findnewgf2025.pp.ru Open in urlscan Pro
2606:4700:3036::6815:20a6  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://angelica.erkjaepolybeq.ru.com/Angelica-selfie-95 Page URL
2. https://findnewgf2025.pp.ru/?s1=ser10 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

• https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP 302
• https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP 302
• https://accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AVdkyDnVxuUYaPPmm_KSgJ-GUkaBu5fYobx-QHdrdtlj4WdP3MY0S4szJcGjAU7hOPgmuLca2w2fLQ HTTP 302
• https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AVdkyDk21DxA-ZKpB3EFcELD8mU3APJPYv66NpP4Sdc4OZTxaxo5gs36E2FwBMPAWiSV5mVz7Y7BJg&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-147226014%3A1736638923871637&ddm=1

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Angelica-selfie-95 Show response angelica.erkjaepolybeq.ru.com/	291 B 894 B	320ms 268ms	Document text/html	2606:4700:3035::ac43:9f2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://angelica.erkjaepolybeq.ru.com/Angelica-selfie-95 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:9f2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash bd2a5de647314109e3071a6d5c9045905bdee4e189f6155ea4302f9b40ada834 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 9008c2c58e5c7271-EWR content-encoding zstd content-type text/html; charset=UTF-8 date Sat, 11 Jan 2025 23:42:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dV7iEQFgUjzpIous%2FRYZlFrg6K%2B35gmCBuUaxAqpnvj%2BvprERS1lm%2F9hfYUtvII8BES%2FCSjn9oVsqt8pdoyVM0klO%2F0OftQMDTsPW8dOWBakNhlVU4iXsRTQjwuTZP2TKNdgHYOWOifbLXycyZUrAKaT2qoMFZFgHLNy2A%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=2784&min_rtt=2745&rtt_var=467&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3921&recv_bytes=2313&delivery_rate=1405786&cwnd=253&unsent_bytes=0&cid=d2f3ee244bbd452c&ts=276&x=0" x-powered-by PHP/5.4.16
GET H3	200	favicon.ico angelica.erkjaepolybeq.ru.com/	290 B 993 B	266ms 266ms	Other text/html	2606:4700:3035::ac43:9f2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://angelica.erkjaepolybeq.ru.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:9f2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash 611705634c9ee279cf2798765a9e098922b51e0049ec25796f80db3d48909bce Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://angelica.erkjaepolybeq.ru.com/Angelica-selfie-95 Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWL8rCQnUc6vOyMXrzythg8NJIwziQpUxdffmTTlk5pKHeX58HdCIlQgWxDxp5YbgofG68CU%2FtZKqG9hrioR0X8jUSlJEpfmNJdt4wuHcXOWql2RKTOvrWMlGxhcPs6EEsSPunP92AhO39w2rKp%2FE835iM0v4ufpLlMOTQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 9008c2c75ef9c470-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2551&min_rtt=2356&rtt_var=556&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4232&recv_bytes=5645&delivery_rate=1006&cwnd=12000&unsent_bytes=0&cid=84ec9ec93e131536&ts=572&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 23:42:01 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/5.4.16 vary Accept-Encoding last-modified Sat, 11 Jan 2025 23:42:01 GMT priority u=1,i
GET H3	200	Primary Request / Show response findnewgf2025.pp.ru/	8 KB 4 KB	750ms 565ms	Document text/html	2606:4700:3036::6815:20a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://findnewgf2025.pp.ru/?s1=ser10 Requested by Host: angelica.erkjaepolybeq.ru.com URL: https://angelica.erkjaepolybeq.ru.com/Angelica-selfie-95 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:20a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 98556b5d30af3c7860a4826ffb3586176ae36a215260b6399f62925d586943ab Request headers Referer https://angelica.erkjaepolybeq.ru.