urlscan.io logo urlscan.io
SecurityTrails logo

jennifervacations.cfd Open in urlscan Pro
188.114.97.3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://incmix.com/heqjextozyniabrvcdmjsflk
Effective URL: https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
Submission: On September 18 via api from KR — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is jennifervacations.cfd.
TLS certificate: Issued by WE1 on September 4th 2024. Valid for: 3 months.
This is the only time jennifervacations.cfd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 89.169.15.158 41745 (FORTIS-AS...)
1 16 188.114.97.3 13335 (CLOUDFLAR...)
1 142.250.184.234 15169 (GOOGLE)
2 172.217.23.99 15169 (GOOGLE)
19 4
Apex Domain
Subdomains		 Transfer
16 jennifervacations.cfd
jennifervacations.cfd
434 KB
2 gstatic.com
fonts.gstatic.com
68 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 incmix.com
incmix.com
3 KB
19 4
Domain Requested by
16 jennifervacations.cfd 1 redirects incmix.com
jennifervacations.cfd
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com jennifervacations.cfd
1 incmix.com
19 4

This site contains no links.

Subject Issuer Validity Valid
incmix.com
R10		 2024-09-13 -
2024-12-12		 3 months crt.sh
jennifervacations.cfd
WE1		 2024-09-04 -
2024-12-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
Frame ID: 9322155A04539714EE2F7AFE569D9AC7
Requests: 17 HTTP requests in this frame

Frame: https://jennifervacations.cfd/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js
Frame ID: 7EABAB9853B7A4147AB9ACA921F237F7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chi vorresti incontrare?

Page URL History Show full URLs

  1. https://incmix.com/heqjextozyniabrvcdmjsflk Page URL
  2. https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

506 kB
Transfer

593 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://incmix.com/heqjextozyniabrvcdmjsflk Page URL
  2. https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://jennifervacations.cfd/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://jennifervacations.cfd/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
heqjextozyniabrvcdmjsflk
incmix.com/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://incmix.com/heqjextozyniabrvcdmjsflk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.169.15.158 Krasnogorsk, Russian Federation, ASN41745 (FORTIS-AS Hosting services, RU),
Reverse DNS
Software
openresty / PHP/7.2.30
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 18 Sep 2024 04:23:42 GMT
Server
openresty
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.30
Primary Request /
jennifervacations.cfd/ 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
Requested by
Host: incmix.com
URL: https://incmix.com/heqjextozyniabrvcdmjsflk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad84a87a4bd79fec5a0020d1c3b847aeb6dc79f6ae10f24d5ea29866ef83ede2

