urlscan.io logo urlscan.io
SecurityTrails logo

gourlz.com Open in urlscan Pro
50.16.44.76  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/2IwrcSc
Effective URL: https://gourlz.com/fd4a125e908a
Submission: On August 30 via manual from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 20 HTTP transactions. The main IP is 50.16.44.76, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is gourlz.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 15th 2017. Valid for: a year.
This is the only time gourlz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 395224 (BITLY-AS)
1 193.106.248.121 50499 (TELEPARK-...)
2 104.20.2.47 13335 (CLOUDFLAR...)
1 2 185.43.221.156 59939 (WIBO-AS)
1 104.20.3.47 13335 (CLOUDFLAR...)
3 50.16.44.76 14618 (AMAZON-AES)
3 52.85.177.166 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.85.177.4 16509 (AMAZON-02)
2 209.197.3.15 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.85.183.188 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
20 13
1    67.199.248.11 (United States)

ASN395224 (BITLY-AS - Bitly Inc, US)
bit.ly
1    193.106.248.121 (Kyiv, Ukraine)

ASN50499 (TELEPARK-AS --- INTER-TELECOM ---, UA)
PTR: f1.hostenko.com
hotmoviesnow.review
2    104.20.2.47 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.statcounter.com
c.statcounter.com
2    185.43.221.156 (Czech Republic)

ASN59939 (WIBO-AS, LT)
PTR: vz23.hostlife.net
www.topoferta.in
topoferta.in
1    104.20.3.47 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.statcounter.com
3    50.16.44.76 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-50-16-44-76.compute-1.amazonaws.com
gourlz.com
ijumpz.com
3    52.85.177.166 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-177-166.fra6.r.cloudfront.net
d3cud1jhtny50b.cloudfront.net
1    2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
2    52.85.177.4 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-177-4.fra6.r.cloudfront.net
d33pp0jymk9coo.cloudfront.net
2    209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
netdna.bootstrapcdn.com
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:806::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    52.85.183.188 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-183-188.fra50.r.cloudfront.net
i.imgur.com
1    2a00:1450:4001:806::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
3 d3cud1jhtny50b.cloudfront.net gourlz.com
2 d33pp0jymk9coo.cloudfront.net gourlz.com
ijumpz.com
2 gourlz.com www.topoferta.in
ajax.googleapis.com
2 www.statcounter.com hotmoviesnow.review
www.topoferta.in
1 fonts.gstatic.com gourlz.com
1 i.imgur.com gourlz.com
1 fonts.googleapis.com gourlz.com
1 maxcdn.bootstrapcdn.com gourlz.com
1 netdna.bootstrapcdn.com gourlz.com
1 ajax.googleapis.com gourlz.com
1 ijumpz.com gourlz.com
1 topoferta.in 1 redirects
1 c.statcounter.com www.topoferta.in
1 www.topoferta.in hotmoviesnow.review
1 hotmoviesnow.review
1 bit.ly 1 redirects
20 16

This site contains no links.

Subject Issuer Validity Valid
*.statcounter.com
Go Daddy Secure Certificate Authority - G2		 2018-01-16 -
2019-01-17		 a year crt.sh
redirlock.com
Go Daddy Secure Certificate Authority - G2		 2017-09-15 -
2018-12-06		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2017-11-22 -
2018-11-21		 a year crt.sh
ijumpz.com
Let's Encrypt Authority X3		 2018-07-12 -
2018-10-10		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-08-07 -
2018-10-16		 2 months crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA		 2017-10-03 -
2018-10-13		 a year crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2017-11-15 -
2019-01-09		 a year crt.sh
*.google.com
Google Internet Authority G3		 2018-08-14 -
2018-10-23		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://gourlz.com/fd4a125e908a
Frame ID: 661B3A15D81E049F69AB54726952D354
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/2IwrcSc HTTP 301
    http://hotmoviesnow.review/media/004.php?k=lynda Page URL
  2. http://www.topoferta.in/files/001.php?aa=16102015 Page URL
  3. http://topoferta.in/ztds/mgc HTTP 302
    https://gourlz.com/fd4a125e908a Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