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 9008c2cec8214345-EWR content-encoding zstd content-type text/html; charset=UTF-8 date Sat, 11 Jan 2025 23:42:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XTgfh%2BvXbIfDT4I20qptAYo%2BB5%2FrozavyJi8Q7UaDk8imxFsAEMc3QSKImMobonYmIlwlW8iyX1poHI%2FtSTx4fkbJhee5A7N4odmHHeozGrpLbV6UFoV5ULTDujAjt39wdBy6OevPoBq6kdQDSG7hHhC"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=2697&min_rtt=2464&rtt_var=663&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4207&recv_bytes=5685&delivery_rate=1016&cwnd=12000&unsent_bytes=0&cid=27134edafd5dbf91&ts=573&x=1" cfExtPri cfHdrFlush;dur=0 vary accept-encoding
GET H3	200	ser10_678301ca7598f.js Show response svntrk.com/assets/	0 758 B	72ms 55ms	Script text/javascript	2606:4700:3036::6815:523e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://svntrk.com/assets/ser10_678301ca7598f.js Requested by Host: findnewgf2025.pp.ru URL: https://findnewgf2025.pp.ru/?s1=ser10 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:523e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://findnewgf2025.pp.ru/ Response headers cache-control no-cache, private nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status BYPASS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vs6MtaMg1%2BO300QT6dROADt%2B5AK67CxQfcY0i5N3FpUDo6hm5yQ68HN%2BWqG09keyXrnRMacF%2FXKPgjyxzg1HfxBKNokpQ8KBHtOGPkhnrfaMDKiE4zBmcm4lkSrWJKBR5dR%2FbsLQ5tdK"}],"group":"cf-nel","max_age":604800} cf-ray 9008c2d2784e4366-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=4617&min_rtt=3196&rtt_var=2253&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4094&recv_bytes=4392&delivery_rate=852&cwnd=12000&unsent_bytes=0&cid=3827e3bd7722df61&ts=60&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 23:42:02 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding server cloudflare priority u=1,i=?0
GET H3	200	fp.v3.646d4b3deea4287def3fdfc18906bcc7.js Show response findnewgf2025.pp.ru/scripts/	39 KB 17 KB	19ms 18ms	Script application/javascript	2606:4700:3036::6815:20a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://findnewgf2025.pp.ru/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js Requested by Host: findnewgf2025.pp.ru URL: https://findnewgf2025.pp.ru/?s1=ser10 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:20a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://findnewgf2025.pp.ru/?s1=ser10 Response headers content-encoding zstd cf-cache-status HIT etag W/"676417fe-9ca8" age 6856 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wLWxiwowLfVanRvvtP1ieM9eGYt4S7utGN4QhfS39LrmlHCwO%2BxfOjKWbpqRGaeRVo%2BlqbM6lSa5d4gNTP7o3rrp2Om9q3HS8y7ZYagGzAcqx4t16K3kyc2s%2BGtbCw0thnANMH5QnQGIK5I01coYiz5l"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3095&min_rtt=2464&rtt_var=955&sent=20&recv=17&lost=0&retrans=0&sent_bytes=8252&recv_bytes=8161&delivery_rate=1167887&cwnd=12000&unsent_bytes=0&cid=27134edafd5dbf91&ts=601&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 23:42:02 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 19 Dec 2024 12:56:30 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 9008c2d26c934345-EWR server cloudflare
