friendr.info Open in urlscan Pro
2606:4700:3035::ac43:dab7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://photo.l1a4.com/ch4Zki0
Effective URL:
https://friendr.info/geo/jollygirls/main/
Submission: On February 01 via manual (February 1st 2023, 6:22:04 pm UTC) from IT — Scanned from IT

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 8 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3035::ac43:dab7, located in United States and belongs to CLOUDFLARENET, US. The main domain is friendr.info.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 10th 2022. Valid for: a year.

This is the only time friendr.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.135.33.74 194.135.33.74	213373 (IPCONNECT) (IPCONNECT)
1 1	64.227.23.114 64.227.23.114	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	99.198.108.194 99.198.108.194	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 3	51.68.85.158 51.68.85.158	16276 (OVH) (OVH)
1 1	34.141.137.168 34.141.137.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	162.209.115.23 162.209.115.23	27357 (RACKSPACE) (RACKSPACE)
1 1	35.204.226.246 35.204.226.246	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	2606:4700:303... 2606:4700:3035::ac43:dab7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	3

1 194.135.33.74 (Czech Republic) 1 redirects

ASN213373 (IPCONNECT, SC)
PTR: retail-desired.fareastmix.com

photo.l1a4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.23.114 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

polo.thegadgetguru.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.198.108.194 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

monkey.redirectmaster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.68.85.158 (France) 2 redirects

ASN16276 (OVH, FR)

www.turbotrck.art	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.141.137.168 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.137.141.34.bc.googleusercontent.com

admoustache.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.209.115.23 (Toms River, United States) 1 redirects

ASN27357 (RACKSPACE, US)

track.clickeoads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.226.246 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.226.204.35.bc.googleusercontent.com

s3.afflist.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3035::ac43:dab7 (United States)

ASN13335 (CLOUDFLARENET, US)

friendr.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	friendr.info friendr.info	270 KB
3	turbotrck.art 2 redirects www.turbotrck.art	6 KB
3	redirectmaster.com monkey.redirectmaster.com	7 KB
1	afflist.net 1 redirects s3.afflist.net — Cisco Umbrella Rank: 468857	368 B
1	clickeoads.com 1 redirects track.clickeoads.com	252 B
1	go2affise.com 1 redirects admoustache.go2affise.com	235 B
1	thegadgetguru.club 1 redirects polo.thegadgetguru.club — Cisco Umbrella Rank: 606155	295 B
1	l1a4.com 1 redirects photo.l1a4.com	318 B
18	8

	Domain	Requested by
14	friendr.info	www.turbotrck.art friendr.info
3	www.turbotrck.art	2 redirects monkey.redirectmaster.com
3	monkey.redirectmaster.com	monkey.redirectmaster.com
1	s3.afflist.net	1 redirects
1	track.clickeoads.com	1 redirects
1	admoustache.go2affise.com	1 redirects
1	polo.thegadgetguru.club	1 redirects
1	photo.l1a4.com	1 redirects
18	8

This site contains no links.

Subject Issuer	Validity	Valid
monkey.redirectmaster.com R3	`2023-01-11` - `2023-04-11`	3 months	crt.sh
www.turbotrck.art R3	`2022-12-30` - `2023-03-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://friendr.info/geo/jollygirls/main/
Frame ID: E250BEDD2824E111E5E889011E6B636C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🎄 Jolly Girls

Page URL History Show full URLs

http://photo.l1a4.com/ch4Zki0 HTTP 302
https://polo.thegadgetguru.club/?k=4123f996a295663f7e7f12aa20e07876&type=mainstream&subtype=global HTTP 302
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
https://monkey.redirectmaster.com/?utm_term=7195254416314728493&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
https://monkey.redirectmaster.com/proc.php?6b44c5f7e732f95e488b59e1386a327ecc0f2f14 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7195254416314728493&website... Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7195254416314728493&website... HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7195254416314728493&website... HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000d35f7b3f1111e0d1defbcf3730a... HTTP 302
https://track.clickeoads.com/310216954?sub1=63daadc6028bcf00016ca7e2&sub2=503 HTTP 307
https://s3.afflist.net/click?pid=1316&offer_id=1208&ref_id=6d64eb7f39521a629a8cdb59 HTTP 302
https://friendr.info/geo/jollygirls/main/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

3
IPs

4
Countries

283 kB
Transfer

398 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://photo.l1a4.com/ch4Zki0 HTTP 302
https://polo.thegadgetguru.club/?k=4123f996a295663f7e7f12aa20e07876&type=mainstream&subtype=global HTTP 302
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
https://monkey.redirectmaster.com/?utm_term=7195254416314728493&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673 Page URL
https://monkey.redirectmaster.com/proc.php?6b44c5f7e732f95e488b59e1386a327ecc0f2f14 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7195254416314728493&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7195254416314728493&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673&eyeg=446adcf63e0f492872c6631707f45c39&eyer=0.07620799701995451&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7195254416314728493&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673&eyeg=3&eyer=0.07620799701995451&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000d35f7b3f1111e0d1defbcf3730aea8df0201-202302-flb*5564921-b2be6*M7195254416314728493*sl_5564921-b2be6*093faff9e478b254c662589b5c97012ff81c060e*4400-bd34abaz*4400 HTTP 302
https://track.clickeoads.com/310216954?sub1=63daadc6028bcf00016ca7e2&sub2=503 HTTP 307
https://s3.afflist.net/click?pid=1316&offer_id=1208&ref_id=6d64eb7f39521a629a8cdb59 HTTP 302
https://friendr.info/geo/jollygirls/main/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://photo.l1a4.com/ch4Zki0 HTTP 302
https://polo.thegadgetguru.club/?k=4123f996a295663f7e7f12aa20e07876&type=mainstream&subtype=global HTTP 302
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
monkey.redirectmaster.com/
Redirect Chain

http://photo.l1a4.com/ch4Zki0
https://polo.thegadgetguru.club/?k=4123f996a295663f7e7f12aa20e07876&type=mainstream&subtype=global
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

3 KB
2 KB

640ms
200ms

Document
text/html

99.198.108.194
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.2.0

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 01 Feb 2023 18:21:57 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://monkey.redirectmaster.com/?utm_term=7195254416314728493&ver=4viyaptcjo
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Feb 2023 18:21:56 GMT
Location: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server: nginx/1.16.1 (Ubuntu)

GET
H2 200 / Show response
monkey.redirectmaster.com/ 8 KB
3 KB 176ms
176ms Document
text/html 99.198.108.194
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://monkey.redirectmaster.com/?utm_term=7195254416314728493&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673

Requested by

Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.2.0

Resource Hash

1404ef76f8194ac4b05bc9803c8570e0fa4986b3cf5430ad8f342873041cc3c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 01 Feb 2023 18:21:57 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H2 200 proc.php
monkey.redirectmaster.com/ 3 KB
2 KB 142ms
141ms Document
text/html 99.198.108.194
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://monkey.redirectmaster.com/proc.php?6b44c5f7e732f95e488b59e1386a327ecc0f2f14

Requested by

Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_term=7195254416314728493&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.2.0

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://monkey.redirectmaster.com/?utm_term=7195254416314728493&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 01 Feb 2023 18:21:57 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7195254416314728493&website=4400-bd34abaz&placement=4400
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H/1.1 200
OK /
www.turbotrck.art/ 5 KB
5 KB 145ms
27ms Document
text/html 51.68.85.158
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7195254416314728493&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Requested by: Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/proc.php?6b44c5f7e732f95e488b59e1386a327ecc0f2f14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://monkey.redirectmaster.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Accept-CH: Sec-CH-UA-Platform-Version
Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Wed, 01 Feb 2023 18:21:58 GMT
Transfer-Encoding: chunked

GET
H2

200

Primary Request / Show response
friendr.info/geo/jollygirls/main/
Redirect Chain

https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7195254416314728493&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858...
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7195254416314728493&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858...
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000d35f7b3f1111e0d1defbcf3730aea8df0201-202302-flb*5564921-b2be6*M7195254416314728493*sl_5564921-b2be6*093faff9e478b2...
https://track.clickeoads.com/310216954?sub1=63daadc6028bcf00016ca7e2&sub2=503
https://s3.afflist.net/click?pid=1316&offer_id=1208&ref_id=6d64eb7f39521a629a8cdb59
https://friendr.info/geo/jollygirls/main/

5 KB
1 KB

395ms
39ms

Document
text/html

2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friendr.info/geo/jollygirls/main/
Requested by: Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7195254416314728493&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2339e7a1ce6860418e351494dc91782241d11acfd18e7376130b5c88fbc814dc

Request headers

Referer: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7195254416314728493&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 5596
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 792cb5c269ee37e3-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 01 Feb 2023 18:22:00 GMT
last-modified: Wed, 01 Feb 2023 16:48:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgXzNAODq2pcHq3Vpmj2d31bPe21TYmJjOjDa5C4P8IPT3SPKzEvgLuxhwETboMXV9gJ4LiRDELkFZTv3qZSDkXbNdGBHrfe9Ej%2FSJXF%2FyCeD3oFajC6bRVx7%2BDsG0MEgVn4LL4w2k3u8Ck%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Wed, 01 Feb 2023 18:21:59 GMT
location: https://friendr.info/geo/jollygirls/main/#b=1208&v=63daadc760a757000157af32&a=1316&sub1=&sub2=&platform=affise&affcountry=IT&push=true&noRedir=true
server: nginx
x-adjust-use-original-forwarded-for: 1

GET
H2 200 style.css
friendr.info/static/friendr_info/jollygirls/assets/ 2 KB
958 B 36ms
35ms Stylesheet
text/css 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friendr.info/static/friendr_info/jollygirls/assets/style.css
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2801274469484fa047c5ba0c066e80e9db65d0a922cd80be433c9d31c57871e6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:22:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 17:42:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5596
etag: W/"173e3b520bd0e600-7d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUV1fNklF9G4A6RSqWxk2ymVjS9ZB4l9R7gG9ygzs1xW8Q4gThC9tVTCgRmjbxiovZkZQMVC3W%2BQF53RMCz7p%2FnHe%2BfiPVHat1aWLiPLbmZ9KVELPv0QKPpsfX7u850WF0tdK04IYnuXRgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 792cb5c2ba8e37e3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-1.12.1.min.js Show response
friendr.info/static/js/ 95 KB
34 KB 44ms
43ms Script
text/javascript 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friendr.info/static/js/jquery-1.12.1.min.js
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed95f702685545e4a5ec11684bab1be8040dd33959493c28ce110e47d188ad46

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:22:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 17:42:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4069
etag: W/"173e3b520bd0e600-17c7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeftlXhnFoZGz0eIDMHzQGFm4fw7TaFBaJXzHXnLO69llBPWbCkTjlmAvIoDxZVhASKeOOuYBgmgWsXuLDK0IpLUS%2BbWns8gtMtW5dQUaM7tkfWQ4AqGdjhJt%2FupqQnoKRyYx3sDU4icML8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 792cb5c2ba9137e3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pandoraWeb.0.1.js Show response
friendr.info/static/js/ 40 KB
12 KB 41ms
40ms Script
text/javascript 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friendr.info/static/js/pandoraWeb.0.1.js
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baa7dbe55a3d3fb18ccce00e05f817d7cbe591a76fb36cd333b59132511a25ee

