Report - onlyfwbs.us/Get-Me-Now

Report Overview

Visited public
2025-01-14 00:12:13
Tags
URL
onlyfwbs.us/Get-Me-Now
Finishing URL
nrmzbk.hugelovesgirls.net/?s1=198094&s2=1897625&s3=px1289&s5=backuser&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&iexpp=1&j1=1&j9=1&utm_source=da57dc555e50572d
IP / ASN
172.67.201.60
#13335 CLOUDFLARENET
Title
nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
img1.wsimg.com	9893	2008-03-17	2012-06-20	2025-01-08	848 B	22 kB	23.36.77.210
howric.com	unknown	2023-10-02	2023-10-02	2024-12-24	1.5 kB	21 kB	104.21.80.1
cdn-dimi.akamaized.net	unknown	2014-03-18	2022-07-07	2025-01-12	3.3 kB	1.0 MB	88.221.27.146
1linkpath.com	unknown	2021-07-28	2021-07-28	2024-12-01	1.6 kB	108 kB	104.21.96.1
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-01-08	449 B	6.8 kB	104.17.24.14
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-01-08	418 B	113 kB	142.250.74.168
onlyfwbs.us	unknown	2025-01-03	2025-01-03	2025-01-03	1.0 kB	157 kB	172.67.201.60
www.gstatic.com	unknown	2008-02-11	2012-05-29	2025-01-08	438 B	12 kB	142.250.74.99
nrmzbk.hugelovesgirls.net	unknown	2024-06-05	2024-06-10	2025-01-13	2.0 kB	43 kB	52.19.138.177
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-01-08	2.1 kB	202 kB	142.250.74.35
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-01-08	905 B	14 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-14	medium	howric.com	Sinkholed
2025-01-14	medium	howric.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	From	Size	First Seen	Last Seen
	nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1	ScriptElement	2.3 kB	2025-01-14	2025-01-14
Pretty URL nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1 IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-14 00:12 Last Seen2025-01-14 00:12 Times Seen1 Hash 7fcde5a38b1db633259b73a01b30a2e5 fb922f77bddfefd15c85b52bbd5b31404a00936b 7f1826d610152c53b41dea49749fbcf1269d0d521c51033249e1b122df95b82a Loading...

	nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1	ScriptElement	4.0 kB	2025-01-14	2025-01-14
Pretty URL nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1 IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-14 00:12 Last Seen2025-01-14 00:12 Times Seen1 Hash 51510bb67b924a695472004737565aa3 db9963e149add196af7ec7fc4e79c16562215894 38a28a3cdc8976a70dce8e92c174719e51d677d4589e066c4a39e7e117bb948e Loading...

	nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1	ScriptElement	4.0 kB	2025-01-14	2025-01-14
Pretty URL nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1 IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-14 00:12 Last Seen2025-01-14 00:12 Times Seen1 Hash 8a202168d3ae47b863c4d499ab895c1d 4d37de6fb665456d0e4281c3d5bd30651b0743a7 6a17e74311919d1cae3880181536cb3de7b691d14e86f6b3ee65fb04f559abc5 Loading...

	cdn-dimi.akamaized.net/landings/290389/1723020901/js/jquery.min.js?1723020901	ScriptElement	86 kB	2023-03-07	2025-06-14
Pretty URL cdn-dimi.akamaized.net/landings/290389/1723020901/js/jquery.min.js?1723020901 IP 88.221.27.146 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-14 14:50 Times Seen180172 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1	ScriptElement	2.5 kB	2023-06-30	2025-06-14
Pretty URL nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1 IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 16:46 Last Seen2025-06-14 10:22 Times Seen2089 Hash 78a93fba834e51562cc0c1643de4a304 2bf106e16eb1752230a8499285b73ae6d8dcbcc2 d684c6105ece5706298f7778d19bc9881449a39196f92c000254f4ce6fdd368e Loading...

	cdn-dimi.akamaized.net/landings/290389/1723020901/js/translates.js?1723020901	ScriptElement	42 kB	2024-08-20	2025-06-14
Pretty URL cdn-dimi.akamaized.net/landings/290389/1723020901/js/translates.js?1723020901 IP 88.221.27.146 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 05:21 Last Seen2025-06-14 07:57 Times Seen154 Hash 5b7e1329b87e61452e1b93ca3632bef4 7beb240abc0ad9cedb4e74c2c5b21974878bd3fb 3a94e6a14d0dc6f2612bbb814bf3488960f562ebca2d51a27a4a9f92793c0eeb Loading...

	moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/shims/firebase.js		2.3 kB	2023-05-05	2025-06-14
Pretty URL moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/shims/firebase.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38 Last Seen2025-06-14 12:01 Times Seen10905 Hash 32d439c9ec8c789e843ae58b6774681c deb2c661dacf46eb3a1eacbba3e430dcf10cc395 f65e83801e16f98e150ae8843afb4c98c0b3ac0fa7fbe5a5ec687b08119732d6 Loading...

	nrmzbk.hugelovesgirls.net/sandbox%20eval%20code		123 B	2023-05-05	2025-06-14
Pretty URL nrmzbk.hugelovesgirls.net/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38 Last Seen2025-06-14 12:01 Times Seen8484 Hash 239166f4d1bda569909c9af241098419 ad3987a93224de5c735c7c380daf5bfaecf60ac8 255566913e81e0587539abba68839777480779575271b734e817e7093f4dceec Loading...

	nrmzbk.hugelovesgirls.net/js/pushjs/1.0.0/utils.js	ScriptElement	7.1 kB	2023-03-07	2025-06-14
Pretty URL nrmzbk.hugelovesgirls.net/js/pushjs/1.0.0/utils.js IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-14 10:22 Times Seen2298 Hash 711c7ecda710a342d24faef1dec76ede d1b38489603a2aecc2be5edb4fa4cd8d442fe727 41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb Loading...