20
Requests

75 %
HTTPS

23 %
IPv6

11
Domains

16
Subdomains

13
IPs

4
Countries

154 kB
Transfer

466 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/2IwrcSc HTTP 301
    http://hotmoviesnow.review/media/004.php?k=lynda Page URL
  2. http://www.topoferta.in/files/001.php?aa=16102015 Page URL
  3. http://topoferta.in/ztds/mgc HTTP 302
    https://gourlz.com/fd4a125e908a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/2IwrcSc HTTP 301
  • http://hotmoviesnow.review/media/004.php?k=lynda

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
004.php
hotmoviesnow.review/media/
Redirect Chain
  • https://bit.ly/2IwrcSc
  • http://hotmoviesnow.review/media/004.php?k=lynda
900 B
709 B 		Document
General
Check archive.org
Download Go to
Full URL
http://hotmoviesnow.review/media/004.php?k=lynda
Protocol
HTTP/1.1
Server
193.106.248.121 Kyiv, Ukraine, ASN50499 (TELEPARK-AS --- INTER-TELECOM ---, UA),
Reverse DNS
f1.hostenko.com
Software
nginx /
Resource Hash

Request headers

Host
hotmoviesnow.review
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
661B3A15D81E049F69AB54726952D354

Response headers

Server
nginx
Date
Thu, 30 Aug 2018 06:50:54 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 30 Aug 2018 06:50:53 GMT
Content-Type
text/html; charset=utf-8
Content-Length
135
Connection
keep-alive
Cache-Control
private, max-age=90
Content-Security-Policy
referrer always;
Location
http://hotmoviesnow.review/media/004.php?k=lynda
Referrer-Policy
unsafe-url
Set-Cookie
_bit=i7u6OR-6c144eddfc38d27ab8-00o; Domain=bit.ly; Expires=Tue, 26 Feb 2019 06:50:53 GMT
counter.js
www.statcounter.com/counter/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: hotmoviesnow.review
URL: http://hotmoviesnow.review/media/004.php?k=lynda
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.20.2.47 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://hotmoviesnow.review/media/004.php?k=lynda
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 30 Aug 2018 06:50:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2017 13:36:00 GMT
server
cloudflare
etag
W/"59034540-7083"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=43200
cf-ray
45255368bec697f2-FRA
expires
Thu, 30 Aug 2018 18:50:54 GMT
001.php
www.topoferta.in/files/ 		941 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.topoferta.in/files/001.php?aa=16102015
Requested by
Host: hotmoviesnow.review
URL: http://hotmoviesnow.review/media/004.php?k=lynda
Protocol
HTTP/1.1
Server
185.43.221.156 , Czech Republic, ASN59939 (WIBO-AS, LT),
Reverse DNS
vz23.hostlife.net
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c2270886eefbc42e15d5172492f157100b69703f35c9f6deeba3906ac0ff5967

Request headers

Host
www.topoferta.in
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://hotmoviesnow.review/media/004.php?k=lynda
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
661B3A15D81E049F69AB54726952D354
Referer
http://hotmoviesnow.review/media/004.php?k=lynda