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:22:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 17:42:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4069
etag: W/"173e3b520bd0e600-9ea4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MznumUNZhzZtVQ8%2BUJo4PRFYcy19aeFy%2F%2BOcqNK37zy5xc%2Bv3FOIZ6F0%2B1nX74pwxSAVXmVuaLvgn2gsx0cyu5KV%2FmXsLzpyhU%2BHJc2OVgUFVbj%2FGlpadXppuFWHwsqNWDLxOoZ%2B3JuyIxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 792cb5c2ba9237e3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Logo.png
friendr.info/static/friendr_info/jollygirls/assets/ 2 KB
3 KB 34ms
34ms Image
image/png 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/assets/Logo.png
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d1480fe20487bc5ef21c1b033967ccc47676e767310cd31e7d15a6e975e464e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:22:00 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 17:42:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4703
etag: "173e3b520bd0e600-8f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0TDwJlEw2F4aRjhvky8zDed%2FO5K96yw0Im6hcEExDGNDjSQ8Foz6ChckZGwp0Ie%2B1lbCzEMLXY3ZnSQk%2B5FXRd2IH2Ko%2FDAmkKYZ%2FYkEWCuQ9aNItDILE3%2FovbnSOyvx0GJ%2FHlJeTTXj58%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 792cb5c2fe16bb1d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2294

GET
H3 200 1.png
friendr.info/static/friendr_info/jollygirls/main/ 48 KB
48 KB 65ms
65ms Image
image/png 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/main/1.png
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0be54d784712cefda9cf905286bc262360dfca1421d2f44ae2a4a9c18e015d81

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:22:00 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 17:42:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1937
etag: "173e3b520bd0e600-bf3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCCLKGY4tuXCXX9wNx5XSmE1qxW06mh1s18h7y3LkL3P0EAbJTw5C5G4bRJk63Ta9uXfrsMHHNyMhJ%2FREu%2B8Qck%2B1jOAx0x5Aa8A1ROyBMjQX5CmyoFNF73SNtfwE7RQmwfcLqfTE%2BCGmjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 792cb5c32e78bb1d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48955

GET
H3 200 checkmark.svg
friendr.info/static/friendr_info/jollygirls/assets/ 726 B
917 B 31ms
30ms Image
image/svg+xml 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/assets/checkmark.svg
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c247993ed6ecaec285ef6ced155f6fb01a850d79107a051c0b146e297a615c9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:22:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 17:42:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3924
etag: W/"173e3b520bd0e600-2d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6EiettaeB9Hi%2BbUurIOVrX6b7T%2Fn3F4RN3Ga5UT1N5QuG3Jt%2BM4JntGYsOHeyMB735%2Fp48t6uAvicFHpZklVX4GECr1C5LWVlls2aip%2FLyS2bqKjUA2NgDT3BjQRejprmGPCNrexRIZY0Uw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 792cb5c33e99bb1d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 call.svg
friendr.info/static/friendr_info/jollygirls/assets/ 2 KB
2 KB 80ms
79ms Image
image/svg+xml 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/assets/call.svg
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52460ff45bd4b623016d1cec29d8c96b94ac81f1e787b7bdf57c0b9dfd272e88

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:22:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 17:42:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3922
etag: W/"173e3b520bd0e600-8b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rVM0jXliqA9df1%2BmsFMFpHE65ajwW9A7gnqRtVNhmWnKYUjvsTR%2BIyVFLGiW4AY5i52cqdSdR6WrTaa6VoAEYvcpR7vBiupRPCWwJ4nbGxNUIA0mDI0EGoNUhf7JYfpa9zfesN2xF%2F4Sro%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 792cb5c33e9ebb1d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 2.png
friendr.info/static/friendr_info/jollygirls/main/ 47 KB
48 KB 56ms
55ms Image
image/png 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/main/2.png
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c752632854e9239e6ec97d150fa20de2a0ea2f5f224be8b64d2f61e154bdd7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:22:00 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 17:42:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4703
etag: "173e3b520bd0e600-bdf1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puk4kEjdRO8k2Z3YWRJ7a%2BMd%2FSVwtNkyATUHe%2BvGsfFfrX9KxYoMGDmndL5tUkNoIm859uYCQa1%2Fw0c5UiUc6haoQwf995Zhv8dyEJ6GNfX68Wy7uDSIzwo7nzyJ9aiJnHhE5Wtvf%2FYClmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 792cb5c33ea0bb1d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48625

GET
H3 200 3.png
friendr.info/static/friendr_info/jollygirls/main/ 53 KB
53 KB 32ms
31ms Image
image/png 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/main/3.png
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d696bb4eb5b0886f39c5349369a73377b4ed20efd233e03210781e643328a834

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:22:00 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 17:42:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4703
etag: "173e3b520bd0e600-d3cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxSIECvulC8LeacOTLTDggxVrh%2B3yUqWcFaq8Fvbi6Pz4TpvzZ0Z4LDDb97rvSEUuyj4t5wvwk4bBypj4n0SM%2BGGeYGd0mcTqhXtaExezGcLYcb39fuIohxzedUBtofaEb0%2Frki04LM2n8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 792cb5c33ea6bb1d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54220

GET
H3 200 4.png
friendr.info/static/friendr_info/jollygirls/main/ 57 KB
57 KB 103ms
102ms Image
image/png 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/main/4.png
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd395cd6cc2e1be29b5ff8492fa8ffed3932e8150aebc346940155ff622c0330

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:22:00 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 17:42:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4370
etag: "173e3b520bd0e600-e335"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQKp3NSqjEGztQOLVI2zXgporHARKvrGXvT82JDIR3T8X55ou0YmyJDLSjwLURaXep7%2B%2Fv%2B5EKuJTndteWtELAYSit6T6EBfjz2tRfIJfuZ5co8YHevMdt1G%2Fk7NTBFOq22vN%2FDuHIIqXPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 792cb5c33ea9bb1d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58165

GET
H3 200 bg-button.svg
friendr.info/static/friendr_info/jollygirls/assets/ 18 KB
7 KB 123ms
123ms Image
image/svg+xml 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friendr.info/static/friendr_info/jollygirls/assets/bg-button.svg
Requested by: Host: friendr.info
URL: https://friendr.info/geo/jollygirls/main/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7670253ced562b7f3fc34a41fc844abfefacac3bb93d2ae49dde32d99e6351a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:22:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 17:42:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3922
etag: W/"173e3b520bd0e600-46f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBMFpGYJ4okPYi%2FNMJYeM%2BY8lCmM5W%2FTUg%2FqyUZDRjJocU4bh7IHr7QYdxj8Cag8uLBgnP6e9iKcM6%2FNwLuPL5j%2BYFFXu8Uw9SLMjiVqiEVgyOanQ6Oj7dl05wK3v1pUqACGg3oX7%2FF%2FOSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 792cb5c33eabbb1d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 style-fama.css
friendr.info/ 7 KB
2 KB 117ms
117ms Stylesheet
text/css 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friendr.info/style-fama.css
Requested by: Host: friendr.info
URL: https://friendr.info/static/js/jquery-1.12.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7fac70d01f49dc79fba2e84a651913c761b0ca7399c86d52b47be57f321077

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://friendr.info/geo/jollygirls/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:22:00 GMT
via: 1.1 5f0e68f33526ad0b79de5ce0fc54f62a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR61-P3
age: 440
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 08 Jun 2021 10:51:09 GMT
server: cloudflare
etag: W/"6eb837c1646703f52e43119b84a44032"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzzEi7tSOPltLnfAaRR6gbVGHcCERr%2Fu6r03Le0TQ3%2FDCVtL1iIhNR1zwXS6w2DNv3uYfAHhVh6Kha5pez9MrepyyUN1z6RQU0855U6HS0RAA5PudMaaw%2BA11j1rj4NJoz26Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 792cb5c33ec1bb1d-MXP
x-amz-cf-id: PW3F3w06fhYRijoNyJL60gjvNWiA3MOCDIKRe-2xleNiF24wA3Rb6w==

POST
H3 201 assignation Show response
friendr.info/api/voice/ 335 B
825 B 166ms
166ms XHR
application/json 2606:4700:3035::ac43:dab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friendr.info/api/voice/assignation
Requested by: Host: friendr.info
URL: https://friendr.info/static/js/jquery-1.12.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b078d1d7f5664506752f261a654e26c6da52db77852e8877626829926dd1e6a3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://friendr.info/geo/jollygirls/main/
X-Requested-With: XMLHttpRequest
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 01 Feb 2023 18:22:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"14f-fQ2kbh2BZotxit+4aV6qWrsDeNs"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FH4LAHLa2MRT7629N3RUVHgDkmQi1Qgwc11NxngrjXuqYqKWPW8IxEqW%2F1l0qiqdJiovf0owTDeK31wVNpVjeL%2BQMaEL%2FZdlNMjaIUOzYJoshhUJs8FiW%2BGSk7LdfOJNpDan3PP4KGqUITM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 792cb5c34ec9bb1d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 335

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
monkey.redirectmaster.com/	1970-01-20 18:06:51	Name: u Value: 4ff911c578d715256015ffd4523a9e37
admoustache.go2affise.com/	1970-01-20 18:06:51	Name: afclick Value: 63daadc6028bcf00016ca7e2
track.clickeoads.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ln6jikc2fd8s7qhf7hvaheco8p
s3.afflist.net/	1970-01-20 18:06:51	Name: afclick Value: 63daadc760a757000157af32
s3.afflist.net/	1970-01-20 18:06:51	Name: afoffers Value: {"1208":1675275719}
friendr.info/	1970-01-20 09:21:15	Name: allocatedNumber Value: 212614008354

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admoustache.go2affise.com
friendr.info
monkey.redirectmaster.com
photo.l1a4.com
polo.thegadgetguru.club
s3.afflist.net
track.clickeoads.com
www.turbotrck.art
162.209.115.23
194.135.33.74
2606:4700:3035::ac43:dab7
34.141.137.168
35.204.226.246
51.68.85.158
64.227.23.114
99.198.108.194
0be54d784712cefda9cf905286bc262360dfca1421d2f44ae2a4a9c18e015d81
1404ef76f8194ac4b05bc9803c8570e0fa4986b3cf5430ad8f342873041cc3c5
2339e7a1ce6860418e351494dc91782241d11acfd18e7376130b5c88fbc814dc
2801274469484fa047c5ba0c066e80e9db65d0a922cd80be433c9d31c57871e6
3b7fac70d01f49dc79fba2e84a651913c761b0ca7399c86d52b47be57f321077
3c247993ed6ecaec285ef6ced155f6fb01a850d79107a051c0b146e297a615c9
52460ff45bd4b623016d1cec29d8c96b94ac81f1e787b7bdf57c0b9dfd272e88
6d1480fe20487bc5ef21c1b033967ccc47676e767310cd31e7d15a6e975e464e
a7670253ced562b7f3fc34a41fc844abfefacac3bb93d2ae49dde32d99e6351a
b078d1d7f5664506752f261a654e26c6da52db77852e8877626829926dd1e6a3
baa7dbe55a3d3fb18ccce00e05f817d7cbe591a76fb36cd333b59132511a25ee
d696bb4eb5b0886f39c5349369a73377b4ed20efd233e03210781e643328a834
dd395cd6cc2e1be29b5ff8492fa8ffed3932e8150aebc346940155ff622c0330
e3c752632854e9239e6ec97d150fa20de2a0ea2f5f224be8b64d2f61e154bdd7
ed95f702685545e4a5ec11684bab1be8040dd33959493c28ce110e47d188ad46

friendr.info Open in urlscan Pro 2606:4700:3035::ac43:dab7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

13 %IPv6

8 Domains

8 Subdomains

3 IPs

4 Countries

283 kBTransfer

398 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

friendr.info Open in urlscan Pro
2606:4700:3035::ac43:dab7 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

3
IPs

4
Countries

283 kB
Transfer

398 kB
Size

6
Cookies

18 HTTP transactions
0 data transactions