Request headers

Referer
https://incmix.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8c4e8fed9d55bac3-MXP
content-encoding
br
content-type
text/html
date
Wed, 18 Sep 2024 04:23:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xRPk2X5r4qvrwgWk44g2jYEHwxkms4xHz%2B2K0JRChCKU9lAkbDt8x%2FtvE8S%2FTtO%2FRpQPDKa6R2M6b8r4pqaA4YKJs1lN5MINpRtDMHeQWLkIqm6QEaMKa9M1JmpLmJ%2FGSFGJT%2FDrxLI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style_shagslags_casual.css
jennifervacations.cfd/media/dating/comics2/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jennifervacations.cfd/media/dating/comics2/css/style_shagslags_casual.css
Requested by
Host: jennifervacations.cfd
URL: https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44cdc9d6fcb27f0151008834ec03cacbf1d85ff00770875f341f5b277f70faec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 04:23:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17F63BF341F94AD1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
last-modified
Wed, 03 Apr 2024 10:27:47 GMT
server
cloudflare
x-amz-meta-mm-source-mtime
2024-04-03T10:27:47.89Z
etag
W/"6e235c40289b93ac190f387e5eb7e1b4"
vary
Origin, Accept-Encoding
x-ratelimit-remaining
1988
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oL2JcZOZBx9zXVib5dnvUldCIuX1FGQTp3335iyVi9j3Waxjl7lQBFfbTpIZTbKpf7TFBRLn31H8FES%2BudbFf9j1uSiG9vLqhljPXEvBHkVaskJZhk%2FN9go3F8rLNk5%2F7KWtBMvrVeY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-ratelimit-limit
1988
cf-ray
8c4e8feece27bac3-MXP
x-amz-meta-mc-attrs
atime:1712140067#887756963/gid:0/gname:root/mode:33152/mtime:1712140067#843756884/uid:0/uname:root
expires
Thu, 18 Sep 2025 04:23:43 GMT
js.cookie.js
jennifervacations.cfd/cookie/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jennifervacations.cfd/cookie/js.cookie.js
Requested by
Host: jennifervacations.cfd
URL: https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 04:23:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17F628A8D2311339
age
21036
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
last-modified
Wed, 20 Sep 2023 15:19:53 GMT
server
cloudflare
x-amz-meta-mm-source-mtime
2022-07-21T10:00:37.354375Z
etag
W/"a7e9883924072f15259de6888d5ef515"
vary
Origin, Accept-Encoding
x-ratelimit-remaining
1988
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5xvu7GnwGJEEWOJ%2FUh6g%2BsMmNOTfg8sq%2FK0IzhtoDGgmVk089vsLKAEW0BEDeRu2YEOO3JY31oQqM9SG9auPeATh2f8SCQHvh3JoWtO5jxqnCDyoOlx1uJVoZsPIEH%2BsDJQ70pGdOWY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-ratelimit-limit
1988
cf-ray
8c4e8feece2abac3-MXP
x-amz-meta-mc-attrs
atime:1693134513#248036972/gid:0/gname:root/mode:33188/mtime:1658397637#354375000/uid:0/uname:root
expires
Wed, 17 Sep 2025 22:33:07 GMT
utils.js
jennifervacations.cfd/util/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jennifervacations.cfd/util/utils.js
Requested by
Host: jennifervacations.cfd
URL: https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a487d76bb55539f230c127ef33550d5c455ac0b67ca2b78b87452345bb0dc718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 04:23:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17F628A8D04B4DB7
age
21036
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
last-modified
Mon, 01 Jul 2024 09:08:58 GMT
server
cloudflare
x-amz-meta-mm-source-mtime
2024-07-01T09:08:58.408Z
etag
W/"85a42b1d6c8769fce99fb44aefb041b0"
vary
Origin, Accept-Encoding
x-ratelimit-remaining
1988
content-type
text/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lWv4XkPcOuNvvFrn3ZE%2BesCEOFuskRailP3V7GVlRFYi8NxfErCqcKWdaT7fDK%2B4xWuJg76D89omSQYH1gYCuTg%2BTG%2F0TcsjR7hvQVvIJgwJR9r45cNiv6XSnCMkOMp8PFRTXg%2BVwjk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-ratelimit-limit
1988
cf-ray
8c4e8feece2bbac3-MXP
x-amz-meta-mc-attrs
atime:1719824921#861045785/gid:0/gname:root/mode:33188/mtime:1719824938#357078843/uid:0/uname:root
expires
Wed, 17 Sep 2025 22:33:07 GMT
jquery.js
jennifervacations.cfd/media/dating/comics2/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jennifervacations.cfd/media/dating/comics2/js/jquery.js