	nrmzbk.hugelovesgirls.net/?s1=198094&s2=1897625&s3=px1289&s5=backuser&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&iexpp=1&j1=1&j9=1&utm_source=da57dc555e50572d	ScriptElement	0 B	0001-01-01	2025-06-14
Pretty URL nrmzbk.hugelovesgirls.net/?s1=198094&s2=1897625&s3=px1289&s5=backuser&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&iexpp=1&j1=1&j9=1&utm_source=da57dc555e50572d IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-14 14:57 Times Seen4958924 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1	ScriptElement	858 B	2024-07-29	2025-06-14
Pretty URL nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1 IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-29 15:17 Last Seen2025-06-14 10:22 Times Seen891 Hash 9320f4c96e69f35f385a133e36bbd45b 1a8a6158a2943e5365e77252699c086679e59096 49b4b8d0ea6f5e9f18d0b2a583888720be163311f5c18203dec0d7dd23f2fddd Loading...

	nrmzbk.hugelovesgirls.net/js/pushjs/1.0.0/subscriber.js	ScriptElement	14 kB	2024-08-13	2025-06-14
Pretty URL nrmzbk.hugelovesgirls.net/js/pushjs/1.0.0/subscriber.js IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-13 13:55 Last Seen2025-06-14 10:22 Times Seen778 Hash ac569ffc0beb63e3e3aa9bc96f034b00 cd26d911112f00087a6dd8c4a92fb858ec2d3bbd 197fbcbda196254842164e91f2f0873c08a569189262d335f82d05235f33cd23 Loading...

	cdnjs.cloudflare.com/ajax/libs/firebase/8.2.2/firebase-app.min.js	ScriptElement	20 kB	2024-08-13	2025-06-14
Pretty URL cdnjs.cloudflare.com/ajax/libs/firebase/8.2.2/firebase-app.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-13 13:55 Last Seen2025-06-14 10:22 Times Seen918 Hash 5e2898beab1505a629bf1254fbdf9ed8 f17ac22f600d694ae4341c4da46576e3fec0e6f4 00d770fea1249b4be3f55a037a9edd20c1fe55bda8ab1e4b6251e56cd74cd05b Loading...

	cdn-dimi.akamaized.net/landings/290389/1723020901/js/scripts.js?1723020901	ScriptElement	421 B	2024-08-20	2025-06-14
Pretty URL cdn-dimi.akamaized.net/landings/290389/1723020901/js/scripts.js?1723020901 IP 88.221.27.146 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 05:21 Last Seen2025-06-14 07:57 Times Seen122 Hash 8bf9e0404172038007f7454aded737a6 b8ae7ffa8c7f602d099c0eeba419faab58b42ef7 f8af39bb452432f459123ac6c1857f1c8ac602b89aba9bf9e1f9c5879de9cd36 Loading...

	nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1	ScriptElement	378 B	2025-01-14	2025-01-14
Pretty URL nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1 IP 52.19.138.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-14 00:12 Last Seen2025-01-14 00:12 Times Seen1 Hash 2e976a122fd92f9b70adb2bb67ea6831 af673a796cda8407c199a8e303a64bb23e3632c2 f76d1af834bfbcc0264494f47bb5f14f09a3df1f627496b1f7daa27fc368ddfd Loading...

	www.gstatic.com/firebasejs/8.2.2/firebase-messaging.js	ScriptElement	41 kB	2023-03-07	2025-06-14
Pretty URL www.gstatic.com/firebasejs/8.2.2/firebase-messaging.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17 Last Seen2025-06-14 10:22 Times Seen1004 Hash b183329c90af8d64337b925c208e7a14 9f5a49eab81c119d28416ba96f0390fdbc5a4565 8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf Loading...

HTTP Transactions (28)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=G-GZXB4HVCMB

142.250.74.168

200 OK

112 kB

URL
www.googletagmanager.com/gtag/js?id=G-GZXB4HVCMB
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (5960)
Size
112 kB (111579 bytes)
Hash
cf62cafbde7856e09f65190b1f232b63
c9e49a84e281db911f679a33222cc64ddbacd77b
e4332bb6f67c9a1a45dc131d43ef666878ed81341a61dbc0c4a8b7f158fe5608

HTTP Headers

GET /gtag/js?id=G-GZXB4HVCMB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onlyfwbs.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 14 Jan 2025 00:11:49 GMT
expires: Tue, 14 Jan 2025 00:11:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 111579
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://onlyfwbs.us
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Jan 2025 03:56:30 GMT
expires: Sun, 11 Jan 2026 03:56:30 GMT
cache-control: public, max-age=31536000
age: 245720
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://onlyfwbs.us
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Jan 2025 03:56:30 GMT
expires: Sun, 11 Jan 2026 03:56:30 GMT
cache-control: public, max-age=31536000
age: 245720
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

onlyfwbs.us/Get-Me-Now/images/jquery.mina058a058a058.js?1530100202

172.67.201.60

200 OK

35 kB

URL
onlyfwbs.us/Get-Me-Now/images/jquery.mina058a058a058.js?1530100202
IP
172.67.201.60:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
35 kB (35296 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

