: 8bcaa09c396f2eee-MEL
content-length: 167
content-type: text/html
date: Mon, 02 Sep 2024 04:06:25 GMT
location: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 bootstrap.css
jennifers-summer.cfd/media/dating/radarbookv2/css/ 108 KB
18 KB 2056ms
2056ms Stylesheet
text/css 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jennifers-summer.cfd/media/dating/radarbookv2/css/bootstrap.css

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f1b5263f727c44e44007e2d78afa5cf1744fd9bb5f8689aa82a47d4d01c923f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:29 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F151B93BA7D8FE
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Aug 2024 07:19:22 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:49:46.882431Z
etag: W/"306cad942e6ff6501dc98847c9d7d2a9"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7IVXdOqCwZl7CKEc0CuVK9kfFCzpi83rL3Pfd6l7aLA7gbhGhN3gqXde3HjWiU9R5z45Nl%2BjzQgRlOaP4d46MaqJElLKQBetUdlktahoBxYYxzh%2F7XI2RnZkXTG19%2FgJVfl6ZnbBUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8bcaa0a438ec2eee-MEL
x-amz-meta-mc-attrs: atime:1720014409#556175268/gid:0/gname:root/mode:33188/mtime:1655387386#882431000/uid:0/uname:root
expires: Tue, 02 Sep 2025 04:06:28 GMT

GET
H3 200 style.css
jennifers-summer.cfd/media/dating/radarbookv2/css/ 37 KB
7 KB 1547ms
1546ms Stylesheet
text/css 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jennifers-summer.cfd/media/dating/radarbookv2/css/style.css

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8777f3b2c9044fa1990a6cd758e2819d71a32eef04525be417f35359d470fa4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F151B93804D1DA
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 15:22:30 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:49:47.118432Z
etag: W/"d2d8cf3d56191060f3899d3588ea1e30"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xYhYoD9rHssQkgXab8EH5%2F6qKDYBt6UyeBo80s0Yr%2B8wjhlex%2Fa2fBcxqltzbnXHFtJpOhB2CKBRmQ9RIoQd67iMSnACuuFUmE2%2BTrmQjN71N7I6iKArE3dpDb2o%2FsxOKamFjGQQ4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8bcaa0a438f82eee-MEL
x-amz-meta-mc-attrs: atime:1693134505#464012617/gid:0/gname:root/mode:33188/mtime:1655387387#118432000/uid:0/uname:root
expires: Tue, 02 Sep 2025 04:06:28 GMT

GET
H3 200 js.cookie.js Show response
jennifers-summer.cfd/cookie/ 4 KB
3 KB 29ms
29ms Script
application/javascript 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jennifers-summer.cfd/cookie/js.cookie.js

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F0F48A53618261
age: 102455
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 15:19:53 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-07-21T10:00:37.354375Z
etag: W/"a7e9883924072f15259de6888d5ef515"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9xf0SrC5exUTO6CADSbeSrLP6gEj%2BKl5uRV%2BEyyuU0906%2FOx5BPRiLNID37vuPLYWouuiUSz%2Fv4L8b3dPXiC%2FESqx3pabY5csN3KREyPwUuc1gUp10HCzWjl2nuJ7dsdSxW6H0rJCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 8bcaa0a438fa2eee-MEL
x-amz-meta-mc-attrs: atime:1693134513#248036972/gid:0/gname:root/mode:33188/mtime:1658397637#354375000/uid:0/uname:root
expires: Sun, 31 Aug 2025 23:38:52 GMT

GET
H3 200 utils.js Show response
jennifers-summer.cfd/util/ 7 KB
4 KB 33ms
32ms Script
text/javascript 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jennifers-summer.cfd/util/utils.js

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a487d76bb55539f230c127ef33550d5c455ac0b67ca2b78b87452345bb0dc718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F0F48A52BEDA34
age: 102455
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Jul 2024 09:08:58 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2024-07-01T09:08:58.408Z
etag: W/"85a42b1d6c8769fce99fb44aefb041b0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZWZ%2FUG55QKWTOdMB9zegHPLQNnhXZX%2BLMN6PTvoCPMzq4ID32idbdw8bqvZsj5BX0miwBrAdwYd%2Bd9yKfTm5Rcho7%2BWlyfj1am4V02TnEq%2BXPNv8Kr0SDPnnWpyLGrdS7Jez4%2BP%2F0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 8bcaa0a438ff2eee-MEL
x-amz-meta-mc-attrs: atime:1719824921#861045785/gid:0/gname:root/mode:33188/mtime:1719824938#357078843/uid:0/uname:root
expires: Sun, 31 Aug 2025 23:38:52 GMT