Requested by
Host: jennifervacations.cfd
URL: https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5c52b770515de42f75c10ed8edfee0948fd13e412d6112b7f1b441e4cbeec72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 04:23:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17F63BF34273AC37
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
last-modified
Mon, 01 Jul 2024 09:42:50 GMT
server
cloudflare
x-amz-meta-mm-source-mtime
2024-07-01T09:42:50.765Z
etag
W/"49be49b91650cec6d44ded426385cfb3"
vary
Origin, Accept-Encoding
x-ratelimit-remaining
1988
content-type
text/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H5Qra%2FXLagEZxcLu5tUyftGN%2FypkeuAmffb8gxgGKUHSDSWCnwY8%2F%2FvyALc5y9uSX1ruLR1l7tTEyPfE6IMRGEb3iLCR7cRQjrLYFaIbwkRplXUCiToTxriU37ParTgw%2BdGH%2B8E1mAc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-ratelimit-limit
1988
cf-ray
8c4e8feece2dbac3-MXP
x-amz-meta-mc-attrs
atime:1719826970#761337411/gid:0/gname:root/mode:33188/mtime:1719826970#709337297/uid:0/uname:root
expires
Thu, 18 Sep 2025 04:23:43 GMT
bb.js
jennifervacations.cfd/media/ 		639 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jennifervacations.cfd/media/bb.js
Requested by
Host: jennifervacations.cfd
URL: https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 04:23:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17F628A917FEE657
age
21036
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
last-modified
Wed, 20 Sep 2023 15:21:05 GMT
server
cloudflare
x-amz-meta-mm-source-mtime
2022-07-28T17:55:13.852764Z
etag
W/"0d553e4bac91c74bfee2dbabba61e99e"
vary
Origin, Accept-Encoding
x-ratelimit-remaining
1988
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xQii3fhzAnUMIZlua0zJlHNE3DOzTprRxYNXjdYvAG2mRoNwkz5ZdMAqIOJ3yUfjGKNqBrckUPV5VPsmXXaFBSAeTvfUO9TDe8Frhr20vp%2FBUm4kTy39fCfJXh9LIj9zysP0sMn13zM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-ratelimit-limit
1988
cf-ray
8c4e8feece2fbac3-MXP
x-amz-meta-mc-attrs
atime:1693134512#756035434/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root
expires
Wed, 17 Sep 2025 22:33:07 GMT
exit1.js
jennifervacations.cfd/media/exit-new/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jennifervacations.cfd/media/exit-new/exit1.js
Requested by
Host: jennifervacations.cfd
URL: https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 04:23:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17F628A9215BFC6B
age
21035
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
354f9eb41c4f44111da43ee93430d467ccc8f740dac6a89f93d2690a13b4c5b4
x-xss-protection
1; mode=block
last-modified
Thu, 01 Aug 2024 07:20:12 GMT
server
cloudflare
x-amz-meta-mm-source-mtime
2022-06-16T13:19:04.182688Z
etag
W/"625e5e2950612f771e246beb33c9ea61"
vary
Origin, Accept-Encoding
x-ratelimit-remaining
365
content-type
text/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BbpjjaKE2UEXUi7WQwMZKIK4NOf%2BdDlCN4vslqVJkmQ5Rtjo%2FZtA1Ejfgtk52OYFtoO%2FMLDFx1zh7UWYLDKwTmf0qh020Jnj%2FbRGVs%2BhkRo6uMOKL3bgO0GViPEuyG9iwSQ9uvFFS8c%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-ratelimit-limit
365
cf-ray
8c4e8feece30bac3-MXP
x-amz-meta-mc-attrs
atime:1720014412#200181126/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root
expires
Wed, 17 Sep 2025 22:33:08 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Bangers|PT+Sans:400,700&display=swap
Requested by
Host: jennifervacations.cfd
URL: https://jennifervacations.cfd/media/dating/comics2/css/style_shagslags_casual.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
683486f7cf309f132f93c3615ca9012953823dedda66a28ef774eeeae9fc057e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://jennifervacations.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 18 Sep 2024 04:23:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 18 Sep 2024 04:23:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Sep 2024 04:23:44 GMT
bg.jpg
jennifervacations.cfd/media/dating/comics2/images/casual/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jennifervacations.cfd/media/dating/comics2/images/casual/bg.jpg