HTTP Headers

GET /Get-Me-Now/images/jquery.mina058a058a058.js?1530100202 HTTP/1.1
Host: onlyfwbs.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onlyfwbs.us/Get-Me-Now/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 14 Jan 2025 00:11:50 GMT
content-type: text/javascript
last-modified: Fri, 03 Jan 2025 08:46:15 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ce9Z32AJn0YOSjXDyHYDK%2B4w19JSYdbjEXbkx9Grpd8baVl5YTf%2Bd%2BeI5gcMu3r7jx1QEZk9ftgdr8cmFyfdiuKPu6pj3St0yOqR6ZWvOq2wpJWgnSbMAvSmgI3TdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 901969342e14b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5764&min_rtt=1653&rtt_var=5875&sent=20&recv=16&lost=0&retrans=0&sent_bytes=6988&recv_bytes=2055&delivery_rate=39447&cwnd=12000&unsent_bytes=0&cid=5d9a12509828528b&ts=1013&x=1", cfExtPri, cfHdrFlush;dur=0

onlyfwbs.us/Get-Me-Now/images/Nancy.jpg

172.67.201.60

200 OK

120 kB

URL
onlyfwbs.us/Get-Me-Now/images/Nancy.jpg
IP
172.67.201.60:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 960x1280, components 3
Size
120 kB (119513 bytes)
Hash
4348f2cdbeaf2c9edd14de07dc0e49a9
c637be8183d9739c96fcb3797c7624797e22f048
77a97c43bf358681dee7f63726c43551c1a69a338a85eb4748e4bea0b7d94bb9

HTTP Headers

GET /Get-Me-Now/images/Nancy.jpg HTTP/1.1
Host: onlyfwbs.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onlyfwbs.us/Get-Me-Now/images/main.css
Cookie: _ga_GZXB4HVCMB=GS1.1.1736813510.1.0.1736813510.0.0.0; _ga=GA1.1.1974049470.1736813510
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 14 Jan 2025 00:11:51 GMT
content-type: image/jpeg
content-length: 119513
cache-control: public, max-age=604800
expires: Tue, 21 Jan 2025 00:11:50 GMT
last-modified: Fri, 03 Jan 2025 08:46:15 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BsvW0mGE11jA1jTiNKQTEjGiAp8ErEjtzrTHBRh7MHBH07JtBMNIzkMNcmjSfoQAFh6Of6rl0%2F%2F6mKzXNYK1zJORDZeFMeQw3PzpwNfzlTS20aj3ao61IHXSj7MKfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90196937e97eb4ed-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4515&min_rtt=1653&rtt_var=3322&sent=55&recv=22&lost=0&retrans=0&sent_bytes=44806&recv_bytes=2931&delivery_rate=3945&cwnd=48000&unsent_bytes=0&cid=5d9a12509828528b&ts=1819&x=1", cfExtPri, cfHdrFlush;dur=0

img1.wsimg.com/traffic-assets/js/tccl.min.js

23.36.77.210

301 Moved Permanently

0 B

URL
img1.wsimg.com/traffic-assets/js/tccl.min.js
IP
23.36.77.210:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /traffic-assets/js/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fwb4me.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-length: 0
location: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
cache-control: max-age=31536000
expires: Wed, 14 Jan 2026 00:11:57 GMT
date: Tue, 14 Jan 2025 00:11:57 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

23.36.77.210

200 OK

22 kB

URL
img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
IP
23.36.77.210:0
ASN
#20940 Akamai International B.V.

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
22 kB (21460 bytes)
Hash
6837678401f602120e41c9eaa7a7e915
a1f801d56b6666bdded519de10a8f04b9257ae0e
dae89c4d8697dc845428a11c2bde64334ab65738ee97f598414d857b5d9d3fd2

HTTP Headers

GET /signals/js/clients/scc-c2/scc-c2.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fwb4me.us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-amz-id-2: s//XcKJZKzg1Trflc3ykkNdEaoH9U95PlO8zCWIKhFJuKPfA3zYOr06cPXfVPoOD2FJlTZVeeo9Yntf0sBas/Q==
x-amz-request-id: ECXK8TZGQ48Z0A7C
last-modified: Sun, 22 Dec 2024 23:44:31 GMT
etag: "6837678401f602120e41c9eaa7a7e915"
x-amz-server-side-encryption: AES256
x-amz-meta-version: 1.0.1
x-amz-version-id: SVyl5KN5ySTpQdvaNSN8cRWDnhBms6BO
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1800
expires: Tue, 14 Jan 2025 00:41:57 GMT
date: Tue, 14 Jan 2025 00:11:57 GMT
content-length: 21460
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

howric.com/client?camp=s3&aff_id=2&aff_sub=72437&source=72437&aff_sub2=other&click_id=46_72437_9949_d5436e1f00a0fa78142dcc0d049e8944

104.21.80.1

302 Found

1.1 kB

URL User Request GET HTTP/2
howric.com/client?camp=s3&aff_id=2&aff_sub=72437&source=72437&aff_sub2=other&click_id=46_72437_9949_d5436e1f00a0fa78142dcc0d049e8944
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthowric.com
Fingerprint8C:54:BD:CF:78:85:9E:98:B0:02:3F:91:8A:60:5A:4F:D0:00:B6:BE
ValidityMon, 18 Nov 2024 09:30:14 GMT - Sun, 16 Feb 2025 09:30:13 GMT

File type
data
Size
1.1 kB (1087 bytes)
Hash
ff5e58325b380b646c666b0e4c9ecd15
c5bd7060bb2d1499c01b9421ca51b41b5be457a9
a72277f4ddfe2c1d53c480622ef669a71244a54bdd46ddf7e1ec84dad5cc9191