GET
H3 200 map-pin-shadow.svg
jennifers-summer.cfd/media/dating/radarbookv2/images/ 295 B
989 B 1220ms
1219ms Image
image/svg+xml 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jennifers-summer.cfd/media/dating/radarbookv2/images/map-pin-shadow.svg

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1406e8ad5a6f490d35e424539bb837841bf4dff4c885426b282ee750e0ccc45e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F151B942150139
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 15:22:30 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:49:49.206436Z
etag: W/"39084aa4edef89de7e0620722650e213"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qA8vQQKsxDUAIt%2B83rMXbej3Q76sI%2B%2FabysBAlTAxSTKMR6FrchNCG2TYcx5komOmA%2BIeauTUr29Jn4Zg%2FpiiETuhGkx7J0n6KOUMb2m%2BvvRIF9i0yvUvSHlemjI%2FxnbbnVzTVTLlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 8bcaa0a53aa22eee-MEL
x-amz-meta-mc-attrs: atime:1693134505#468012629/gid:0/gname:root/mode:33188/mtime:1655387389#206436000/uid:0/uname:root
expires: Tue, 02 Sep 2025 04:06:28 GMT

GET
H3 200 map-pin.svg
jennifers-summer.cfd/media/dating/radarbookv2/images/ 806 B
1 KB 1212ms
1212ms Image
image/svg+xml 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jennifers-summer.cfd/media/dating/radarbookv2/images/map-pin.svg

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63fc5c89f32e4e5b937f019d2826c21bd82a283127d17246ae22278ea1ff8c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F151B942B2ADC7
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Nov 2023 12:29:54 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:49:49.262437Z
etag: W/"5bad54a7475e18741dab8167587df07b"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dfFyLo%2BiYfidLrpnYlJgif6OtrxuWdBttLIgwRnss8Cbpt0dLuZDJv22hGBZ04L6cWtumvklMT6mOTQaXl%2FtTNigGKWBFSEcF50qzT6j0KwWvnaFEbyDvDfmxe0e%2BpVkEz7jlfs9Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 8bcaa0a53aa32eee-MEL
x-amz-meta-mc-attrs: atime:1695223350#79626909/gid:0/gname:root/mode:33188/mtime:1655387389#262437000/uid:0/uname:root
expires: Tue, 02 Sep 2025 04:06:28 GMT

GET
H3 200 jquery.min.js Show response
jennifers-summer.cfd/media/dating/radarbookv2/js/ 91 KB
34 KB 1970ms
1970ms Script
text/javascript 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jennifers-summer.cfd/media/dating/radarbookv2/js/jquery.min.js

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F151B98C481CD3
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Jul 2024 09:46:34 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2024-07-01T09:46:34.393Z
etag: W/"cfa9051cc0b05eb519f1e16b2a6645d7"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J5nhkKe7n%2FCnWoGIA6iAq58mXCsFur4MEMrSxFttvgufNhZfk%2Fv7MFTITacKuq05GxOknftrQZxeZILOhHyuDp5uFrJrMu61LtWAdvGKVg9aV5nCvcRVn10YH6c52zbAIiwkEEOhvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 8bcaa0acc8d62eee-MEL
x-amz-meta-mc-attrs: atime:1715611636#361342449/gid:0/gname:root/mode:33188/mtime:1719827194#341830630/uid:0/uname:root
expires: Tue, 02 Sep 2025 04:06:29 GMT

GET
H3 200 bootstrap.min.js Show response
jennifers-summer.cfd/media/dating/radarbookv2/js/ 28 KB
9 KB 1599ms
1599ms Script
text/javascript 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jennifers-summer.cfd/media/dating/radarbookv2/js/bootstrap.min.js

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a476f1070d1695aedfd70382d32db590c9759c351645cc69d073784a3507b927