Requested by
Host: jennifervacations.cfd
URL: https://jennifervacations.cfd/media/dating/comics2/css/style_shagslags_casual.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c6f977f82816191dd72d29356e39cd40c7488a32113191ca6ac51a489c9b979
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jennifervacations.cfd/media/dating/comics2/css/style_shagslags_casual.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 04:23:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17F63BF38C0BA34B
alt-svc
h3=":443"; ma=86400
content-length
123831
x-amz-id-2
5bbf9b091ca9dd795595b773b0f1d036407937e2098457815217f1ddbc67c996
x-xss-protection
1; mode=block
last-modified
Thu, 01 Aug 2024 07:18:46 GMT
server
cloudflare
x-amz-meta-mm-source-mtime
2023-11-30T15:23:43.663855208Z
etag
"7ad4a8844c7e4de574865811b0862ea1"
vary
Origin, Accept-Encoding
x-ratelimit-remaining
343
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BG8pMJJrEVA6RlU3UgubUKeZK6IXiA7JQi1pfl7M1vKPTUzkHghdnDV%2B%2FAT5zsQKm4gaYvQMIQ3aklv5%2Fz8qWFMrj3Duu357nIS2LYJN%2F2%2FfLMHnhWPKFYNSXrJi0oziDYdbkBUnVKE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-ratelimit-limit
343
accept-ranges
bytes
cf-ray
8c4e8ff58b2ebac3-MXP
x-amz-meta-mc-attrs
atime:1720014409#100174258/gid:0/gname:root/mode:33188/mtime:1701357823#663855208/uid:0/uname:root
expires
Thu, 18 Sep 2025 04:23:44 GMT
photos_alt3.jpg
jennifervacations.cfd/media/dating/comics2/images/casual/ 		206 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jennifervacations.cfd/media/dating/comics2/images/casual/photos_alt3.jpg
Requested by
Host: jennifervacations.cfd
URL: https://jennifervacations.cfd/media/dating/comics2/css/style_shagslags_casual.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9c37f2419b3c5c9945c213726f2ec4d7ef9e97abfd8c0ac57359bbc284b0658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jennifervacations.cfd/media/dating/comics2/css/style_shagslags_casual.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 04:23:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17F63BF38265610A
alt-svc
h3=":443"; ma=86400
content-length
210782
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
last-modified
Wed, 03 Apr 2024 10:28:12 GMT
server
cloudflare
x-amz-meta-mm-source-mtime
2024-04-03T10:28:12.383Z
etag
"b2332e5526281145b7ad2d00d990bc6d"
vary
Origin, Accept-Encoding
x-ratelimit-remaining
1988
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K2XlUScRBLlkJpM09H63F1cEQonUgNmrpid4JgIqDN0E9MKu3ri628G4cC5Dsp7VV5IRvdHS2R4p%2B9gR27Lrw4qFhA304I6qULOq8C11d1nG1pbgjZOB2X1xSDIMaiM8IsHzvz6PWgc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-ratelimit-limit
1988
accept-ranges
bytes
cf-ray
8c4e8ff58b2fbac3-MXP
x-amz-meta-mc-attrs
atime:1712140092#91799837/gid:0/gname:root/mode:33188/mtime:1712140092#331800257/uid:0/uname:root
expires
Thu, 18 Sep 2025 04:23:44 GMT
batman.png
jennifervacations.cfd/media/dating/comics2/images/casual/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jennifervacations.cfd/media/dating/comics2/images/casual/batman.png
Requested by
Host: jennifervacations.cfd
URL: https://jennifervacations.cfd/media/dating/comics2/css/style_shagslags_casual.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0d4254ba201c855928ba2017789349f1be991c82b2fda5af4a8015c314b0c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jennifervacations.cfd/media/dating/comics2/css/style_shagslags_casual.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 04:23:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17F63BF382B1A347
alt-svc
h3=":443"; ma=86400
content-length
12207
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 15:23:42 GMT
server
cloudflare
x-amz-meta-mm-source-mtime
2023-11-30T15:23:42.887Z
etag
"37ffb24746c0f337dca8f1d4244fa104"
vary
Origin, Accept-Encoding
x-ratelimit-remaining
1988
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B9RxCb1DO6A9xjLDCWFs42Kdb4uZKKNLBpge9MuPRisPuuUpiplpe%2B0hebmtunQm5E%2FEM0LH1bgQscwY5K81mIWX%2Bat4ReH7Xq7R9vGXsXven5hKLfbw9uyJJaUNDjgnuDZQKsX4hWQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-ratelimit-limit