Response headers

Date
Thu, 30 Aug 2018 06:50:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Content-Length
941
Connection
close
Content-Type
text/html; charset=UTF-8
t.php
c.statcounter.com/ 		0
0
counter.js
www.statcounter.com/counter/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.statcounter.com/counter/counter.js
Requested by
Host: www.topoferta.in
URL: http://www.topoferta.in/files/001.php?aa=16102015
Protocol
HTTP/1.1
Server
104.20.3.47 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://www.topoferta.in/files/001.php?aa=16102015
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 30 Aug 2018 06:50:54 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 28 Apr 2017 13:36:00 GMT
Server
cloudflare
ETag
W/"59034540-7083"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4525536912322738-FRA
Expires
Thu, 30 Aug 2018 18:50:54 GMT
t.php
c.statcounter.com/ 		49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.statcounter.com/t.php?sc_project=10604951&java=1&security=7a39e110&u1=DDC2CC6F65D84FC7990BCFDDC4EEB9DD&sc_random=0.4708985162319099&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=http%3A//hotmoviesnow.review/media/004.php%3Fk%3Dlynda&u=http%3A//www.topoferta.in/files/001.php%3Faa%3D16102015&t=&rcat=r&rdom=hotmoviesnow.review&sc_snum=1&sess=7a9eb4&p=0&invisible=1
Requested by
Host: www.topoferta.in
URL: http://www.topoferta.in/files/001.php?aa=16102015
Protocol
HTTP/1.1
Server
104.20.2.47 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://www.topoferta.in/files/001.php?aa=16102015
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 30 Aug 2018 06:50:54 GMT
Server
cloudflare
P3P
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Content-Type
image/gif
Connection
keep-alive
CF-RAY
45255369420fbef8-FRA
Content-Length
49
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Primary Request fd4a125e908a
gourlz.com/
Redirect Chain
  • http://topoferta.in/ztds/mgc
  • https://gourlz.com/fd4a125e908a
102 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gourlz.com/fd4a125e908a
Requested by
Host: www.topoferta.in
URL: http://www.topoferta.in/files/001.php?aa=16102015
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.44.76 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-50-16-44-76.compute-1.amazonaws.com
Software
nginx/1.12.1 / PHP/5.5.9-1ubuntu4.22
Resource Hash
acbefe5f2ab30fc94a9a698210e205dc65605ee50a3241899e4b1ac92574dc12

Request headers

:method
GET
:authority
gourlz.com
:scheme
https
:path
/fd4a125e908a
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.topoferta.in/files/001.php?aa=16102015
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
661B3A15D81E049F69AB54726952D354
Referer
http://www.topoferta.in/files/001.php?aa=16102015

Response headers

status
200
server
nginx/1.12.1
date
Thu, 30 Aug 2018 06:50:55 GMT
content-type
text/html;charset=utf-8
content-length
31897
x-powered-by
PHP/5.5.9-1ubuntu4.22
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie
PHPSESSID=56u1g16v1o3k4043ieishabaq5; expires=Sat, 29-Sep-2018 06:50:54 GMT; Max-Age=2592000; path=/; domain=.gourlz.com campaign_impressed_367687_27324_filegateway=1; expires=Fri, 31-Aug-2018 06:50:54 GMT; Max-Age=86400; path=/ campaign_impressed_366856_27324_filegateway=1; expires=Fri, 31-Aug-2018 06:50:54 GMT; Max-Age=86400; path=/ campaign_impressed_367869_27324_filegateway=1; expires=Fri, 31-Aug-2018 06:50:54 GMT; Max-Age=86400; path=/ fg_countDownloads=123090; expires=Fri, 30-Aug-2019 06:50:54 GMT; Max-Age=31536000; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Date
Thu, 30 Aug 2018 06:50:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Set-Cookie
cu_mgc=0; expires=Fri, 31-Aug-2018 06:50:53 GMT; path=/
Location
https://gourlz.com/fd4a125e908a
Content-Length
0
Connection
close
Content-Type
text/html; charset=utf-8
style.css
d3cud1jhtny50b.cloudfront.net/fgskins/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3cud1jhtny50b.cloudfront.net/fgskins/style.css
Requested by
Host: gourlz.com
URL: https://gourlz.com/fd4a125e908a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.177.166 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-177-166.fra6.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
bab59760eeb92bab76e9788584caa825b61e25434a273dd5b5e543a74274b03a

Request headers

Referer
https://gourlz.com/fd4a125e908a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 25 Jul 2018 20:00:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Feb 2014 11:10:07 GMT
Server
nginx/1.12.1
Age
36474
ETag
"766-4f339217761c0-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 0bf7ab276e9275ac14471a0d2b33bfd0.cloudfront.net (CloudFront)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
653
X-Amz-Cf-Id
cJvacfWTc-5wD1rP0eAUBw-voUMPkNRyiA49cKNohL8EuL9pre9Kgg==
jstat.js
ijumpz.com/common/ 		2 KB
953 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ijumpz.com/common/jstat.js?v=3
Requested by
Host: gourlz.com
URL: https://gourlz.com/fd4a125e908a
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.44.76 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-50-16-44-76.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
782f97dd3bf7a26cf7efb1c0f19d1a41fdff75e463008390971d03296f638dfc