GET H2	200	css2 fonts.googleapis.com/	5 KB 1 KB	42ms 25ms	Stylesheet text/css	2607:f8b0:4006:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900&display=swap Requested by Host: findnewgf2025.pp.ru URL: https://findnewgf2025.pp.ru/?s1=ser10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f090d8d164f2fc67945ebb12af1d676601f85beb10005e7402d49119f8b90c92 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://findnewgf2025.pp.ru/ Response headers content-encoding gzip x-content-type-options nosniff expires Sat, 11 Jan 2025 23:42:02 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 11 Jan 2025 23:42:02 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Sat, 11 Jan 2025 23:05:48 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	vendor.19512b0b4d67cbaad1358b86cb9505ec.css findnewgf2025.pp.ru/landings/135en/fonts/	15 KB 5 KB	502ms 502ms	Stylesheet text/css	2606:4700:3036::6815:20a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://findnewgf2025.pp.ru/landings/135en/fonts/vendor.19512b0b4d67cbaad1358b86cb9505ec.css Requested by Host: findnewgf2025.pp.ru URL: https://findnewgf2025.pp.ru/?s1=ser10 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:20a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 321c74dceb470d0b9cecab73a4bb674f7976f2cdb93a94360cfc58fcab7a7103 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://findnewgf2025.pp.ru/?s1=ser10 Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status REVALIDATED etag W/"676417f8-3bee" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RsVJYKeUWrkxC86dTL35LiiSkGrVJQkmBoXllOyn7rtTg8GgMVKQeW4xKI%2Bc1s0uMk609%2BYK04PPFr%2F8Tp6u13J5KpqslQmF3Te%2FCumMY%2F9iTgKtvxAAX3sdt5%2BUC8y6N8j%2BKUmggwTsPyhX4%2FmP4v6c"}],"group":"cf-nel","max_age":604800} cf-ray 9008c2d26c964345-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3007&min_rtt=2318&rtt_var=494&sent=36&recv=25&lost=0&retrans=0&sent_bytes=25785&recv_bytes=8505&delivery_rate=373935&cwnd=22800&unsent_bytes=0&cid=27134edafd5dbf91&ts=1083&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 23:42:03 GMT content-type text/css last-modified Thu, 19 Dec 2024 12:56:24 GMT vary Accept-Encoding priority u=0,i=?0
GET H3	200	vendor.7dfeea45f797bb8e07794a39fb3df51d.js Show response findnewgf2025.pp.ru/landings/135en/js/	96 KB 36 KB	520ms 519ms	Script application/javascript	2606:4700:3036::6815:20a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://findnewgf2025.pp.ru/landings/135en/js/vendor.7dfeea45f797bb8e07794a39fb3df51d.js Requested by Host: findnewgf2025.pp.ru URL: https://findnewgf2025.pp.ru/?s1=ser10 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:20a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc17ef584891fad58e30628d33483c017c742530392abbf8513db5e0b57ec243 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://findnewgf2025.pp.ru/?s1=ser10 Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status REVALIDATED etag W/"676417f8-180c1" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wchWl8a2SVN1vZ7KhUiXY4JT7FmM0dyA2TapBXnDuBqduW3FYrbu2mWvEVKWPUYWt8aXvZJqLCkONQAoUNxjPB772WidsTzzvRYHtk6Q2K3SLmsrymT%2B9w4Fc0pW6gnqqBjIsDwb8uCBoLpVkUayqhEl"}],"group":"cf-nel","max_age":604800} cf-ray 9008c2d26c974345-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2957&min_rtt=2318&rtt_var=276&sent=42&recv=28&lost=0&retrans=0&sent_bytes=31450&recv_bytes=8634&delivery_rate=2014452&cwnd=22800&unsent_bytes=0&cid=27134edafd5dbf91&ts=1102&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 23:42:03 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 19 Dec 2024 12:56:24 GMT vary Accept-Encoding priority u=1,i=?0
GET H3	200	adult.svg findnewgf2025.pp.ru/landings/135en/img/	2 KB 2 KB	530ms 529ms	Other image/svg+xml	2606:4700:3036::6815:20a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://findnewgf2025.pp.ru/landings/135en/img/adult.svg Requested by Host: findnewgf2025.pp.ru URL: https://findnewgf2025.pp.ru/?s1=ser10 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:20a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb56adcad296be242651c210f94f4f80da517edcf662fdf7940f391f6d75b4f0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://findnewgf2025.pp.ru/?s1=ser10 Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status