1988
accept-ranges
bytes
cf-ray
8c4e8ff58b30bac3-MXP
x-amz-meta-mc-attrs
atime:1701357822#787853891/gid:0/gname:root/mode:33188/mtime:1701357822#839853969/uid:0/uname:root
expires
Thu, 18 Sep 2025 04:23:44 GMT
batman2.jpg
jennifervacations.cfd/media/dating/comics2/images/casual/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jennifervacations.cfd/media/dating/comics2/images/casual/batman2.jpg
Requested by
Host: jennifervacations.cfd
URL: https://jennifervacations.cfd/media/dating/comics2/css/style_shagslags_casual.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79884328e58e88e76a0577610ba2e13db966e9b44d8856894f1652b229ec03ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jennifervacations.cfd/media/dating/comics2/css/style_shagslags_casual.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 04:23:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17F63BF38C55CC81
alt-svc
h3=":443"; ma=86400
content-length
20016
x-amz-id-2
354f9eb41c4f44111da43ee93430d467ccc8f740dac6a89f93d2690a13b4c5b4
x-xss-protection
1; mode=block
last-modified
Thu, 01 Aug 2024 07:18:46 GMT
server
cloudflare
x-amz-meta-mm-source-mtime
2023-11-30T15:23:43.203854515Z
etag
"5c2978a13c81ba96d9c07fd0cb16d7a4"
vary
Origin, Accept-Encoding
x-ratelimit-remaining
365
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5mcMhqZH7JP6yYycf6s8xNMgG%2Fc1Di5zivjCf30WW5jhAKNMpE9xvpg3%2FejxrFjdA9d9xqBRhRftcOnVGrxR6ge%2FAVJdadIvvskXNwry3SKgD%2F3yqAkTpfCrfzshZOIY%2B%2BbaytJOI8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-ratelimit-limit
365
accept-ranges
bytes
cf-ray
8c4e8ff58b31bac3-MXP
x-amz-meta-mc-attrs
atime:1720014409#100174258/gid:0/gname:root/mode:33188/mtime:1701357823#203854515/uid:0/uname:root
expires
Thu, 18 Sep 2025 04:23:44 GMT
vs_alt.png
jennifervacations.cfd/media/dating/comics2/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jennifervacations.cfd/media/dating/comics2/images/vs_alt.png
Requested by
Host: jennifervacations.cfd
URL: https://jennifervacations.cfd/media/dating/comics2/css/style_shagslags_casual.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
838c8bbb7f05529adfbb243c8318b94bdea84ecd7b284b02d97daa544d0153fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jennifervacations.cfd/media/dating/comics2/css/style_shagslags_casual.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 04:23:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17F63BF382E979F8
alt-svc
h3=":443"; ma=86400
content-length
20051
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
last-modified
Wed, 20 Sep 2023 15:22:01 GMT
server
cloudflare
x-amz-meta-mm-source-mtime
2022-06-16T13:39:43.989083Z
etag
"1f9f7b1e5030cc64c5fa1da388952a34"
vary
Origin, Accept-Encoding
x-ratelimit-remaining
1988
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tjCx4tB7URLDrbHPzQdfhJpL89v2QHp1Y1lIve0sqZGmP0Y3Q%2F2EkR6%2FocSPVXWl%2BZtQCFgRpios6LlnhCRbmHaGQr0lLVCbYjHQCdO41Tp2PptjSzmtJnFnk7drvlVEg9ChY%2BRf8qI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-ratelimit-limit
1988
accept-ranges
bytes
cf-ray
8c4e8ff58b32bac3-MXP
x-amz-meta-mc-attrs
atime:1693134505#36011275/gid:0/gname:root/mode:33188/mtime:1655386783#989083000/uid:0/uname:root
expires
Thu, 18 Sep 2025 04:23:44 GMT
FeVQS0BTqb0h60ACH55Q2A.woff2
fonts.gstatic.com/s/bangers/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bangers/v24/FeVQS0BTqb0h60ACH55Q2A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bangers|PT+Sans:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
sffe /
Resource Hash
8dda284b2884152157e98574f8340cd385a9b6bb2d1fd8179fe990785ec228c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jennifervacations.cfd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 11:44:41 GMT
x-content-type-options
nosniff
age
59943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:47:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Sep 2025 11:44:41 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bangers|PT+Sans:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jennifervacations.cfd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 13:15:19 GMT