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:30 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F151B98DDD2ADD
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Aug 2024 07:19:23 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2024-07-01T09:46:34.205830329Z
etag: W/"3026a35a8ec4e47f7d6d8f0d783302c7"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LPRKkURkcX1S0fxxlldCxu7cExNe3EGcIpDCzOFH68GUFPKbNGWGDmPAchKsitVEL8EMvrmRsUPUXEunzMrHc6%2BTzv2jnwTChn4Z7MvKXRGXnGZe%2BGeCZI2PzwjtLH9eL38TAQVhFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 8bcaa0acd8e72eee-MEL
x-amz-meta-mc-attrs: atime:1720014409#560175276/gid:0/gname:root/mode:33188/mtime:1719827194#205830329/uid:0/uname:root
expires: Tue, 02 Sep 2025 04:06:29 GMT

GET
H3 200 script.js Show response
jennifers-summer.cfd/media/dating/radarbookv2/js/ 4 KB
2 KB 1234ms
1232ms Script
text/javascript 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jennifers-summer.cfd/media/dating/radarbookv2/js/script.js

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3347da0b887922513d38c859c8ddcb86d57683aa912d2e246b80338a82d8a88c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F151B9B64E2AF3
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Jul 2024 09:46:34 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2024-07-01T09:46:34.252Z
etag: W/"e1841151c18d4c701b0ef4bf033f4af0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GaupM1w74%2Be%2FdPQyRNSxIlD4%2BVj5s5evxNoXpRCF1KcVFNHYZuBiGnhrl4pZHu8jnPlqqyeh7AijMoLN0FGTHQzZmag%2BWKEIyqqFEFrm1ZPQ0n6t6sgZ%2FIZawKrSO10v9pBNbRns7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 8bcaa0b129072eee-MEL
x-amz-meta-mc-attrs: atime:1715611636#361342449/gid:0/gname:root/mode:33188/mtime:1719827194#197830311/uid:0/uname:root
expires: Tue, 02 Sep 2025 04:06:30 GMT

GET
H3 200 trls_casual.js Show response
jennifers-summer.cfd/media/dating/radarbookv2/js/ 42 KB
15 KB 1731ms
1730ms Script
text/javascript 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jennifers-summer.cfd/media/dating/radarbookv2/js/trls_casual.js

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1d04908c6fdc731ce64ad6efaf0257ed609b466c38aa3951cac47a9e62c5001

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:31 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F151B9B8B57E5C
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Aug 2024 07:19:23 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2024-07-01T09:46:34.637831286Z
etag: W/"509367f57629c2eaf67fec4fa6b95509"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pZGbmB5J1iVSo2I1pES7zqWycd0PCrKocVNHy526WWsHSRVPCpAvz%2FkkqA3I4gz5PbPwD4dUiTVLcd2jAcH9aaj%2Fh92epyr2w%2F8rpW6qZSueBK2iGpOAB00HUXgKZUy8isUBd779IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 8bcaa0b1290a2eee-MEL
x-amz-meta-mc-attrs: atime:1720014409#560175276/gid:0/gname:root/mode:33152/mtime:1719827194#637831286/uid:0/uname:root
expires: Tue, 02 Sep 2025 04:06:30 GMT

GET
H3 200 bb.js Show response
jennifers-summer.cfd/media/ 639 B
1 KB 30ms
29ms Script
application/javascript 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jennifers-summer.cfd/media/bb.js

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F0F48A92698001
age: 102456
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 15:21:05 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.852764Z
etag: W/"0d553e4bac91c74bfee2dbabba61e99e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XH7TP68SFhCk2J8ZiuWIJokbrxc1v%2F%2BDooCx6L3rkGX8h%2FXmPTZKbzJ4DfTVdlq4riamnQo9qLSYW58586g5i9bx8PBHv0KZscp1RJr0oxp7y7aydb8n02sCV4b7na6ewHpWE9KG%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 8bcaa0b1290c2eee-MEL
x-amz-meta-mc-attrs: atime:1693134512#756035434/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root
expires: Sun, 31 Aug 2025 23:38:53 GMT

GET
H3 200 exit1.js Show response
jennifers-summer.cfd/media/exit-new/ 3 KB
2 KB 27ms
26ms Script
text/javascript 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jennifers-summer.cfd/media/exit-new/exit1.js