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /client?camp=s3&aff_id=2&aff_sub=72437&source=72437&aff_sub2=other&click_id=46_72437_9949_d5436e1f00a0fa78142dcc0d049e8944 HTTP/1.1
Host: howric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 14 Jan 2025 00:11:59 GMT
content-type: text/html; charset=utf-8
location: https://howric.com/ofp?aff_id=2&aff_sub=72437&aff_sub2=other&click_id=46_72437_9949_d5436e1f00a0fa78142dcc0d049e8944&source=72437&ttype=px&camp=f130&sl_cid=01946227-22b6-7004-a7d4-4855dda5ea8a_d0b058e0e1a9e2850d7bd389b9354ed7&bstep=&sid=s3&ofp_id=126&efcn=custom-unknown&cntp=custom-unknown&sch=&scw=&vph=&vpw=&lt=
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
vary: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Accept
critical-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GLZ%2FXZxnGZ%2B%2B855zhdRFSB5M7rRksIVOuhpRnBqakP1CyOd4OAd48tgInG7plYjr4lGuoMLv%2F3MXmkLEormTdVc6umSkdvZLqKuPMmYtcHZPpmp1SqcayXmt7WMe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: browserLanguage=en; Domain=howric.com; Path=/; Expires=Thu, 13 Feb 2025 00:11:59 GMT
userId=01946227-22b5-7004-a7d4-40dfe2f9378d_5fed6fc3b4d23807713f247555c03a57; Domain=howric.com; Path=/; Expires=Sun, 13 Jan 2030 00:11:59 GMT; Secure; SameSite=None
__cflb=02DiuG1r78wjR3ReK8PZTcTARihpx1zVBcgzrgcHq6x28; SameSite=Strict; Secure; path=/; expires=Tue, 14-Jan-25 23:11:59 GMT; HttpOnly
server: cloudflare
cf-ray: 901969707ca7569f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=506&min_rtt=437&rtt_var=117&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3270&recv_bytes=1323&delivery_rate=7006451&cwnd=254&unsent_bytes=0&cid=e67aa5440331b4be&ts=543&x=0"
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/290389/1723020901/css/style.css?1723020901

88.221.27.146

200 OK

1.1 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/290389/1723020901/css/style.css?1723020901
IP
88.221.27.146:443
ASN
#20940 Akamai International B.V.

Requested by
https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
ASCII text
Size
1.1 kB (1083 bytes)
Hash
1322acde8fd65a629e2fc0be9b45026a
3ddaa06b4b960f649c89bffb22ff53ca5010faaf
e594008b2f1c6e9412ae54bd1b98f074b3e76befcd3b95847d3d52e12e41c399

HTTP Headers

GET /landings/290389/1723020901/css/style.css?1723020901 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nrmzbk.hugelovesgirls.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: QAhSDrBsjdzBeRTsJmSzPmBrXQxHanmk3gA6nWzFCugVq5a0XAxgkRq7SbUkRrZABXrEXmdrMTvJ3gb2MchKsoMBcqwCAlrR
x-amz-request-id: FJVNSYHSKZ4R5XV0
Last-Modified: Thu, 12 Dec 2024 08:00:07 GMT
ETag: "1322acde8fd65a629e2fc0be9b45026a"
x-amz-server-side-encryption: AES256
x-amz-meta-ctime: 1733990406.262264383
x-amz-meta-mode: 33279
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 14 Jan 2025 00:12:00 GMT
Content-Length: 1083
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

fonts.googleapis.com/css?family=Open+Sans:400,700

142.250.74.10

200 OK

7.5 kB

URL
fonts.googleapis.com/css?family=Open+Sans:400,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (1572)
Size
7.5 kB (7484 bytes)
Hash
e9b1ece7dbde2e12ac40a0ff29f905a0
1afc64a369f26f96a9e201c9faa2911478896e79
018f9d19ac886a57e0dc2ebeabc2d1d421526b69b6ed02db9e9934b4831d1ed1

HTTP Headers

GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onlyfwbs.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 14 Jan 2025 00:11:50 GMT
date: Tue, 14 Jan 2025 00:11:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

howric.com/ofp?aff_id=2&aff_sub=72437&aff_sub2=other&click_id=46_72437_9949_d5436e1f00a0fa78142dcc0d049e8944&source=72437&ttype=px&camp=f130&sl_cid=01946227-22b6-7004-a7d4-4855dda5ea8a_d0b058e0e1a9e2850d7bd389b9354ed7&bstep=&sid=s3&ofp_id=126&efcn=custom-unknown&cntp=custom-unknown&sch=&scw=&vph=&vpw=&lt=

104.21.80.1

302 Found

16 kB

URL User Request GET HTTP/2
howric.com/ofp?aff_id=2&aff_sub=72437&aff_sub2=other&click_id=46_72437_9949_d5436e1f00a0fa78142dcc0d049e8944&source=72437&ttype=px&camp=f130&sl_cid=01946227-22b6-7004-a7d4-4855dda5ea8a_d0b058e0e1a9e2850d7bd389b9354ed7&bstep=&sid=s3&ofp_id=126&efcn=custom-unknown&cntp=custom-unknown&sch=&scw=&vph=&vpw=&lt=
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthowric.com
Fingerprint8C:54:BD:CF:78:85:9E:98:B0:02:3F:91:8A:60:5A:4F:D0:00:B6:BE
ValidityMon, 18 Nov 2024 09:30:14 GMT - Sun, 16 Feb 2025 09:30:13 GMT

File type
data
Size
16 kB (15791 bytes)
Hash
c8506fc44fc052bfb7c5f4129768eb2f
914063ba5ab9651362b07ffbb0a7161ceb066b4c
919465eeeee91ef14178adfbe9bf842ed58e569a69c01e260391eb097b040348