Request headers

Referer
https://gourlz.com/fd4a125e908a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Thu, 30 Aug 2018 06:50:55 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2016 21:34:26 GMT
server
nginx/1.12.1
etag
W/"57d1d962-782"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
expires
Sat, 29 Sep 2018 06:50:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: gourlz.com
URL: https://gourlz.com/fd4a125e908a
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gourlz.com/fd4a125e908a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 Aug 2018 18:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1082510
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
33576
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Aug 2019 18:09:05 GMT
complain.js
d33pp0jymk9coo.cloudfront.net/common/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d33pp0jymk9coo.cloudfront.net/common/complain.js
Requested by
Host: gourlz.com
URL: https://gourlz.com/fd4a125e908a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.177.4 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-177-4.fra6.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
cb24522119f974178aec1fdbbffeaaf5c1061b5809fb0011f6b93f737c8d30d9

Request headers

Referer
https://gourlz.com/fd4a125e908a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 13 Jul 2018 06:17:56 GMT
Content-Encoding
gzip
Age
1557169
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
Last-Modified
Sat, 13 Feb 2016 20:25:30 GMT
Server
nginx/1.12.1
ETag
W/"56bf913a-93e"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 55ee6ea70e0823309f10db2e4b8f119f.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000, public
X-Amz-Cf-Id
Uhe-DMKIP3L2ceV7262Qq5zoSoPDoEsTYmeHMVv09HUdey_YG6BVtA==
Expires
Sun, 12 Aug 2018 06:17:56 GMT
style_editable.css
d3cud1jhtny50b.cloudfront.net/fgskins/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3cud1jhtny50b.cloudfront.net/fgskins/style_editable.css?v=3
Requested by
Host: gourlz.com
URL: https://gourlz.com/fd4a125e908a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.177.166 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-177-166.fra6.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
01c3c4b3f6927216f0ab8166c2fd90b2a26ab75e446c7eb92b1f3954c1c650ba

Request headers

Referer
https://gourlz.com/fd4a125e908a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 22 Jul 2018 13:15:14 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Jun 2018 12:49:18 GMT
Server
nginx/1.12.1
Age
61288
ETag
"777-56ed5e091c0c1-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 0bf7ab276e9275ac14471a0d2b33bfd0.cloudfront.net (CloudFront)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
631
X-Amz-Cf-Id
M45lDj_vDAoV9gG_MBRrw7VPYcVWUWw-n2z9z-rhDlLTqzGn9-2-Eg==
bootstrap.min.js
netdna.bootstrapcdn.com/bootstrap/3.1.1/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js
Requested by
Host: gourlz.com
URL: https://gourlz.com/fd4a125e908a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

Referer
https://gourlz.com/fd4a125e908a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 30 Aug 2018 06:50:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Feb 2018 05:58:02 GMT
Connection
Keep-Alive
ETag
"1519106282"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges
bytes
Content-Length
7679
editable4.js
d3cud1jhtny50b.cloudfront.net/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cud1jhtny50b.cloudfront.net/js/editable4.js
Requested by
Host: gourlz.com
URL: https://gourlz.com/fd4a125e908a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.177.166 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-177-166.fra6.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
a7d52fc932b19669197ff05779e5d3eb60275ce9af37210e6c49ac5e282531d0

Request headers

Referer
https://gourlz.com/fd4a125e908a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 07 Aug 2018 09:05:23 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 May 2016 00:21:24 GMT
Server
nginx/1.12.1
Age
76387
ETag
"5f6-533c7e307c900-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 f17892129c0657c8d9d0809a1b0b00be.cloudfront.net (CloudFront)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
602
X-Amz-Cf-Id
kOKVXCsBdlkdE3EXxNNM0tXWbAfRUI1DzRwR0CHDhz9QMbNs9H1cNQ==
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: gourlz.com
URL: https://gourlz.com/fd4a125e908a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://gourlz.com/fd4a125e908a
Origin
https://gourlz.com