REVALIDATED etag W/"676417f8-82e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q4OOQezu%2BdO9ssblYhM7%2FmeH06STIHKrI37qvSXkTOF%2B5eYSUhe0IoSy56XnSr71ilUSuWNfA7yJalqc6zU41BfaWfA7nAurv%2FVuAoo7BPmgly8lXAiWyVoqaX4P9YHuE%2F5KJjcNSs4jYAtZ6DlA8R9k"}],"group":"cf-nel","max_age":604800} cf-ray 9008c2d5c8764345-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3155&min_rtt=2318&rtt_var=394&sent=116&recv=49&lost=0&retrans=0&sent_bytes=112789&recv_bytes=12644&delivery_rate=3724&cwnd=42000&unsent_bytes=0&cid=27134edafd5dbf91&ts=1648&x=1", cfExtPri, cfHdrFlush;dur=3 date Sat, 11 Jan 2025 23:42:03 GMT content-type image/svg+xml last-modified Thu, 19 Dec 2024 12:56:24 GMT vary Accept-Encoding priority u=3,i
GET H3	200	location.svg findnewgf2025.pp.ru/landings/135en/img/	2 KB 2 KB	523ms 523ms	Other image/svg+xml	2606:4700:3036::6815:20a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://findnewgf2025.pp.ru/landings/135en/img/location.svg Requested by Host: findnewgf2025.pp.ru URL: https://findnewgf2025.pp.ru/?s1=ser10 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:20a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f044bcdcbc55fdd8ceae161a7a717061ef2eba6f27117e959b698667ec7ff6ec Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://findnewgf2025.pp.ru/?s1=ser10 Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status REVALIDATED etag W/"676417f8-66e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FHb3t3s3KjuBp64419YdmK9JSOqMzxlnE1gFcqAVNydTtWWaKBHv%2B2EsjtlO8UPYZ%2BdFUJMcwab9Src%2Bjcq2v3KB3e2jayKZ0rQWOJj758hOp5oTja8gXa9mmKfHgvct0YqLqgUC70c3AwNk6bpgH0hM"}],"group":"cf-nel","max_age":604800} cf-ray 9008c2d5c8774345-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3216&min_rtt=2318&rtt_var=363&sent=80&recv=48&lost=0&retrans=0&sent_bytes=70840&recv_bytes=12600&delivery_rate=822228&cwnd=42000&unsent_bytes=0&cid=27134edafd5dbf91&ts=1646&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 23:42:03 GMT content-type image/svg+xml last-modified Thu, 19 Dec 2024 12:56:24 GMT vary Accept-Encoding priority u=3,i
GET H3	200	zodiac-sign.svg findnewgf2025.pp.ru/landings/135en/img/	2 KB 2 KB	521ms 521ms	Other image/svg+xml	2606:4700:3036::6815:20a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://findnewgf2025.pp.ru/landings/135en/img/zodiac-sign.svg Requested by Host: findnewgf2025.pp.ru URL: https://findnewgf2025.pp.ru/?s1=ser10 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:20a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b28ea1324c0616de3cc3772528cbdde5f96a82c28257cf5f00fe787bbb518658 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://findnewgf2025.pp.ru/?s1=ser10 Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status REVALIDATED etag W/"676417f8-8c0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ObIkBBYzKZSVxEKf7LFuR6%2FNl4eNK6l%2ByoecFwaK1iC1NR3s0gwbjcBo25WN89Ru%2BW4bnQUbrlAPnrKw92SYz0r%2FITm1T3tGXsqxg8H7P1w3EsTAXxv6zPmbv5vgtse8qF%2BqLdKs4TpD1972HtJgum7E"}],"group":"cf-nel","max_age":604800} cf-ray 9008c2d5c87a4345-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3216&min_rtt=2318&rtt_var=363&sent=77&recv=48&lost=0&retrans=0&sent_bytes=68866&recv_bytes=12600&delivery_rate=822228&cwnd=42000&unsent_bytes=0&cid=27134edafd5dbf91&ts=1643&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 23:42:03 GMT content-type image/svg+xml last-modified Thu, 19 Dec 2024 12:56:24 GMT vary Accept-Encoding priority u=3,i