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ofp?aff_id=2&aff_sub=72437&aff_sub2=other&click_id=46_72437_9949_d5436e1f00a0fa78142dcc0d049e8944&source=72437&ttype=px&camp=f130&sl_cid=01946227-22b6-7004-a7d4-4855dda5ea8a_d0b058e0e1a9e2850d7bd389b9354ed7&bstep=&sid=s3&ofp_id=126&efcn=custom-unknown&cntp=custom-unknown&sch=&scw=&vph=&vpw=&lt= HTTP/1.1
Host: howric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: browserLanguage=en; userId=01946227-22b5-7004-a7d4-40dfe2f9378d_5fed6fc3b4d23807713f247555c03a57
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Tue, 14 Jan 2025 00:12:00 GMT
content-type: text/html; charset=utf-8
location: https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: no-store, no-store, no-cache
vary: Accept
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=be2LM%2FzJBn2zZaL8juw6sJqvx%2BK4eS9ySx4T1nh4K5EVSbJBezOT6GV8Ar4knt68dbzg9dS9iKY3lklA%2FJNERYn63gF5Y0EyunIq2YyMTYvdNfUGl6IGVTtKbFGR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: browserLanguage=en; Domain=howric.com; Path=/; Expires=Thu, 13 Feb 2025 00:12:00 GMT
__cflb=02DiuG1r78wjR3ReK8PZTcTARihpx1zVBcgzrgcHq6x28; SameSite=Strict; Secure; path=/; expires=Tue, 14-Jan-25 23:12:00 GMT; HttpOnly
server: cloudflare
cf-ray: 90196973ef05569f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=522&min_rtt=437&rtt_var=120&sent=12&recv=12&lost=0&retrans=0&sent_bytes=6040&recv_bytes=1679&delivery_rate=7006451&cwnd=257&unsent_bytes=0&cid=e67aa5440331b4be&ts=739&x=0"
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/290389/1723020901/js/scripts.js?1723020901

88.221.27.146

200 OK

421 B

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/290389/1723020901/js/scripts.js?1723020901
IP
88.221.27.146:443
ASN
#20940 Akamai International B.V.

Requested by
https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
421 B (421 bytes)
Hash
8bf9e0404172038007f7454aded737a6
b8ae7ffa8c7f602d099c0eeba419faab58b42ef7
f8af39bb452432f459123ac6c1857f1c8ac602b89aba9bf9e1f9c5879de9cd36

HTTP Headers

GET /landings/290389/1723020901/js/scripts.js?1723020901 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nrmzbk.hugelovesgirls.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: dpxOTeruFg0gBhP9OHKX0sGw8kvNaPv0oVyGQ2qV9dG2xLsFGKP3o4tkdpN3flB+ov7HCAFHIXc=
x-amz-request-id: FJVPR43DJ1RQWMTJ
Last-Modified: Thu, 12 Dec 2024 08:00:10 GMT
ETag: "8bf9e0404172038007f7454aded737a6"
x-amz-server-side-encryption: AES256
x-amz-meta-ctime: 1733990408.975927412
x-amz-meta-mode: 33279
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 421
Server: AmazonS3
Date: Tue, 14 Jan 2025 00:12:00 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/290389/1723020901/js/jquery.min.js?1723020901

88.221.27.146

200 OK

30 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/290389/1723020901/js/jquery.min.js?1723020901
IP
88.221.27.146:443
ASN
#20940 Akamai International B.V.

Requested by
https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
30 kB (29855 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /landings/290389/1723020901/js/jquery.min.js?1723020901 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nrmzbk.hugelovesgirls.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: AYHCjhfP40UlGKGpRniw+uXxB2n6eZk9Su9o0EGdGv6lgwW095IPihWXnxKEq5Ij0rIXGUHHoZx+zTBIVXH4pSlxVm9t9Ujuq6jruJEouTU=
x-amz-request-id: FJVZ6ZD487W4M93K
Last-Modified: Thu, 12 Dec 2024 08:00:09 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
x-amz-server-side-encryption: AES256
x-amz-meta-ctime: 1733990408.762525316
x-amz-meta-mode: 33279
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 14 Jan 2025 00:12:00 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

1linkpath.com/favicon.ico

104.21.96.1

404 Not Found

73 kB

URL
1linkpath.com/favicon.ico
IP
104.21.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
73 kB (73175 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 1linkpath.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Tue, 14 Jan 2025 00:11:59 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oei1hclWmNVDHdh%2BaaH35CXZJkp8pexN%2FPqzoj7aArVMl8N5sRZTPt7TaNMTy%2FW7ycp9ydEPqZR4Ngu1ntwn7NA1bHh4etTCKMNm3qObwyxQByB2eNGE7BSd1hoQ7vLJ"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 9019696bf93d7130-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

cdn-dimi.akamaized.net/landings/290389/1723020901/images/video-1.mp4

88.221.27.146

206 Partial Content

931 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/290389/1723020901/images/video-1.mp4
IP
88.221.27.146:443
ASN
#20940 Akamai International B.V.

Requested by
https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
931 kB (931352 bytes)
Hash
e6ea91a06ca748a1cb83a22219c47fd4
a184fdd3422f521fce725656bed8a3f7cbe37877
bd40dd957489d3e419c5c4dfc4fa2ef098d1f1f73f0517ce65dd5949ff744354

HTTP Headers

GET /landings/290389/1723020901/images/video-1.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://nrmzbk.hugelovesgirls.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
x-amz-id-2: uKkKbGPgdGg4WWYwBGyryTWHQCbOQH4aIRnc8z/0I7XUxZBRhfUZAEmcqA0B/GKguMkHxau0OrA=
x-amz-request-id: 4DREHKTTEWPP0JPB
Last-Modified: Thu, 12 Dec 2024 08:00:08 GMT
ETag: "e6ea91a06ca748a1cb83a22219c47fd4"
x-amz-server-side-encryption: AES256
x-amz-meta-ctime: 1733990407.478017844
x-amz-meta-mode: 33279
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Tue, 14 Jan 2025 00:12:01 GMT
Content-Range: bytes 0-931351/931352
Content-Length: 931352
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

1linkpath.com/aff_c?offer_id=10707&aff_id=72437&url_id=0&aff_sub5=other&bofc=aff_c

104.21.96.1

302 Found

30 kB

URL User Request GET HTTP/3
1linkpath.com/aff_c?offer_id=10707&aff_id=72437&url_id=0&aff_sub5=other&bofc=aff_c
IP
104.21.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subject1linkpath.com
Fingerprint00:90:E7:9B:EE:94:2A:C4:09:A9:76:12:51:46:D2:51:84:1F:BF:B9
ValidityTue, 03 Dec 2024 02:19:53 GMT - Mon, 03 Mar 2025 02:19:52 GMT