Response headers

Date
Thu, 30 Aug 2018 06:50:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Feb 2018 05:57:55 GMT
Connection
Keep-Alive
ETag
"1519106275"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges
bytes
Content-Length
19740
css
fonts.googleapis.com/ 		767 B
477 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&subset=latin,latin-ext
Requested by
Host: gourlz.com
URL: https://gourlz.com/fd4a125e908a
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
06d10ddd446ea86ebea46a23a233c9a5fd8df1ce12dfde397d6edbf273f3b852
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gourlz.com/fd4a125e908a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Thu, 30 Aug 2018 06:50:55 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 30 Aug 2018 06:50:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Thu, 30 Aug 2018 06:50:55 GMT
fng_pr_lib.js
d33pp0jymk9coo.cloudfront.net/js/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d33pp0jymk9coo.cloudfront.net/js/fng_pr_lib.js?v=1
Requested by
Host: ijumpz.com
URL: https://ijumpz.com/common/jstat.js?v=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.177.4 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-177-4.fra6.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
277312a6c89c0faeb3a039f9eb3008f4ba29bd557bcbcedcd71c7e36fb8abf5f

Request headers

Referer
https://gourlz.com/fd4a125e908a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 May 2018 23:04:04 GMT
Content-Encoding
gzip
Age
2287849
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
Last-Modified
Fri, 22 Jul 2016 21:25:30 GMT
Server
nginx/1.12.1
ETag
W/"57928f4a-842e"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 55ee6ea70e0823309f10db2e4b8f119f.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000, public
X-Amz-Cf-Id
deeooQCl3E1A8Z6_kQjde6NOoA9z9MCwXF-T_1pmuf3DT-Rk7gjtjA==
Expires
Sat, 09 Jun 2018 23:04:04 GMT
EuIID8j.png
i.imgur.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/EuIID8j.png
Requested by
Host: gourlz.com
URL: https://gourlz.com/fd4a125e908a
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.183.188 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-183-188.fra50.r.cloudfront.net
Software
cat factory 3.0 /
Resource Hash
b3aa125ea45030fae065230c8a2f1eb5ce862dd312d00e91cd4a94b294f66e61

Request headers

Referer
https://gourlz.com/fd4a125e908a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 28 Aug 2018 18:32:55 GMT
via
1.1 a034346227db119f7e0813186ca2d2c2.cloudfront.net (CloudFront)
last-modified
Mon, 29 May 2017 21:22:45 GMT
server
cat factory 3.0
age
130681
etag
"daf752b4727b44177fa1d6a3c8ee95b9"
status
200
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
5830
x-amz-cf-id
ucDqd11-C-xI_xuB5v5Z60Re0adxuBD_y6yV8tn8XJZizfX5GjoyOw==
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: gourlz.com
URL: https://gourlz.com/fd4a125e908a
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato&subset=latin,latin-ext
Origin
https://gourlz.com

Response headers

date
Tue, 28 Aug 2018 02:22:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:20 GMT
server
sffe
age
188893
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13944
x-xss-protection
1; mode=block
expires
Wed, 28 Aug 2019 02:22:42 GMT
offers
gourlz.com/fd4a125e908a/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gourlz.com/fd4a125e908a/offers?variant_html=1&ref=http%3A%2F%2Fwww.topoferta.in%2Ffiles%2F001.php%3Faa%3D16102015
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.44.76 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-50-16-44-76.compute-1.amazonaws.com
Software
nginx/1.12.1 / PHP/5.5.9-1ubuntu4.22
Resource Hash
278ebe482f538f75721e278a47eb489b185be8899ba3f92c017cfa80d25cd162

Request headers

:path
/fd4a125e908a/offers?variant_html=1&ref=http%3A%2F%2Fwww.topoferta.in%2Ffiles%2F001.php%3Faa%3D16102015
pragma
no-cache
cookie
PHPSESSID=56u1g16v1o3k4043ieishabaq5; campaign_impressed_367687_27324_filegateway=1; campaign_impressed_366856_27324_filegateway=1; campaign_impressed_367869_27324_filegateway=1; fg_countDownloads=123090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
gourlz.com
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://gourlz.com/fd4a125e908a
:method
GET
Accept
*/*
Referer
https://gourlz.com/fd4a125e908a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Aug 2018 06:50:55 GMT
content-encoding
gzip
server
nginx/1.12.1
status
200
x-powered-by
PHP/5.5.9-1ubuntu4.22
vary
Accept-Encoding
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
964
expires
Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.statcounter.com
URL
http://c.statcounter.com/t.php?sc_project=11661519&java=1&security=d0b44bb6&u1=FED8E6E2DAC04F28194AA82008AEA6D3&sc_random=0.8764563293302348&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//hotmoviesnow.review/media/004.php%3Fk%3Dlynda&t=&sc_snum=1&sess=7a9eb4&p=0&invisible=1

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| gSetup object| __result function| showHidden function| _showHidden function| body_close_handler object| MgJStat string| mgOfferClickedPage string| mgSendOfferToPhoneMode string| mgLibPhoneNumberUrl string| mgActiveVariant string| mgReferer string| mgUserCountry string| mgSessionId string| mgFgMode string| mgCampaignUrl string| mgSessionCheckMode string| mgSessionCompleted string| mgViralInviterLink string| mgOffersLink string| mgSmsLink string| mgBitcoinLink string| mgDesignType string| mgIsPreview string| mgFileGatewayContentId object| offersPreviews function| $ function| jQuery object| MGComplain object| FileGateway2 object| sessionCheck object| MGAlerts object| smsLocker2 object| CallUnlock object| ViralInviter2 object| VariantMenu object| jQuery111008182379690273542 object| FgEditableSkin function| Fingerprint2

6 Cookies

Domain/Path Name / Value
gourlz.com/ Name: fg_countDownloads
Value: 123090
gourlz.com/ Name: campaign_impressed_367869_27324_filegateway
Value: 1
gourlz.com/ Name: jstat
Value: eyJzY3JlZW4iOiIxNjAweDEyMDAiLCJmaW5nZXJwcmludCI6IjliNWI4OTBmYmZiMmIwNWNlZjJkNDY0ODQ1MmZiOWEyIn0%3D
gourlz.com/ Name: campaign_impressed_366856_27324_filegateway
Value: 1
gourlz.com/ Name: campaign_impressed_367687_27324_filegateway
Value: 1
.gourlz.com/ Name: PHPSESSID
Value: 56u1g16v1o3k4043ieishabaq5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bit.ly
c.statcounter.com
d33pp0jymk9coo.cloudfront.net
d3cud1jhtny50b.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gourlz.com
hotmoviesnow.review
i.imgur.com
ijumpz.com
maxcdn.bootstrapcdn.com
netdna.bootstrapcdn.com
topoferta.in
www.statcounter.com
www.topoferta.in
c.statcounter.com
104.20.2.47
104.20.3.47
185.43.221.156
193.106.248.121
209.197.3.15
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:821::200a
50.16.44.76
52.85.177.166
52.85.177.4
52.85.183.188
67.199.248.11
01c3c4b3f6927216f0ab8166c2fd90b2a26ab75e446c7eb92b1f3954c1c650ba
06d10ddd446ea86ebea46a23a233c9a5fd8df1ce12dfde397d6edbf273f3b852
277312a6c89c0faeb3a039f9eb3008f4ba29bd557bcbcedcd71c7e36fb8abf5f
278ebe482f538f75721e278a47eb489b185be8899ba3f92c017cfa80d25cd162
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
782f97dd3bf7a26cf7efb1c0f19d1a41fdff75e463008390971d03296f638dfc
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
a7d52fc932b19669197ff05779e5d3eb60275ce9af37210e6c49ac5e282531d0
acbefe5f2ab30fc94a9a698210e205dc65605ee50a3241899e4b1ac92574dc12
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b3aa125ea45030fae065230c8a2f1eb5ce862dd312d00e91cd4a94b294f66e61
bab59760eeb92bab76e9788584caa825b61e25434a273dd5b5e543a74274b03a
c2270886eefbc42e15d5172492f157100b69703f35c9f6deeba3906ac0ff5967
cb24522119f974178aec1fdbbffeaaf5c1061b5809fb0011f6b93f737c8d30d9
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c