GET H3	200	bg.jpg findnewgf2025.pp.ru/landings/135en/img/	139 KB 140 KB	523ms 523ms	Image image/jpeg	2606:4700:3036::6815:20a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://findnewgf2025.pp.ru/landings/135en/img/bg.jpg Requested by Host: findnewgf2025.pp.ru URL: https://findnewgf2025.pp.ru/landings/135en/fonts/vendor.19512b0b4d67cbaad1358b86cb9505ec.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:20a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7150998db1bfcee3bbfcc7be0851a5775bcace7e8d16b72bf185fa186906dec Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://findnewgf2025.pp.ru/landings/135en/fonts/vendor.19512b0b4d67cbaad1358b86cb9505ec.css Response headers cf-cache-status REVALIDATED etag "676417f8-22d24" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4qjVaoPY%2FcsFon1glw8F%2FeNaNR%2BEZ3uYxNGT3zy8EX6ImPlZYVOKYCnDYqZwvNqXDLZnpOQWmfRGCX%2FiZ0qObYluzoakOtGZetLYVKeoEUxlCIzGmKq4jIeOGvkYIxjF3xW%2FaumDigRaTai1eUUUE434"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3155&min_rtt=2318&rtt_var=394&sent=82&recv=49&lost=0&retrans=0&sent_bytes=72472&recv_bytes=12644&delivery_rate=3724&cwnd=42000&unsent_bytes=0&cid=27134edafd5dbf91&ts=1646&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 23:42:03 GMT content-type image/jpeg last-modified Thu, 19 Dec 2024 12:56:24 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 9008c2d5c87c4345-EWR accept-ranges bytes content-length 142628 server cloudflare
GET H3	200	UcCo3FwrK3iLTcviYwY.woff2 fonts.gstatic.com/s/inter/v18/	71 KB 71 KB	19ms 5ms	Font font/woff2	2607:f8b0:4006:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v18/UcCo3FwrK3iLTcviYwY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 94ebe9c247ba14fd314a779358315f3e9dd2356c0e8070f42b208db2d5e21d6a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://findnewgf2025.pp.ru Referer https://fonts.googleapis.com/ Response headers age 297528 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 08 Jan 2026 13:03:15 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 08 Jan 2025 13:03:15 GMT last-modified Mon, 29 Jul 2024 22:45:17 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 73080 x-xss-protection 0 server sffe
GET		identifier accounts.google.com/v3/signin/ Redirect Chain https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en https://accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AVdkyDnVxuUYaPPmm_KSgJ-GUkaBu5fYobx-QHdrdtlj4WdP3MY... https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AVdkyDk21DxA-ZKpB3EFcELD8mU3APJPY...	0 0
GET		like.php www.facebook.com/v14.0/plugins/	0 0
GET H3	200	favicon.webp findnewgf2025.pp.ru/landings/135en/img/	554 B 1 KB	29ms 29ms	Other image/webp	2606:4700:3036::6815:20a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://findnewgf2025.pp.ru/landings/135en/img/favicon.webp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:20a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ecee7c3dcb0bae59e31d40c9e42af5efeab639d62d93e8aed9a469fc5ef36e5a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://findnewgf2025.pp.ru/?s1=ser10 Response headers cf-cache-status HIT etag "6764179b-22a" age 6570 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sgQ0OuSq7OLD44yfsouI%2BXc5q280wvTF3gq2t44bA3lRvJa1VVWzCO8HdfmLv%2F96db1McGoL7pHpg1tOqmVJevMtl92UgJPdNeWcb32b9vhuzGae220%2Bqcprs%2FbGo%2FnvY%2FQ2ugDHBXMMSpiAExgMJXsL"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9134&min_rtt=2318&rtt_var=2676&sent=226&recv=94&lost=16&retrans=16&sent_bytes=240190&recv_bytes=15458&delivery_rate=3646928&cwnd=65099&unsent_bytes=0&cid=27134edafd5dbf91&ts=1698&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 11 Jan 2025 23:42:03 GMT content-type image/webp last-modified Thu, 19 Dec 2024 12:54:51 GMT vary Accept-Encoding priority u=1,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 9008c2d94c214345-EWR accept-ranges bytes content-length 554 server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

accounts.google.com

URL

https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AVdkyDk21DxA-ZKpB3EFcELD8mU3APJPYv66NpP4Sdc4OZTxaxo5gs36E2FwBMPAWiSV5mVz7Y7BJg&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-147226014%3A1736638923871637&ddm=1

Domain

www.facebook.com

URL

https://www.facebook.com/v14.0/plugins/like.php

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FingerprintJS function| getScreenInfo function| getUserAgent function| getLanguages function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| picassoCanvas function| picasso function| getVideoCardInfo function| deviceOrientationHandler string| thirdParty object| fpPromise function| openPopup function| clickButton function| nextStep function| getTimezone function| $ function| jQuery boolean| sf

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			findnewgf2025.pp.ru/	1970-01-21 02:24:06	Name: XSRF-TOKEN Value: eyJpdiI6IktGalc3aVNnd3A4TU9XQzJ1T3lqalE9PSIsInZhbHVlIjoiMzU0Y3A3eWYrUTh4ZEZkNWFJQ2pWM05NbUdQajlNN05pZEIzbE10ZmN3LzYvLys5QmJEaWtsQTJVU20zMmpydSIsIm1hYyI6IjQyOTMwY2E3MGU1ZWQ2NTAwZWRkNmM2NDQ1MzIwODZiNjA1NDRkMGE3YmUwY2ViOWQ0YzM3ZGYxZDMzYWVhNDgifQ%3D%3D
			findnewgf2025.pp.ru/	1970-01-21 02:24:06	Name: laravel_session Value: eyJpdiI6IldhaXJJN21nb2oxQXJDaEhod2hGWUE9PSIsInZhbHVlIjoiQ2UrMW90UllBVUxBam5kUWRtQmRsd0RkMEtEN3JKUVNpOVc5cFlHOEFKeXhKVzBBa3Q3SGpwS2pScFIydkZsViIsIm1hYyI6ImNiNDk3MWU0MjA0ZTRlMTk0ZmI4MDRjOGE3NGFjOThkMzc3OWI3MTNkZDNkZjZkZTVkNTZhODBiZWJhZjFjNjUifQ%3D%3D
			findnewgf2025.pp.ru/	1969-12-31 23:59:59	Name: SRVNAME Value: w2
			svntrk.com/	1969-12-31 23:59:59	Name: svnimp Value: 678301caa56fa

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://findnewgf2025.pp.ru/?s1=ser10(Line 109) Message: Mixed Content: The page at 'https://findnewgf2025.pp.ru/?s1=ser10' was loaded over HTTPS, but requested an insecure element 'http://findnewgf2025.pp.ru/landings/135en/img/adult.svg#adult'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://findnewgf2025.pp.ru/?s1=ser10(Line 117) Message: Mixed Content: The page at 'https://findnewgf2025.pp.ru/?s1=ser10' was loaded over HTTPS, but requested an insecure element 'http://findnewgf2025.pp.ru/landings/135en/img/location.svg#location'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://findnewgf2025.pp.ru/?s1=ser10(Line 124) Message: Mixed Content: The page at 'https://findnewgf2025.pp.ru/?s1=ser10' was loaded over HTTPS, but requested an insecure element 'http://findnewgf2025.pp.ru/landings/135en/img/zodiac-sign.svg#zodiac'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering	warning	URL: https://findnewgf2025.pp.ru/?s1=ser10 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0C03301D42B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://findnewgf2025.pp.ru/?s1=ser10 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F03301D42B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
angelica.erkjaepolybeq.ru.com
findnewgf2025.pp.ru
fonts.googleapis.com
fonts.gstatic.com
svntrk.com
www.facebook.com
accounts.google.com
www.facebook.com
2606:4700:3035::ac43:9f2f
2606:4700:3036::6815:20a6
2606:4700:3036::6815:523e
2607:f8b0:4006:821::2003
2607:f8b0:4006:824::200a
321c74dceb470d0b9cecab73a4bb674f7976f2cdb93a94360cfc58fcab7a7103
611705634c9ee279cf2798765a9e098922b51e0049ec25796f80db3d48909bce
94ebe9c247ba14fd314a779358315f3e9dd2356c0e8070f42b208db2d5e21d6a
98556b5d30af3c7860a4826ffb3586176ae36a215260b6399f62925d586943ab
9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c
b28ea1324c0616de3cc3772528cbdde5f96a82c28257cf5f00fe787bbb518658
bd2a5de647314109e3071a6d5c9045905bdee4e189f6155ea4302f9b40ada834
cb56adcad296be242651c210f94f4f80da517edcf662fdf7940f391f6d75b4f0
d7150998db1bfcee3bbfcc7be0851a5775bcace7e8d16b72bf185fa186906dec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecee7c3dcb0bae59e31d40c9e42af5efeab639d62d93e8aed9a469fc5ef36e5a
f044bcdcbc55fdd8ceae161a7a717061ef2eba6f27117e959b698667ec7ff6ec
f090d8d164f2fc67945ebb12af1d676601f85beb10005e7402d49119f8b90c92
fc17ef584891fad58e30628d33483c017c742530392abbf8513db5e0b57ec243