File type
data
Size
30 kB (30107 bytes)
Hash
ee3c60aa1f8ec2d5a89b8c855ebf2483
9840245fa3d894659ff850334b53ec693a7def4f
cc90ab8bac71bc60f405a82e9d3d68739fc3931b5bf372ad8c3dbd337f6c40f6

HTTP Headers

GET /aff_c?offer_id=10707&aff_id=72437&url_id=0&aff_sub5=other&bofc=aff_c HTTP/1.1
Host: 1linkpath.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: language=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Tue, 14 Jan 2025 00:11:59 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U1ya4U7wbUYaBpq34Rcjlu6RKfGfeoro7f797n%2BB%2BIR4GNdjR3NSDuLlzMKar7vCZp%2F72DESAFBIJBOwUFT329xOuohsWvOasjxtXGonbmbo%2B3qDczq3%2BZnPuPYqbVSq"}],"group":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
access-control-allow-origin: undefined
access-control-allow-credentials: true
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-expose-headers: x-total-count
access-control-allow-headers: Content-Type,authorization
cache-control: private, no-store, no-cache
set-cookie: language=en; Domain=1linkpath.com; Path=/; Expires=Thu, 13 Feb 2025 00:11:58 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
location: aff_c?offer_id=9949&aff_id=72437&aff_sub5=other&bofc=aff_c&last=3
vary: Accept
cf-cache-status: DYNAMIC
cf-ray: 9019696b493c7130-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/firebase/8.2.2/firebase-app.min.js

104.17.24.14

200 OK

5.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/firebase/8.2.2/firebase-app.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02
ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

File type
JavaScript source, ASCII text, with very long lines (19780), with no line terminators
Size
5.8 kB (5762 bytes)
Hash
5e2898beab1505a629bf1254fbdf9ed8
f17ac22f600d694ae4341c4da46576e3fec0e6f4
00d770fea1249b4be3f55a037a9edd20c1fe55bda8ab1e4b6251e56cd74cd05b

HTTP Headers

GET /ajax/libs/firebase/8.2.2/firebase-app.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nrmzbk.hugelovesgirls.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 14 Jan 2025 00:12:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 5762
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ff7ae08-4d44"
last-modified: Fri, 08 Jan 2021 00:57:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2895
expires: Sun, 04 Jan 2026 00:12:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iqk%2FM3zPO%2BREbKCmCzDj3Tiyc1LcZPOBftbSYTqFWzVQumv4c0YDKT%2BWwBB6iM%2Ffu0IUZnAGzA0i1JSRlmPVU88%2BUX%2F2YF3XyRlsfEVI7zYNcOrj6VClzvt%2FTTnIZ1bChqhVn3rT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 9019697c6abf56a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.gstatic.com/firebasejs/8.2.2/firebase-messaging.js

142.250.74.99

200 OK

11 kB

URL GET HTTP/2
www.gstatic.com/firebasejs/8.2.2/firebase-messaging.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0A:7E:C7:68:03:0C:7D:D9:EA:D1:64:B5:09:F0:73:23:7E:07:0A:F2
ValidityMon, 09 Dec 2024 08:37:20 GMT - Mon, 03 Mar 2025 08:37:19 GMT

File type
JavaScript source, ASCII text, with very long lines (40719)
Size
11 kB (10840 bytes)
Hash
b183329c90af8d64337b925c208e7a14
9f5a49eab81c119d28416ba96f0390fdbc5a4565
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf

HTTP Headers

GET /firebasejs/8.2.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nrmzbk.hugelovesgirls.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 Jan 2025 16:26:08 GMT
expires: Sat, 10 Jan 2026 16:26:08 GMT
cache-control: public, max-age=31536000
age: 287153
last-modified: Thu, 07 Jan 2021 21:51:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:opsz,wght@14..32,100..900&display=swap

142.250.74.10

200 OK

4.7 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:opsz,wght@14..32,100..900&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint40:E7:4C:FA:6D:23:B6:A9:19:0C:67:77:3A:43:22:D0:A4:CE:49:24
ValidityMon, 09 Dec 2024 08:37:20 GMT - Mon, 03 Mar 2025 08:37:19 GMT

File type
gzip compressed data, max compression
Size
4.7 kB (4703 bytes)
Hash
5b5c70375e463f4564cc3382055f3fc9
ce33d031e4f03983cacfd324757ad2d4a9881ced
fbe103d77d8cb1158504c24706b0bd7b20435e44f16868bd0f71ce635faed69d

HTTP Headers

GET /css2?family=Inter:opsz,wght@14..32,100..900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 14 Jan 2025 00:12:01 GMT
date: Tue, 14 Jan 2025 00:12:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nrmzbk.hugelovesgirls.net/js/pushjs/1.0.0/subscriber.js

52.19.138.177

200 OK

14 kB

URL GET HTTP/2
nrmzbk.hugelovesgirls.net/js/pushjs/1.0.0/subscriber.js
IP
52.19.138.177:443
ASN
#16509 AMAZON-02

Requested by
https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
Certificate
IssuerLet's Encrypt
Subject*.hugelovesgirls.net
FingerprintBE:3E:9E:4B:11:AC:90:EC:C5:BD:0A:35:A2:FF:38:EC:3B:D6:84:95
ValiditySat, 02 Nov 2024 07:48:53 GMT - Fri, 31 Jan 2025 07:48:52 GMT

File type
JavaScript source, ASCII text, with very long lines (599)
Size
14 kB (14326 bytes)
Hash
ac569ffc0beb63e3e3aa9bc96f034b00
cd26d911112f00087a6dd8c4a92fb858ec2d3bbd
197fbcbda196254842164e91f2f0873c08a569189262d335f82d05235f33cd23