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F0F48A55D9CCBE
age: 102457
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Nov 2023 12:30:04 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z
etag: W/"625e5e2950612f771e246beb33c9ea61"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YtWt5nf0CU1fLaZ6KhQb%2FrPeWb6eVBKnp38t70%2FCKLLYEmoZAt8ByYV4%2F8GWYv6Q6a42V1d%2F3MqFeFKWi6RTKQzzY6STHdWsre%2F5RCOcuALD5VqxDXfL2QEQYpBgIX90cJs32B8Qkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 8bcaa0b1290d2eee-MEL
x-amz-meta-mc-attrs: atime:1695223389#507714946/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root
expires: Sun, 31 Aug 2025 23:38:52 GMT

GET
H3 200 bg_casual_alt2.jpg
jennifers-summer.cfd/media/dating/radarbookv2/images/ 131 KB
132 KB 1943ms
1941ms Image
image/jpeg 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jennifers-summer.cfd/media/dating/radarbookv2/images/bg_casual_alt2.jpg

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d323969d8e368b1e8191b75b3a9313f762550a68f7c208430eaf225548502ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F151B9B5676734
alt-svc: h3=":443"; ma=86400
content-length: 133921
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Sun, 10 Dec 2023 22:34:15 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2023-12-10T22:34:15.154Z
etag: "870fe21add5c4f6dcbc46267be0db8d0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D7NHPtVxW9c01TL1CUqRTQFddzkloBLvROanhtBnVym29LbOftGq5VlOTr6yB0agev0pbcHlXhZ3USLLcrk%2FPNnwu%2FC2QoUkvRzaLPVgil%2Bn09vI5FRFpDYQVuOMzAdcMynYJvlxRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8bcaa0b1290f2eee-MEL
x-amz-meta-mc-attrs: atime:1702247653#573416225/gid:0/gname:root/mode:33152/mtime:1702247654#925418238/uid:0/uname:root
expires: Tue, 02 Sep 2025 04:06:30 GMT

GET
H3 200 ProximaNovaRegularRu.woff2
jennifers-summer.cfd/media/dating/radarbookv2/fonts/ 33 KB
34 KB 1540ms
1540ms Font
font/woff2 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jennifers-summer.cfd/media/dating/radarbookv2/fonts/ProximaNovaRegularRu.woff2

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/media/dating/radarbookv2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aae71838ba4983ac1f65ebdfd7ce440a13ca6721863a3b72104b8e5377117ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/media/dating/radarbookv2/css/style.css
Origin: https://jennifers-summer.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F151B9B3E75F4C
alt-svc: h3=":443"; ma=86400
content-length: 34280
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 15:22:30 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:49:47.642433Z
etag: "ecef0faef83874e9f6bb9b5e9fa05a0e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w16zztSFNZYnWCLq5ro6zjjUNz0Uo2cm%2FxgpQACqmRSlncKQAG%2Fm8JjlIKme8NBWjaIgRQIA8WTlwaomF0c8Hh8vjOTXmkTf87a7YbE4TqIMdpu%2Fz1qn0Z3O9Zbipsi7Aq%2FSLlwpSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://jennifers-summer.cfd
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8bcaa0b129112eee-MEL
x-amz-meta-mc-attrs: atime:1693134505#464012617/gid:0/gname:root/mode:33188/mtime:1655387387#642433000/uid:0/uname:root
expires: Tue, 02 Sep 2025 04:06:30 GMT

GET
H3 200 ProximaNovaBoldRu.woff2
jennifers-summer.cfd/media/dating/radarbookv2/fonts/ 33 KB
34 KB 1642ms
1642ms Font
font/woff2 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jennifers-summer.cfd/media/dating/radarbookv2/fonts/ProximaNovaBoldRu.woff2

Requested by

Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/media/dating/radarbookv2/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7123efbab847067ff6e8c77753319ebb594a4a48ce9f14dbeffc0e87409c021