x-content-type-options
nosniff
age
54505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Sep 2025 13:15:19 GMT
main.js
jennifervacations.cfd/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/ Frame 7EAB
Redirect Chain
  • https://jennifervacations.cfd/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://jennifervacations.cfd/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jennifervacations.cfd/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
Requested by
Host: jennifervacations.cfd
URL: https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
Protocol
H2
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
846d401740705355f79ddd8fef6054dfa1103d4356278016657ffcc3796366b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 04:23:44 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SO4oCd%2BZxtnlwx2ep%2FhF0RpyKysZUDn4Ad0GjCQZcsTsMte6lKrqqJS32BX3Dtg%2BxXAZA0vSLv2GX8cSx1QovOKW9Gux1bz67DxUFc6JeNdPx6%2FUI%2FBBX3UUNcbBJPEBJWj7k9Cyuj4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8c4e8ff67c06bac3-MXP
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 18 Sep 2024 04:23:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Gi%2FzJjrFr%2BECMAC5kJmc%2BxIQyVrwoAk10%2FzoUm3cYYqRxPbIWSVLhfx0ZHO4YI45lZUfVoaPw04Oo26aBbagR9bR%2B4yWAfrHhmTUcR0WHboE2ByhXuNGIbm80yMJAcBL7gTTtlhrWA%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8c4e8ff5ab4bbac3-MXP
alt-svc
h3=":443"; ma=86400
content-length
0
8c4e8fed9d55bac3
jennifervacations.cfd/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 7EAB 		0
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jennifervacations.cfd/cdn-cgi/challenge-platform/h/b/jsd/r/8c4e8fed9d55bac3
Requested by
Host: jennifervacations.cfd
URL: https://jennifervacations.cfd/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 18 Sep 2024 04:23:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbz7LdgtVaDV2cfw7wUjZL1OkNGPNjsv1sKhI%2FqZSd8uoBUfonAySiwhO3crRhF2d1sydEzUB9gLQth4TYbj9fVyPJf%2Fsc3VqMrQFcvldJDqP6gI9Ajfpp5PTkp7wdmHBKLXvWxmGw4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8c4e8ff93e2fbac3-MXP
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
jennifervacations.cfd/ 		0
302 B 		Other
General
Check archive.org
Download Go to
Full URL
https://jennifervacations.cfd/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jennifervacations.cfd/?u=pbvk602&o=3fhpp4u&m=1&t=check
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 04:23:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7071
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tf5al7GwMStQNXzNEvg8gN8J%2BSMzW%2F0YL%2BwifxqbZVLidC%2FkYaa1SwIw6GuMo9qYUxOvpWpxXBE1fY50wNbj7D%2FKgiOrL2g8SU4MEkm1HECVZFUsgIL9FcjwauxFgQXJRCiPTCOWJE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8c4e8ffa1ed2bac3-MXP
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| requestLink number| exDays function| wireUpEvents function| Cookies function| docReady function| getParameterByName function| hideUnsub function| languageDetection function| writeLocation function| showLocation function| appendPixels function| getCookie function| getBackendParamsByName function| addSessionId function| $ function| jQuery function| getUrlParameter function| getUrlWithParam string| exitsplashpage function| DisplayExitSplash function| addLoadEvent function| addClickEvent function| disablelinksfunc function| disableformsfunc

2 Cookies

Domain/Path Name / Value
jennifervacations.cfd/ Name: sid
Value: t1~41kmx3ap0juh4t34qnd1km4m
.jennifervacations.cfd/ Name: cf_clearance
Value: LeU4BQYHMFFtpYD.7tWzxBZs7VogN.T_0RaPjIOr2QQ-1726633424-1.2.1.1-0TYkgtywbb8JLLGvSMGXKyyqrbHY4ljWxSkOHT8K_yjP2_8R593tcxtU3llBs76XIAVlNjavr5wqtVkZCITQEI8EOfD1g2QuGi06fMEJu0yVGb_8akDPIA2oiCGuk0yPesNT0Nx80fURr7j1lgl1SKTw7HPkERiJJIucoSWi4hTfynNf8ZYDmmKH4T_kfSpa47KCOgNO1GAvghzDKAE7NBMOtT2mkk6XjrSj2RmKDno4AJwtD4DeXPwK5Z2ea4s31A5J._tCclC9qIICGVexqKwKZ.NRb_1_e1udxSshZ6lMe4ViAV_8QEAnivacsWK1uXajZpN5kMXIgOOdX8R_YjsOGTvbnB34UUsuN.Bgum0y6umuEi.g0LoN18VpGVX9