HTTP Headers

GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: nrmzbk.hugelovesgirls.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nrmzbk.hugelovesgirls.net/?s1=198094&s2=1897625&s3=px1289&s5=backuser&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&iexpp=1&j1=1&j9=1&utm_source=da57dc555e50572d
Cookie: unique_id=678589af000c09ae; unique_id2=678589af000d9509; 678589af000d9509_c=1; ref_token=1018_198094; 678589af000d9509_sl=[290389]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 14 Jan 2025 00:12:01 GMT
content-type: application/javascript
expires: Tue, 21 Jan 2025 00:12:01 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1

52.19.138.177

200 OK

20 kB

URL User Request GET HTTP/2
nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
IP
52.19.138.177:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.hugelovesgirls.net
FingerprintBE:3E:9E:4B:11:AC:90:EC:C5:BD:0A:35:A2:FF:38:EC:3B:D6:84:95
ValiditySat, 02 Nov 2024 07:48:53 GMT - Fri, 31 Jan 2025 07:48:52 GMT

File type

Size
20 kB (20417 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1 HTTP/1.1
Host: nrmzbk.hugelovesgirls.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 14 Jan 2025 00:12:00 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=678589af000c09ae; Path=/; Expires=Sat, 15 Mar 2025 00:12:00 GMT; Secure; SameSite=None
unique_id2=678589af000d9509; Path=/; Expires=Mon, 14 Apr 2025 00:12:00 GMT; Secure; SameSite=None
678589af000d9509_c=1; Path=/; Expires=Mon, 14 Apr 2025 00:12:00 GMT; Secure; SameSite=None
ref_token=1018_198094; Path=/; Expires=Thu, 13 Feb 2025 00:12:00 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Tue, 14 Jan 2025 00:12:00 GMT; Secure; SameSite=None
678589af000d9509_sl=[290389]; Path=/; Expires=Tue, 28 Jan 2025 00:12:00 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/images/favicon.ico

88.221.27.146

200 OK

4.1 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/images/favicon.ico
IP
88.221.27.146:443
ASN
#20940 Akamai International B.V.

Requested by
https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nrmzbk.hugelovesgirls.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 5BYso0zvwO1G7FAX7c0Uj7oal4dn1d39Ac9efFl8Uh40ypYXbOuBKVzcDbFG9ZPgLER5SY4kR/A=
x-amz-request-id: MWA1913WVHEF8Q34
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Server: AmazonS3
Content-Length: 4103
Date: Tue, 14 Jan 2025 00:12:01 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

1linkpath.com/aff_c?offer_id=9949&aff_id=72437&aff_sub5=other&bofc=aff_c&last=3

104.21.96.1

200 OK

629 B

URL User Request GET HTTP/3
1linkpath.com/aff_c?offer_id=9949&aff_id=72437&aff_sub5=other&bofc=aff_c&last=3
IP
104.21.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subject1linkpath.com
Fingerprint00:90:E7:9B:EE:94:2A:C4:09:A9:76:12:51:46:D2:51:84:1F:BF:B9
ValidityTue, 03 Dec 2024 02:19:53 GMT - Mon, 03 Mar 2025 02:19:52 GMT

File type
HTML document, ASCII text, with very long lines (661), with no line terminators
Size
629 B (629 bytes)
Hash
3d5492f8c99adda8bb323293bb05a5c9
e1050da88213e8c596edc776afae645a38c48b62
386726ab679f94563870dc780ef39d83ee736fc5d7592025fd167dc6f5df0756

HTTP Headers

GET /aff_c?offer_id=9949&aff_id=72437&aff_sub5=other&bofc=aff_c&last=3 HTTP/1.1
Host: 1linkpath.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: language=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 14 Jan 2025 00:11:59 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8rEr2Aw7TuRoFDdMSCOT4qNbqkscj9XE67IAsTERfM%2BayGxtgHob3gUazvh%2FI6vzVEZcg1uAwKh%2FOztFVRlgQomoFDYZmu8we3c47mWQZMo5rsutp2wDWFo039bpPDEL"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
access-control-allow-origin: undefined
access-control-allow-credentials: true
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-expose-headers: x-total-count
access-control-allow-headers: Content-Type,authorization
cache-control: private, no-store, no-cache
set-cookie: language=en; Domain=1linkpath.com; Path=/; Expires=Thu, 13 Feb 2025 00:11:59 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
9949=46_72437_9949_d5436e1f00a0fa78142dcc0d049e8944; Domain=1linkpath.com; Path=/; Expires=Thu, 13 Feb 2025 00:11:59 GMT; Secure; SameSite=None
op_9949=0; Domain=1linkpath.com; Path=/; Expires=Thu, 13 Feb 2025 00:11:59 GMT
user_id=54e19001-aad7-4268-943d-315ee4d7b188_6d680584be1d373a33a6912c70b6bc5a; Domain=1linkpath.com; Path=/; Expires=Sun, 13 Jan 2030 00:11:59 GMT; Secure; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9019696ea93e7130-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

cdn-dimi.akamaized.net/landings/290389/1723020901/css/reset.min.css?1723020901

88.221.27.146

200 OK

1.1 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/290389/1723020901/css/reset.min.css?1723020901
IP
88.221.27.146:443
ASN
#20940 Akamai International B.V.

