flirt-girl-sex.com Open in urlscan Pro
79.110.24.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fotogazetka.eu/
Effective URL:
https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
Submission: On November 26 via manual (November 26th 2019, 3:07:29 pm UTC) from PL

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 14 domains to perform 43 HTTP transactions. The main IP is 79.110.24.3, located in Haarlem, Netherlands and belongs to FASTCONTENT, DE. The main domain is flirt-girl-sex.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 1st 2019. Valid for: 3 months.

This is the only time flirt-girl-sex.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:30:... 2606:4700:30::681b:8799	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	88.85.66.224 88.85.66.224	35415 (WEBZILLA) (WEBZILLA)
1	5.77.57.74 5.77.57.74	20860 (IOMART-AS) (IOMART-AS)
1	107.154.132.108 107.154.132.108	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
1 2	91.184.49.241 91.184.49.241	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 12	79.110.24.3 79.110.24.3	209813 (FASTCONTENT) (FASTCONTENT)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
43	10

15 2606:4700:30::681b:8799 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

fotogazetka.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.85.66.224 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 88.85.66.224.webazilla.com

joophesh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.77.57.74 (United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: server.fresh-technologies.co.uk

gymgeartrade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.132.108 (United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.132.108.ip.incapdns.net

www.10bet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.184.49.241 (Amsterdam, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: s241.nlserver.net

sex-erotik-xxx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 79.110.24.3 (Haarlem, Netherlands) 1 redirects

ASN209813 (FASTCONTENT, DE)

flirt-girl-sex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	fotogazetka.eu fotogazetka.eu	209 KB
12	flirt-girl-sex.com 1 redirects flirt-girl-sex.com	492 KB
4	gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com	33 KB
2	sex-erotik-xxx.com 1 redirects sex-erotik-xxx.com	152 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	10bet.com www.10bet.com	148 KB
1	gymgeartrade.com gymgeartrade.com	865 KB
1	joophesh.com joophesh.com	6 KB
0	yadro.ru Failed counter.yadro.ru Failed
0	naknatjejer.net Failed www.naknatjejer.net Failed
0	chapaflas.ga Failed chapaflas.ga Failed
0	bing.net Failed tse75.mm.bing.net Failed
0	qx.se Failed gaymap.qx.se Failed
0	porrfilm.info Failed porrfilm.info Failed
43	14

	Domain	Requested by
15	fotogazetka.eu	fotogazetka.eu
12	flirt-girl-sex.com	1 redirects fotogazetka.eu flirt-girl-sex.com
2	fonts.gstatic.com	flirt-girl-sex.com
2	encrypted-tbn0.gstatic.com	fotogazetka.eu
2	sex-erotik-xxx.com	1 redirects fotogazetka.eu
2	fonts.googleapis.com	fotogazetka.eu flirt-girl-sex.com
1	www.10bet.com	fotogazetka.eu
1	gymgeartrade.com	fotogazetka.eu
1	joophesh.com	fotogazetka.eu
0	counter.yadro.ru Failed
0	www.naknatjejer.net Failed
0	chapaflas.ga Failed	fotogazetka.eu
0	tse75.mm.bing.net Failed	fotogazetka.eu
0	gaymap.qx.se Failed	fotogazetka.eu
0	porrfilm.info Failed	fotogazetka.eu
43	15

This site contains no links.

Subject Issuer	Validity	Valid
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
incapsula.com COMODO RSA Domain Validation Secure Server CA	`2017-06-28` - `2020-06-18`	3 years	crt.sh
sex-erotik-xxx.com Let's Encrypt Authority X3	`2019-11-25` - `2020-02-23`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
flirt-girl-sex.com Let's Encrypt Authority X3	`2019-11-01` - `2020-01-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
Frame ID: 71553B5899214CAE8E7EFBDB9479EF59
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://fotogazetka.eu/ Page URL
http://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor HTTP 301
https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

43
Requests

44 %
HTTPS

44 %
IPv6

14
Domains

15
Subdomains

10
IPs

5
Countries

1907 kB
Transfer

2455 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fotogazetka.eu/ Page URL
http://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor HTTP 301
https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

http://sex-erotik-xxx.com/wp-content/uploads/cropped-Frauensexkontakte.jpg HTTP 301
https://sex-erotik-xxx.com/wp-content/uploads/cropped-Frauensexkontakte.jpg

Request Chain 24

http://www.naknatjejer.net/wp-content/uploads/2012/09/118-0-b-2.jpg HTTP 301
https://www.naknatjejer.net/wp-content/uploads/2012/09/118-0-b-2.jpg

Request Chain 28

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//fotogazetka.eu/;0.7590734808956301 HTTP 302
http://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//fotogazetka.eu/;0.7590734808956301

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set / Show response
fotogazetka.eu/ 58 KB
15 KB 2459ms
2402ms Document
text/html 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://fotogazetka.eu/

Protocol

HTTP/1.1

Server

2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / PHP/7.0.32

Resource Hash

6ac0df04765c99b302c2ef8d96fc5d07d90777c3700eb723b7e3e3731f06ab95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: fotogazetka.eu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dfd6a4d9c514a11cdb8c8a8cb76a56aab1574780829; expires=Thu, 26-Dec-19 15:07:09 GMT; path=/; domain=.fotogazetka.eu; HttpOnly
Vary: Accept-Encoding
X-Powered-By: PHP/7.0.32
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 53bcc537586ccba4-VIE
Content-Encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 5 KB
688 B 19ms
16ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300

Requested by

Host: fotogazetka.eu
URL: http://fotogazetka.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b0da72d60d5dd29e3d180e7c87781f30223e27ea0b0de30826ce5a4279f2319d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 26 Nov 2019 15:07:11 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 26 Nov 2019 15:07:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 26 Nov 2019 15:07:11 GMT

GET
H/1.1 200
OK bootstrap.css
fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/css/ 128 KB
25 KB 458ms
445ms Stylesheet
text/css 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/css/bootstrap.css
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fd87267c978872291b15ccfbbe41f47bf536d4b39093753cbcc06c3ba20514d

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 18 Nov 2017 03:40:00 GMT
Server: cloudflare
ETag: W/"5a0fab90-20123"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53bcc54679b159f4-VIE

GET
H/1.1 200
OK genericons.css
fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/fonts/genericons/ 28 KB
17 KB 971ms
958ms Stylesheet
text/css 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/fonts/genericons/genericons.css
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 018d0081ba365c4b1297cc561f0dc85093369a7be051739f71f21abd2ba33064

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Tue, 14 Aug 2018 17:16:10 GMT
Server: cloudflare
ETag: W/"5b730e5a-6f5b"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53bcc546796459a0-VIE

GET
H/1.1 200
OK lightbox.css
fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/css/ 4 KB
1 KB 243ms
230ms Stylesheet
text/css 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/css/lightbox.css
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f5a49ee37f2ed1ea8c127c68d009e4307d2fac20ac0ea9c4c4ef2b01e2417f

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:11 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 18 Nov 2017 03:40:00 GMT
Server: cloudflare
ETag: W/"5a0fab90-e67"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53bcc5467c2959be-VIE

GET
H/1.1 200
OK awesome.css
fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/fonts/awesome/ 39 KB
9 KB 766ms
753ms Stylesheet
text/css 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/fonts/awesome/awesome.css
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9c70344653a11396b1057cfd461973e2666d54e5fad321433b9e950bda5bf1e

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Tue, 14 Aug 2018 17:15:03 GMT
Server: cloudflare
ETag: W/"5b730e17-9b12"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53bcc5467fdfcbcc-VIE

GET
H/1.1 200
OK style.css
fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/ 100 KB
26 KB 657ms
644ms Stylesheet
text/css 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/style.css
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c288efd048e7325809453498c3a3d855949a0fb07d9c9f98f05804935ec2fc1e

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 18 Nov 2017 03:40:00 GMT
Server: cloudflare
ETag: W/"5a0fab90-1913c"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53bcc5467cd18ca4-VIE

GET
H/1.1 200
OK isotope.js Show response
fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/js/ 89 KB
27 KB 634ms
438ms Script
application/javascript 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/js/isotope.js
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ccf570730ea4fb765a32d8bb6b59a1c4fa1b801c39695eed617944276da188e

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 18 Nov 2017 03:40:00 GMT
Server: cloudflare
ETag: W/"5a0fab90-163db"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53bcc5479953cba4-VIE

GET
H/1.1 200
OK lightbox.js Show response
fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/js/ 18 KB
6 KB 467ms
224ms Script
application/javascript 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/js/lightbox.js
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94b75105d8362e0379d2f24a0c0a52bd0203f8e3f2e81fad783ed53057465e08

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 18 Nov 2017 03:40:00 GMT
Server: cloudflare
ETag: W/"5a0fab90-473a"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53bcc547ed0459be-VIE

GET
H/1.1 200
OK owl-carousel.js Show response
fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/js/ 52 KB
11 KB 1103ms
644ms Script
application/javascript 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/js/owl-carousel.js
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 18 Nov 2017 03:40:00 GMT
Server: cloudflare
ETag: W/"5a0fab90-ce3d"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53bcc5494b7a59f4-VIE

GET
H/1.1 200
OK stellar.js Show response
fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/js/ 23 KB
6 KB 695ms
228ms Script
application/javascript 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/js/stellar.js
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4b1694e2d00c06684f77ab5b96ddc0444121933b389c42d76e9b4b42521f6ae

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 18 Nov 2017 03:40:00 GMT
Server: cloudflare
ETag: W/"5a0fab90-5d85"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53bcc5495dea59be-VIE

GET
H/1.1 200
OK bootstrap.js Show response
fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/js/ 68 KB
19 KB 1073ms
436ms Script
application/javascript 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/js/bootstrap.js
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0abe8deb334de1ba743b04d0399e99eba336afed9da72fc4c0a302c99f9238c8

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 18 Nov 2017 03:40:00 GMT
Server: cloudflare
ETag: W/"5a0fab90-1104b"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53bcc54a687fcba4-VIE

GET
H/1.1 200
OK jquery.js Show response
fotogazetka.eu/templates/saybusinessse/wp-includes/js/jquery/ 95 KB
39 KB 1202ms
543ms Script
application/javascript 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fotogazetka.eu/templates/saybusinessse/wp-includes/js/jquery/jquery.js
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Mon, 23 May 2016 16:00:30 GMT
Server: cloudflare
ETag: W/"5743291e-17ba0"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53bcc54a8f878ca4-VIE

GET
H/1.1 200
OK jquery-migrate.min.js Show response
fotogazetka.eu/templates/saybusinessse/wp-includes/js/jquery/ 10 KB
5 KB 923ms
227ms Script
application/javascript 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fotogazetka.eu/templates/saybusinessse/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 20 May 2016 13:11:28 GMT
Server: cloudflare
ETag: W/"573f0d00-2748"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53bcc54acf6559be-VIE

GET
H/1.1 200
OK ntfc.php Show response
joophesh.com/ 13 KB
6 KB 78ms
42ms Script
application/javascript 88.85.66.224
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://joophesh.com/ntfc.php?p=2333187&tco=1
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 88.85.66.224 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 88.85.66.224.webazilla.com
Software: nginx /
Resource Hash: b99f2db02ab340fdf09104c4fb6857411d0b57ae6284fdf06f0802527eea9b89

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Nov 2019 15:07:11 GMT
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Max-Age: 86400
Cache-Control: private, max-age=0, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK Rubber-(1).jpg
gymgeartrade.com/wp-content/uploads/2017/04/ 865 KB
865 KB 118ms
44ms Image
image/jpeg 5.77.57.74
IOMART-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gymgeartrade.com/wp-content/uploads/2017/04/Rubber-(1).jpg
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 5.77.57.74 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS: server.fresh-technologies.co.uk
Software: Apache /
Resource Hash: 1ce20f95cd37150efbcdfbc7cbb60ca6531f8c5511c404bed34a0edb5d3a8e89

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:10 GMT
Last-Modified: Wed, 12 Jun 2019 01:26:18 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 885339

GET
H2 200 688x492_welcome_offer_10bet_superbanner.jpg
www.10bet.com/img/59512/ 146 KB
148 KB 97ms
75ms Image
image/jpeg 107.154.132.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.10bet.com/img/59512/688x492_welcome_offer_10bet_superbanner.jpg

Requested by

Host: fotogazetka.eu
URL: http://fotogazetka.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

107.154.132.108.ip.incapdns.net

Software

nginx /

Resource Hash

84fe562772078f5e6e68167f1d490d408fcc218fd2dfe6867df0f8c232c34d9b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline'; media-src * blob: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 15:07:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Jul 2018 06:48:20 GMT
server: nginx
etag: "2078035946"
content-type: image/jpeg
status: 200
x-iinfo: 5-81320012-81288301 2NNN RT(1574780831822 0) q(0 0 0 0) r(0 0) U18
cache-control: public, max-age=2592000
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; media-src * blob: 'unsafe-inline' 'unsafe-eval';
x-cdn: Incapsula
content-length: 149988
x-xss-protection: 1; mode=block
x-upstream: 10.100.1.29:80
expires: Thu, 26 Dec 2019 15:07:12 GMT

GET
H/1.1

200
OK

cropped-Frauensexkontakte.jpg
sex-erotik-xxx.com/wp-content/uploads/
Redirect Chain

http://sex-erotik-xxx.com/wp-content/uploads/cropped-Frauensexkontakte.jpg
https://sex-erotik-xxx.com/wp-content/uploads/cropped-Frauensexkontakte.jpg

151 KB
152 KB

60ms
13ms

Image
image/jpeg

91.184.49.241
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sex-erotik-xxx.com/wp-content/uploads/cropped-Frauensexkontakte.jpg
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.184.49.241 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: s241.nlserver.net
Software: Apache/2.4.10 (Debian) /
Resource Hash: e234c22483c467639fed839ee6db18bd189d2828d835654c4a343edac934f60c

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:12 GMT
Last-Modified: Tue, 26 Apr 2016 19:14:00 GMT
Server: Apache/2.4.10 (Debian)
ETag: "25dc4-5316818716e00"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 155076

Redirect headers

Location: https://sex-erotik-xxx.com/wp-content/uploads/cropped-Frauensexkontakte.jpg
Date: Tue, 26 Nov 2019 15:07:12 GMT
Server: Apache/2.4.10 (Debian)
Connection: close
Content-Length: 367
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 2 KB
2 KB 108ms
94ms Image
image/jpeg 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT0UKjMLZZrTeIpK39gQpNQfyjr7LNT9tdZ9k-kxsxStywo1qrxW75d-RF0

Requested by

Host: fotogazetka.eu
URL: http://fotogazetka.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 15:07:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 03 Jul 2016 02:55:08 GMT
server: sffe
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2077
x-xss-protection: 0
expires: Wed, 25 Nov 2020 15:07:12 GMT

GET c93300b882a025f30d502f023169e7c7.8-520x245.jpg
porrfilm.info/wp-content/uploads/2015/03/ 0
0

GET ccc8f630026dc7f0c790ce72f75aaa.jpg
gaymap.qx.se/uploads/5f/ 0
0

GET th
tse75.mm.bing.net/ 0
0

GET 40003-000_budo-nord_mat_repair_kit_reperationssats_matta.jpg
chapaflas.ga/media/catalog/product/cache/2/small_image/295x/040ec09b1e35df139433887a97daa66f/4/0/ 0
0

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 3 KB
3 KB 68ms
67ms Image
image/jpeg 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTZrxYY7k2zBuGZpQLAZQDo9vFWyMpPhfie9WhM2DhJ0Iq4NTq2TFT1ax0

Requested by

Host: fotogazetka.eu
URL: http://fotogazetka.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 15:07:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jun 2018 21:48:04 GMT
server: sffe
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2791
x-xss-protection: 0
expires: Wed, 25 Nov 2020 15:07:13 GMT

GET

118-0-b-2.jpg
www.naknatjejer.net/wp-content/uploads/2012/09/
Redirect Chain

http://www.naknatjejer.net/wp-content/uploads/2012/09/118-0-b-2.jpg
https://www.naknatjejer.net/wp-content/uploads/2012/09/118-0-b-2.jpg

0
0

GET
H/1.1 200
OK custom.js Show response
fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/js/ 6 KB
2 KB 228ms
227ms Script
application/javascript 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fotogazetka.eu/templates/saybusinessse/wp-content/themes/saybusiness/js/custom.js
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 286d1020805359ab85f2c9e138e0a206cd7950f09964f9cc689be6c4f7692d2f

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 18 Nov 2017 03:40:00 GMT
Server: cloudflare
ETag: W/"5a0fab90-1840"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53bcc54b3b58cbcc-VIE

GET
H/1.1 200
OK wp-embed.min.js Show response
fotogazetka.eu/templates/saybusinessse/wp-includes/js/ 1 KB
1 KB 228ms
228ms Script
application/javascript 2606:4700:30::681b:8799
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fotogazetka.eu/templates/saybusinessse/wp-includes/js/wp-embed.min.js
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8799 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Referer: http://fotogazetka.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 23 Nov 2016 21:38:34 GMT
Server: cloudflare
ETag: W/"58360c5a-576"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53bcc54c281c59be-VIE

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
flirt-girl-sex.com/
Redirect Chain

http://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor

7 KB
7 KB

89ms
61ms

Document
text/html

79.110.24.3
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
Requested by: Host: fotogazetka.eu
URL: http://fotogazetka.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.3 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 6f3a4b796ee97905e7597857f2ab07756bf0a1729737217c472def1c4876a207

Request headers

Host: flirt-girl-sex.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: http://fotogazetka.eu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fotogazetka.eu/

Response headers

Server: nginx
Date: Tue, 26 Nov 2019 15:07:13 GMT
Content-Type: text/html
Content-Length: 6970
Connection: keep-alive
Cache-Control: private
Set-Cookie: ASP.NET_SessionId=p3gvqodmrmubsgkgmrcemipd; path=/; HttpOnly ASP.NET_SessionId=p3gvqodmrmubsgkgmrcemipd; path=/; HttpOnly c=lb5h3458lb81jbeg; path=/
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

Redirect headers

Server: nginx
Date: Tue, 26 Nov 2019 15:07:12 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor

GET 3578500058.js
fotogazetka.eu/ 0
0

GET

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//fotogazetka.eu/;0.7590734808956301
http://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//fotogazetka.eu/;0.7590734808956301

0
0

GET
H/1.1 200
OK animate.min.css
flirt-girl-sex.com/media/dating/toon2/css/ 52 KB
52 KB 61ms
58ms Stylesheet
text/css 79.110.24.3
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://flirt-girl-sex.com/media/dating/toon2/css/animate.min.css
Requested by: Host: flirt-girl-sex.com
URL: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.3 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

Referer: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:13 GMT
Last-Modified: Sat, 09 Nov 2019 00:49:06 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "34ab237d9796d51:0"
Content-Type: text/css
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52789

GET
H/1.1 200
OK style.css
flirt-girl-sex.com/media/dating/toon2/css/ 8 KB
9 KB 87ms
60ms Stylesheet
text/css 79.110.24.3
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://flirt-girl-sex.com/media/dating/toon2/css/style.css
Requested by: Host: flirt-girl-sex.com
URL: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.3 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 408885915473803c26419ec9081d1df03b88afbc52d44d4838ed57923dc3a1d2

Request headers

Referer: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:13 GMT
Last-Modified: Sat, 09 Nov 2019 00:49:06 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "4070287d9796d51:0"
Content-Type: text/css
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8460

GET
H/1.1 200
OK js.cookie.js Show response
flirt-girl-sex.com/cookie/ 4 KB
4 KB 86ms
59ms Script
application/javascript 79.110.24.3
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://flirt-girl-sex.com/cookie/js.cookie.js
Requested by: Host: flirt-girl-sex.com
URL: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.3 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Request headers

Referer: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:13 GMT
Last-Modified: Sat, 09 Nov 2019 00:43:42 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "794442bc9696d51:0"
Content-Type: application/javascript
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4264

GET
H/1.1 200
OK utils.js Show response
flirt-girl-sex.com/util/ 6 KB
6 KB 87ms
61ms Script
application/javascript 79.110.24.3
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://flirt-girl-sex.com/util/utils.js
Requested by: Host: flirt-girl-sex.com
URL: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.3 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: ccaecb21498801a55bf6681a2aed2bb55d512488a8dbbeb927db5ca6e0fe873b

Request headers

Referer: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:13 GMT
Last-Modified: Sat, 09 Nov 2019 00:44:18 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "4b79bcd19696d51:0"
Content-Type: application/javascript
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6019

GET
H/1.1 200
OK 123.jpg
flirt-girl-sex.com/media/dating/toon2/images/ 175 KB
175 KB 87ms
60ms Image
image/jpeg 79.110.24.3
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flirt-girl-sex.com/media/dating/toon2/images/123.jpg
Requested by: Host: flirt-girl-sex.com
URL: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.3 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

Request headers

Referer: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:13 GMT
Last-Modified: Sat, 09 Nov 2019 00:49:06 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "2e6d477d9796d51:0"
Content-Type: image/jpeg
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 179176

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
flirt-girl-sex.com/media/dating/toon2/js/ 84 KB
84 KB 83ms
60ms Script
application/javascript 79.110.24.3
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://flirt-girl-sex.com/media/dating/toon2/js/jquery-2.2.4.min.js
Requested by: Host: flirt-girl-sex.com
URL: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.3 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:13 GMT
Last-Modified: Sat, 09 Nov 2019 00:49:06 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "e5825a7d9796d51:0"
Content-Type: application/javascript
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 85578

GET
H/1.1 200
OK bb.js Show response
flirt-girl-sex.com/media/ 1 KB
2 KB 59ms
59ms Script
application/javascript 79.110.24.3
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://flirt-girl-sex.com/media/bb.js
Requested by: Host: flirt-girl-sex.com
URL: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.3 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 5aa5a69b6cca81fde78fcfffa75e3a33fe55106185e05935e40ae7f4fe214214

Request headers

Referer: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:13 GMT
Last-Modified: Sat, 09 Nov 2019 00:43:51 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "8d8cd5c19696d51:0"
Content-Type: application/javascript
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1331

GET
H/1.1 200
OK exit-popup.css
flirt-girl-sex.com/media/exit-new/ 3 KB
3 KB 60ms
59ms Stylesheet
text/css 79.110.24.3
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://flirt-girl-sex.com/media/exit-new/exit-popup.css
Requested by: Host: flirt-girl-sex.com
URL: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.3 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: f61d61e21e118725699a14b9b85a45185b12fbfea3220818c5ea6f811d520f29

Request headers

Referer: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:13 GMT
Last-Modified: Sat, 09 Nov 2019 00:50:14 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "72ddaa59796d51:0"
Content-Type: text/css
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2660

GET
H/1.1 200
OK exit1.js Show response
flirt-girl-sex.com/media/exit-new/ 32 KB
33 KB 60ms
59ms Script
application/javascript 79.110.24.3
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://flirt-girl-sex.com/media/exit-new/exit1.js
Requested by: Host: flirt-girl-sex.com
URL: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.3 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: b5eaefef0eb2427539cd7059a04802b9f9c4b98bc81de89d613ba28dca234b04

Request headers

Referer: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:13 GMT
Last-Modified: Sat, 09 Nov 2019 00:50:14 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "90a9b8a59796d51:0"
Content-Type: application/javascript
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33198

GET
H2 200 css
fonts.googleapis.com/ 35 KB
2 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Requested by

Host: flirt-girl-sex.com
URL: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

77d239ac72d84c21750029f6388e18c1fe0df5adac783a24bcb295044f317957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 26 Nov 2019 15:07:13 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 26 Nov 2019 15:07:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 26 Nov 2019 15:07:13 GMT

GET
H/1.1 200
OK bg.jpg
flirt-girl-sex.com/media/dating/toon2/images/ 117 KB
117 KB 59ms
58ms Image
image/jpeg 79.110.24.3
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flirt-girl-sex.com/media/dating/toon2/images/bg.jpg
Requested by: Host: flirt-girl-sex.com
URL: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.3 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4

Request headers

Referer: https://flirt-girl-sex.com/media/dating/toon2/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 15:07:13 GMT
Last-Modified: Sat, 09 Nov 2019 00:49:06 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "b9964e7d9796d51:0"
Content-Type: image/jpeg
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 119754

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: flirt-girl-sex.com
URL: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext
Origin: https://flirt-girl-sex.com

Response headers

date: Thu, 21 Nov 2019 20:32:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 412458
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14176
x-xss-protection: 0
expires: Fri, 20 Nov 2020 20:32:55 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: flirt-girl-sex.com
URL: https://flirt-girl-sex.com/?u=p2kp605&o=340wkn2&t=dor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext
Origin: https://flirt-girl-sex.com

Response headers

date: Thu, 21 Nov 2019 15:18:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 431342
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Fri, 20 Nov 2020 15:18:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: porrfilm.info
URL: http://porrfilm.info/wp-content/uploads/2015/03/c93300b882a025f30d502f023169e7c7.8-520x245.jpg

Domain: gaymap.qx.se
URL: https://gaymap.qx.se/uploads/5f/ccc8f630026dc7f0c790ce72f75aaa.jpg

Domain: tse75.mm.bing.net
URL: https://tse75.mm.bing.net/th?id\u003dOIP.bpYHPRazk03IAXRlPd40vgHaEI

Domain: chapaflas.ga
URL: https://chapaflas.ga/media/catalog/product/cache/2/small_image/295x/040ec09b1e35df139433887a97daa66f/4/0/40003-000_budo-nord_mat_repair_kit_reperationssats_matta.jpg

Domain: www.naknatjejer.net
URL: https://www.naknatjejer.net/wp-content/uploads/2012/09/118-0-b-2.jpg

Domain: fotogazetka.eu
URL: http://fotogazetka.eu/3578500058.js?0.21131621866526418

Domain: counter.yadro.ru
URL: http://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//fotogazetka.eu/;0.7590734808956301

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			flirt-girl-sex.com/	1969-12-31 23:59:59	Name: c Value: lb5h3458lb81jbeg
			flirt-girl-sex.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: p3gvqodmrmubsgkgmrcemipd

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://fotogazetka.eu/templates/saybusinessse/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chapaflas.ga
counter.yadro.ru
encrypted-tbn0.gstatic.com
flirt-girl-sex.com
fonts.googleapis.com
fonts.gstatic.com
fotogazetka.eu
gaymap.qx.se
gymgeartrade.com
joophesh.com
porrfilm.info
sex-erotik-xxx.com
tse75.mm.bing.net
www.10bet.com
www.naknatjejer.net
chapaflas.ga
counter.yadro.ru
fotogazetka.eu
gaymap.qx.se
porrfilm.info
tse75.mm.bing.net
www.naknatjejer.net
107.154.132.108
2606:4700:30::681b:8799
2a00:1450:4001:809::2003
2a00:1450:4001:815::200e
2a00:1450:4001:825::200a
5.77.57.74
79.110.24.3
88.85.66.224
91.184.49.241
018d0081ba365c4b1297cc561f0dc85093369a7be051739f71f21abd2ba33064
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0abe8deb334de1ba743b04d0399e99eba336afed9da72fc4c0a302c99f9238c8
1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4
1ce20f95cd37150efbcdfbc7cbb60ca6531f8c5511c404bed34a0edb5d3a8e89
286d1020805359ab85f2c9e138e0a206cd7950f09964f9cc689be6c4f7692d2f
3ccf570730ea4fb765a32d8bb6b59a1c4fa1b801c39695eed617944276da188e
3fd87267c978872291b15ccfbbe41f47bf536d4b39093753cbcc06c3ba20514d
408885915473803c26419ec9081d1df03b88afbc52d44d4838ed57923dc3a1d2
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5aa5a69b6cca81fde78fcfffa75e3a33fe55106185e05935e40ae7f4fe214214
6ac0df04765c99b302c2ef8d96fc5d07d90777c3700eb723b7e3e3731f06ab95
6f3a4b796ee97905e7597857f2ab07756bf0a1729737217c472def1c4876a207
77d239ac72d84c21750029f6388e18c1fe0df5adac783a24bcb295044f317957
80f5a49ee37f2ed1ea8c127c68d009e4307d2fac20ac0ea9c4c4ef2b01e2417f
84fe562772078f5e6e68167f1d490d408fcc218fd2dfe6867df0f8c232c34d9b
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d
94b75105d8362e0379d2f24a0c0a52bd0203f8e3f2e81fad783ed53057465e08
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
b0da72d60d5dd29e3d180e7c87781f30223e27ea0b0de30826ce5a4279f2319d
b5eaefef0eb2427539cd7059a04802b9f9c4b98bc81de89d613ba28dca234b04
b99f2db02ab340fdf09104c4fb6857411d0b57ae6284fdf06f0802527eea9b89
c288efd048e7325809453498c3a3d855949a0fb07d9c9f98f05804935ec2fc1e
ccaecb21498801a55bf6681a2aed2bb55d512488a8dbbeb927db5ca6e0fe873b
d4b1694e2d00c06684f77ab5b96ddc0444121933b389c42d76e9b4b42521f6ae
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e234c22483c467639fed839ee6db18bd189d2828d835654c4a343edac934f60c
e9c70344653a11396b1057cfd461973e2666d54e5fad321433b9e950bda5bf1e
f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57
f61d61e21e118725699a14b9b85a45185b12fbfea3220818c5ea6f811d520f29
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

flirt-girl-sex.com Open in urlscan Pro 79.110.24.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

44 %HTTPS

44 %IPv6

14 Domains

15 Subdomains

10 IPs

5 Countries

1907 kBTransfer

2455 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

flirt-girl-sex.com Open in urlscan Pro
79.110.24.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

44 %
HTTPS

44 %
IPv6

14
Domains

15
Subdomains

10
IPs

5
Countries

1907 kB
Transfer

2455 kB
Size

2
Cookies

43 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!