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifers-summer.cfd/media/dating/radarbookv2/css/style.css
Origin: https://jennifers-summer.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:32 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17F151BA06684A45
alt-svc: h3=":443"; ma=86400
content-length: 34156
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Aug 2024 07:19:23 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:49:47.382432Z
etag: "571f1669e7fa974280ed8388c62eec13"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wx44Myixy85Khbo%2B%2Bdz7FH%2FkcSQgEu%2FnuWro6tZt9GgxtGmJQumVY%2FdkDoJdDjxnpq7TdAs2gcR%2BcjEeCwWWJphqy%2BAKm4poxZ2b%2Fi5%2BktaefuMib8kyMjqQgRLcGLWBrVQqpgfX5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://jennifers-summer.cfd
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8bcaa0b958322eee-MEL
x-amz-meta-mc-attrs: atime:1720014409#556175268/gid:0/gname:root/mode:33188/mtime:1655387387#382432000/uid:0/uname:root
expires: Tue, 02 Sep 2025 04:06:31 GMT

GET
H2 200 getextparams Show response
bigdatajsext.com/ExtService.svc/ 655 B
559 B 759ms
252ms XHR
application/json 136.243.216.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bigdatajsext.com/ExtService.svc/getextparams
Requested by: Host: jennifers-summer.cfd
URL: https://jennifers-summer.cfd/util/utils.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 136.243.216.252 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.216.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 98164d888e4cf7f3719a54889d1ffc76b8ae83b80eb915f4060047883313e69a

Request headers

Referer: https://jennifers-summer.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 02 Sep 2024 04:06:31 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H3 204 favicon.ico
jennifers-summer.cfd/ 0
0 0ms
0ms Other
text/plain 172.67.217.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifers-summer.cfd/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jennifers-summer.cfd/?u=pbvk602&o=3fhpp4u&m=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 04:06:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2886
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FXaKbwOj9IeCujUXmCtg6vUoCzVt9xKwnAUFKNBJDDgEj%2BK9HxVi0ps%2F6L855N2%2Bh7k8uu1IBfHwPcVbuHrRB3I2MW5N3jPiM7zWz48WUGKvqjntfOqnF0KJVoEEH84hsM9F37HbMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8bcaa0837f562eee-MEL
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.jennifers-summer.cfd/	1970-01-20 23:15:36	Name: __cf_mw_byp Value: 8DIRbOXTXZzXevO2mBI1Fn3JqBYlQ7GoMuluos_iJRE-1725249981-0.0.1.1-/?u=pbvk602&o=3fhpp4u&m=1
			jennifers-summer.cfd/	1969-12-31 23:59:59	Name: sid Value: t1~crh10p4w2u3smcufaaunlqnf

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bigdatajsext.com
jennifers-summer.cfd
katebot.com
136.243.216.252
138.124.182.51
172.67.217.114
0adad80536f876483bd39305f76b46c652c854fa3a4f0232cd7466e6701e2848
1406e8ad5a6f490d35e424539bb837841bf4dff4c885426b282ee750e0ccc45e
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
3347da0b887922513d38c859c8ddcb86d57683aa912d2e246b80338a82d8a88c
5aae71838ba4983ac1f65ebdfd7ce440a13ca6721863a3b72104b8e5377117ee
5f1b5263f727c44e44007e2d78afa5cf1744fd9bb5f8689aa82a47d4d01c923f
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
63fc5c89f32e4e5b937f019d2826c21bd82a283127d17246ae22278ea1ff8c1e
7c03acbdf5acb45efba64f992df769065b575bdf94f4039cf738e8ceab1e5219
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8777f3b2c9044fa1990a6cd758e2819d71a32eef04525be417f35359d470fa4f
98164d888e4cf7f3719a54889d1ffc76b8ae83b80eb915f4060047883313e69a
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
a1d04908c6fdc731ce64ad6efaf0257ed609b466c38aa3951cac47a9e62c5001
a476f1070d1695aedfd70382d32db590c9759c351645cc69d073784a3507b927
a487d76bb55539f230c127ef33550d5c455ac0b67ca2b78b87452345bb0dc718
b7123efbab847067ff6e8c77753319ebb594a4a48ce9f14dbeffc0e87409c021
cf3c873bad05d9a143a34679971504d0c1d61f50534643e2c9fb6fd2d4fe3631
d323969d8e368b1e8191b75b3a9313f762550a68f7c208430eaf225548502ae0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc

jennifers-summer.cfd Open in urlscan Pro 172.67.217.114 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

310 kBTransfer

573 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

34 JavaScript Global Variables

2 Cookies

Indicators

jennifers-summer.cfd Open in urlscan Pro
172.67.217.114 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

310 kB
Transfer

573 kB
Size

2
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!