Requested by
https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1197), with no line terminators
Size
1.1 kB (1071 bytes)
Hash
876b0eef78dbb83fadbfa8d5e6895d1d
6665ed482e49db6387aa4a32244280970f4c1431
5c1715f735ee99abbd856b8b0688f02e822dc8efac6e65d38caec26152b95126

HTTP Headers

GET /landings/290389/1723020901/css/reset.min.css?1723020901 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nrmzbk.hugelovesgirls.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: X7a0i0gwsLejCIXD9kQ05iriV1bu76O3ElwtPKK65TZFrPvErodblEKAmgor9s4IN89HFwRWCFc=
x-amz-request-id: FJVMZ0STH1M5BKYT
Last-Modified: Thu, 12 Dec 2024 08:00:07 GMT
ETag: "36f11c31f5b3885dc017f41ed8f5817c"
x-amz-server-side-encryption: AES256
x-amz-meta-ctime: 1733990406.069358773
x-amz-meta-mode: 33279
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 14 Jan 2025 00:12:00 GMT
Content-Length: 527
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

fonts.gstatic.com/s/inter/v18/UcCo3FwrK3iLTcvmYwYL8g.woff2

142.250.74.35

200 OK

30 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v18/UcCo3FwrK3iLTcvmYwYL8g.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0A:7E:C7:68:03:0C:7D:D9:EA:D1:64:B5:09:F0:73:23:7E:07:0A:F2
ValidityMon, 09 Dec 2024 08:37:20 GMT - Mon, 03 Mar 2025 08:37:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 29588, version 1.0
Size
30 kB (29588 bytes)
Hash
6d1c79015884cf5da3044fb1fe6523a7
b29b4dac362d47960ee54a500b46a5b9719d26ad
1e3ca90db51ad9fda114ef8ba6d0934102f7e94e9dfb0a7e727447ac741feb00

HTTP Headers

GET /s/inter/v18/UcCo3FwrK3iLTcvmYwYL8g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nrmzbk.hugelovesgirls.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 Jan 2025 18:53:49 GMT
expires: Sat, 10 Jan 2026 18:53:49 GMT
cache-control: public, max-age=31536000
age: 278292
last-modified: Mon, 29 Jul 2024 22:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nrmzbk.hugelovesgirls.net/js/pushjs/1.0.0/utils.js

52.19.138.177

200 OK

7.1 kB

URL GET HTTP/2
nrmzbk.hugelovesgirls.net/js/pushjs/1.0.0/utils.js
IP
52.19.138.177:443
ASN
#16509 AMAZON-02

Requested by
https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
Certificate
IssuerLet's Encrypt
Subject*.hugelovesgirls.net
FingerprintBE:3E:9E:4B:11:AC:90:EC:C5:BD:0A:35:A2:FF:38:EC:3B:D6:84:95
ValiditySat, 02 Nov 2024 07:48:53 GMT - Fri, 31 Jan 2025 07:48:52 GMT

File type
JavaScript source, ASCII text, with very long lines (7334), with no line terminators
Size
7.1 kB (7071 bytes)
Hash
7df62062a027cd25d5a179c520f38668
0ddaa8cd9090908d987e0299cef74fbf7f118738
cdf93aff990bae251f609ef00d7d2bdbb56a35f003c7184ba067b5948629faa3

HTTP Headers

GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: nrmzbk.hugelovesgirls.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nrmzbk.hugelovesgirls.net/?s1=198094&s2=1897625&s3=px1289&s5=backuser&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&iexpp=1&j1=1&j9=1&utm_source=da57dc555e50572d
Cookie: unique_id=678589af000c09ae; unique_id2=678589af000d9509; 678589af000d9509_c=1; ref_token=1018_198094; 678589af000d9509_sl=[290389]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 14 Jan 2025 00:12:01 GMT
content-type: application/javascript
expires: Tue, 21 Jan 2025 00:12:01 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v18/UcCo3FwrK3iLTcviYwY.woff2

142.250.74.35

200 OK

73 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v18/UcCo3FwrK3iLTcviYwY.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0A:7E:C7:68:03:0C:7D:D9:EA:D1:64:B5:09:F0:73:23:7E:07:0A:F2
ValidityMon, 09 Dec 2024 08:37:20 GMT - Mon, 03 Mar 2025 08:37:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 73080, version 1.0
Size
73 kB (73080 bytes)
Hash
b78b5c4671c26f1509dc6c7ff058398e
cdd970d25e7e6a1810e728f4fb6ee35d1b5ae00b
94ebe9c247ba14fd314a779358315f3e9dd2356c0e8070f42b208db2d5e21d6a

HTTP Headers

GET /s/inter/v18/UcCo3FwrK3iLTcviYwY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nrmzbk.hugelovesgirls.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 73080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Jan 2025 00:31:40 GMT
expires: Sun, 11 Jan 2026 00:31:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:45:17 GMT
content-type: font/woff2
age: 258021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/290389/1723020901/js/translates.js?1723020901

88.221.27.146

200 OK

42 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/290389/1723020901/js/translates.js?1723020901
IP
88.221.27.146:443
ASN
#20940 Akamai International B.V.

Requested by
https://nrmzbk.hugelovesgirls.net/?utm_source=da57dc555e50572d&s1=198094&s2=1897625&s3=px1289&s5=NzI0MzdfcHgxMjg5&click_id=01946227-22b6-7004-a7d4-4855dda5ea8a&j1=1&j9=1
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type

Size
42 kB (42495 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /landings/290389/1723020901/js/translates.js?1723020901 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nrmzbk.hugelovesgirls.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: xBIdvGgxFL4KJe6kuug1VXkIX/Xv+/fNcsozksh4kd65ud5FMOPM+vFwZSHoXgiRpvHLmKSzQpA=
x-amz-request-id: FJVPDC5FAMKHBZKQ
Last-Modified: Thu, 12 Dec 2024 08:00:10 GMT
ETag: "5b7e1329b87e61452e1b93ca3632bef4"
x-amz-server-side-encryption: AES256
x-amz-meta-ctime: 1733990409.183749532
x-amz-meta-mode: 33279
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 14 Jan 2025 00:12:00 GMT
Content-Length: 15353
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML