urlscan.io logo urlscan.io
SecurityTrails logo

www.downundercuties.com Open in urlscan Pro
15.235.55.215  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://go.adspop.me/sp=1&to=d59d54ad67215190f7fd9feb438ee8581a1c0a4f
Effective URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult...
Submission: On February 03 via manual from ID — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 14 domains to perform 48 HTTP transactions. The main IP is 15.235.55.215, located in Canada and belongs to OVH, FR. The main domain is www.downundercuties.com.
TLS certificate: Issued by R3 on December 26th 2022. Valid for: 3 months.
This is the only time www.downundercuties.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 172.67.144.5 13335 (CLOUDFLAR...)
1 1 104.21.39.92 13335 (CLOUDFLAR...)
1 7 104.21.77.26 13335 (CLOUDFLAR...)
2 142.250.4.95 15169 (GOOGLE)
2 142.251.12.97 15169 (GOOGLE)
1 142.251.12.105 15169 (GOOGLE)
1 217.22.19.194 42567 (MOJHOST-EU)
4 142.251.12.94 15169 (GOOGLE)
2 3 95.211.229.245 60781 (LEASEWEB-...)
4 172.253.118.113 15169 (GOOGLE)
1 142.250.4.94 15169 (GOOGLE)
1 18 51.89.234.204 16276 (OVH)
1 15.235.55.215 16276 (OVH)
2 104.16.125.175 13335 (CLOUDFLAR...)
2 74.125.68.95 15169 (GOOGLE)
48 15
5    172.67.144.5 (United States)

ASN13335 (CLOUDFLARENET, US)
go.adspop.me
trac.adspop.me
1    104.21.39.92 (None, )

ASN13335 (CLOUDFLARENET, US)
trac.adspop.me
7    104.21.77.26 (None, )

ASN13335 (CLOUDFLARENET, US)
short.adnet.cash
2    142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net
fonts.googleapis.com
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
1    142.251.12.105 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f105.1e100.net
www.google.com
1    217.22.19.194 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
go.ero-advertising.com
4    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
fonts.gstatic.com
3    95.211.229.245 (Huizen, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.optimizesrv.com
s.optnx.com
4    172.253.118.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f113.1e100.net
www.google-analytics.com
1    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
www.gstatic.com
18    51.89.234.204 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3163846.ip-51-89-234.eu
www.srv69.eu
1    15.235.55.215 (Canada)

ASN16276 (OVH, FR)
PTR: ns5013088.ip-15-235-55.net
www.downundercuties.com
2    104.16.125.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    74.125.68.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f95.1e100.net
ajax.googleapis.com
Apex Domain
Subdomains		 Transfer
18 srv69.eu
www.srv69.eu — Cisco Umbrella Rank: 782804
502 KB
7 adnet.cash
short.adnet.cash
173 KB
6 adspop.me
go.adspop.me — Cisco Umbrella Rank: 900880
trac.adspop.me — Cisco Umbrella Rank: 944975
68 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
92 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
40 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
ajax.googleapis.com — Cisco Umbrella Rank: 295
63 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 777
45 KB
2 optimizesrv.com
syndication.optimizesrv.com — Cisco Umbrella Rank: 505001
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
86 KB
1 downundercuties.com
www.downundercuties.com
9 KB
1 optnx.com
s.optnx.com — Cisco Umbrella Rank: 24601
987 B
1 ero-advertising.com
go.ero-advertising.com — Cisco Umbrella Rank: 433526
3 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
901 B
0 eabids.com Failed
static.eabids.com Failed
48 14
Domain Requested by
18 www.srv69.eu 1 redirects www.downundercuties.com
7 short.adnet.cash 1 redirects short.adnet.cash
5 trac.adspop.me 2 redirects trac.adspop.me
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 fonts.gstatic.com fonts.googleapis.com
2 ajax.googleapis.com www.downundercuties.com
2 unpkg.com www.downundercuties.com
2 syndication.optimizesrv.com 1 redirects
2 www.googletagmanager.com short.adnet.cash
www.downundercuties.com
2 fonts.googleapis.com short.adnet.cash
www.downundercuties.com
1 www.downundercuties.com syndication.optimizesrv.com
1 s.optnx.com 1 redirects
1 www.gstatic.com www.google.com
1 go.ero-advertising.com short.adnet.cash
1 www.google.com short.adnet.cash
1 go.adspop.me 1 redirects
0 static.eabids.com Failed go.ero-advertising.com
48 17

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.ero-advertising.com
R3		 2022-12-19 -
2023-03-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
optimizesrv.com
R3		 2022-12-12 -
2023-03-12		 3 months crt.sh
downundercuties.com
R3		 2022-12-26 -
2023-03-26		 3 months crt.sh
*.srv69.eu
R3		 2022-12-17 -
2023-03-17		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Frame ID: FBC337F5E74AE2B4953AD407F9A106C4
Requests: 46 HTTP requests in this frame

Frame: https://go.ero-advertising.com/banner.go?spaceid=5112185
Frame ID: 1620276BC05624D41F969F0A1058455D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Downundercuties.com

Page URL History Show full URLs

  1. https://go.adspop.me/sp=1&to=d59d54ad67215190f7fd9feb438ee8581a1c0a4f HTTP 302
    http://trac.adspop.me/gz1SesH0DUr8FT7sj?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D HTTP 301
    https://trac.adspop.me/gz1SesH0DUr8FT7sj?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D Page URL
  2. https://trac.adspop.me/links/popad HTTP 301
    https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D Page URL
  3. https://short.adnet.cash/links/popad HTTP 301
    https://syndication.optimizesrv.com/splash.php?type=8&idzone=745 Page URL
  4. https://syndication.optimizesrv.com/splash.php?type=8&idzone=745&p=https%3A%2F%2Fshort.adnet.cash%2F&tested=1&ch... HTTP 302
    https://s.optnx.com/cimp.php?data=TVRZM05UUXhNVE16Tkh4aFkyVTBNalEwTURaa016RTVNMkUwWTJFMU1ERXlNMk... HTTP 302
    https://www.srv69.eu/smartlink/?hash=c2b51c59-0235-475f-887d-9228129204fb&exffir=eyJjIjoiZGY2YmMy... HTTP 302
    https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • leaflet.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

48
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

17
Subdomains

15
IPs

5
Countries

1080 kB
Transfer

2270 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go.adspop.me/sp=1&to=d59d54ad67215190f7fd9feb438ee8581a1c0a4f HTTP 302
    http://trac.adspop.me/gz1SesH0DUr8FT7sj?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D HTTP 301
    https://trac.adspop.me/gz1SesH0DUr8FT7sj?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D Page URL
  2. https://trac.adspop.me/links/popad HTTP 301
    https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D Page URL
  3. https://short.adnet.cash/links/popad HTTP 301
    https://syndication.optimizesrv.com/splash.php?type=8&idzone=745 Page URL
  4. https://syndication.optimizesrv.com/splash.php?type=8&idzone=745&p=https%3A%2F%2Fshort.adnet.cash%2F&tested=1&check=df6bc240d62ca568a414ef6076d2ab95&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
    https://s.optnx.com/cimp.php?data=TVRZM05UUXhNVE16Tkh4aFkyVTBNalEwTURaa016RTVNMkUwWTJFMU1ERXlNMkkxT1dZNU5USmhOUS0tfGh0dHBzOi8vd3d3LnNydjY5LmV1L3NtYXJ0bGluay8_aGFzaD1jMmI1MWM1OS0wMjM1LTQ3NWYtODg3ZC05MjI4MTI5MjA0ZmJ8aHR0cHN8MTczLjI0NS4yMDkuMTc3fEFVU3w0MXxqYXZzdWJ0aXRsZS5jb3w1Nzc3NTR8MTM0ODAwfDgwNjkyNXwzNTExMTI1fDUwOHw1MTkxMzQ0fDc0MzM0NDkyfDQwfDJ8MHwwfDB8NzQ1fDUwfDkwfEVVUnxFVVJ8MXwxLjA4NzV8MjJ8fDF8QVVTfHwyMHw0fDF8fDYzZGNiZjg1YmY4ODI0LjA4NTkyNzAxNDA5Mjk4MjY0NXxkNTIyZGMzNWJmZTFkNjMzZTJlM2RhMjUzNGY3ODZhZXwxfDB8c2hvcnQuYWRuZXQuY2FzaHwwfDB8MHwwLjAyfDF8MHxleGNoYW5nZV9saW5rfDB8MHwyMTU1NDAwfC0xfDB8MjE0NzcxNHxob3N0aW5nfHZwbnwxfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHx8OHwxfE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDkuMC41NDE0LjExOSBTYWZhcmkvNTM3LjM2fHxPS3xjZTc1MjczOGM2NWJmOTFiM2U0N2I1NThkYzgxNjE2YQ--&exo_cid=1663&exffir=eyJjIjoiZGY2YmMyNDBkNjJjYTU2OGE0MTRlZjYwNzZkMmFiOTUiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIxNjAweDEyMDAiLCJpIjoiMCJ9 HTTP 302
    https://www.srv69.eu/smartlink/?hash=c2b51c59-0235-475f-887d-9228129204fb&exffir=eyJjIjoiZGY2YmMyNDBkNjJjYTU2OGE0MTRlZjYwNzZkMmFiOTUiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIxNjAweDEyMDAiLCJpIjoiMCJ9 HTTP 302
    https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://go.adspop.me/sp=1&to=d59d54ad67215190f7fd9feb438ee8581a1c0a4f HTTP 302
  • http://trac.adspop.me/gz1SesH0DUr8FT7sj?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D HTTP 301
  • https://trac.adspop.me/gz1SesH0DUr8FT7sj?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
Request Chain 3
  • https://trac.adspop.me/links/popad HTTP 301
  • https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
Request Chain 15
  • https://short.adnet.cash/links/popad HTTP 301
  • https://syndication.optimizesrv.com/splash.php?type=8&idzone=745

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
gz1SesH0DUr8FT7sj
trac.adspop.me/
Redirect Chain
  • https://go.adspop.me/sp=1&to=d59d54ad67215190f7fd9feb438ee8581a1c0a4f
  • http://trac.adspop.me/gz1SesH0DUr8FT7sj?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
  • https://trac.adspop.me/gz1SesH0DUr8FT7sj?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
9 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trac.adspop.me/gz1SesH0DUr8FT7sj?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.144.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1b120437cbc1eef249776e788cad6708c8c95995e5f3b907d374037765f0b1b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7939a48a0d41a87d-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 03 Feb 2023 08:02:09 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPZBvY1tNxcSV73%2Boz5ULYWs1ZY1UV4VH42xj0TUQwj2VcCsKz1qFHSMkabIoIEp1WimcSqKzX6Xp%2FwK28%2BbnuHSR7h59eZsUIUo2hwH9jN73oJ3rssZXyouTREjo8fDBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

CF-RAY
7939a48958a6aadb-SYD
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 03 Feb 2023 08:02:09 GMT
Expires
Fri, 03 Feb 2023 09:02:09 GMT
Location
https://trac.adspop.me/gz1SesH0DUr8FT7sj?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSLli%2FyBxYqH9b7QPBVxQNPLuivOJwZoiUEMvVnZIxQIL%2FePWVGg0%2BZJIpXsiASc%2FPrklA0iJEK6V%2FoCQ4ENeQhIXmyVcROnXyRAIBkAvLepopiov0JwSxbZdQUJ0%2BJ%2Blw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ads.js
trac.adspop.me/js/ 		106 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trac.adspop.me/js/ads.js
Requested by
Host: trac.adspop.me
URL: https://trac.adspop.me/gz1SesH0DUr8FT7sj?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.144.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://trac.adspop.me/gz1SesH0DUr8FT7sj?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:10 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 12 Jun 2017 21:11:24 GMT
server
cloudflare
age
527
etag
W/"6a-551c9c2ead700-gzip"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5UXkxFV03rVPbLhghhjOYL2OuwYeuYqv%2BjCOF2deoxLDMomQPm3AYljbwj4LgDvEqMkP83BGplJiLTTNLZ8oJg15HMXWn1ul002c%2BAF0VYa%2B8ZPkd6767AVlu7fv9ndgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7939a48cff84a87d-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
script.min.js
trac.adspop.me/modern_theme/build/js/ 		192 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trac.adspop.me/modern_theme/build/js/script.min.js?ver=4.5.1
Requested by
Host: trac.adspop.me
URL: https://trac.adspop.me/gz1SesH0DUr8FT7sj?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.144.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58b8b919bc0d87670d60621cdaa8d6fd29bf58a01664d18836d6193aa014c954

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://trac.adspop.me/gz1SesH0DUr8FT7sj?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 02 Sep 2017 15:46:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2ff16-55836c6e61900-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrespMYRvmFoIezpepVX9KJzuytbCGCNFn4BKhD5lTnPpdVe8ux0eOI1SONLG6D7qoKYKceFJAxqI1KBgI6UUo6Y4c9et%2BFJnBuMXlAbPEx6xCY9mLhSoPsAn3O4UP5%2B4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7939a48cff87a87d-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
BUn9xVP9er4Ga4Am
short.adnet.cash/
Redirect Chain
  • https://trac.adspop.me/links/popad
  • https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
12 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.21.77.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6778284577f9cfff0b561c5d98f252c7daf4506e34555ad54b4378141f792db5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://trac.adspop.me
Referer
https://trac.adspop.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7939a4949f38aad2-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 03 Feb 2023 08:02:11 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2AQmJvIhkldFM65XEscIqxfUJ4PrzCPcjAKJPVe6YLfsRz5RkJ3O%2BqRTSy0FMKdZnC9Mi0f0GreXM4%2FfsqVV8XAHnRjlXUXmFffgwg9sHuzQb%2FqZZ9TCvmaRoJTSm31CqLg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7939a4905a3ca87d-SYD
content-type
text/html; charset=UTF-8
date
Fri, 03 Feb 2023 08:02:10 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdIGNjnQMM6Zs6MsINE5ojC%2FJLKDbJ1hohYhcf%2FHeFQdVX4v2I5nyxTzBlw30vRP0Ky60Un8ipX%2BiTSjocZiJn%2FKoN1sSCPc9dF69BAovLHLeX%2F6wnBLvC59VRqfYFZKoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Requested by
Host: short.adnet.cash
URL: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
eced69e931e3d6fbbb896aec7733312d0f897063880d3d73b1403c5ca82aba7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://short.adnet.cash/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Feb 2023 08:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 06:24:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Feb 2023 08:02:12 GMT
styles.min.css
short.adnet.cash/modern_theme/build/css/ 		225 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://short.adnet.cash/modern_theme/build/css/styles.min.css?ver=4.5.1
Requested by
Host: short.adnet.cash
URL: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.21.77.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a70e6409c8d31c1305875c330fb419b1ab556bf3855d0fe1e67cc778b2e2d39c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Sep 2020 14:06:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3163
etag
W/"384e3-5b00fb5c814da-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDfSao%2BAAxkX5TSXrLLma4fFzY5D9oreMLuXwICf1c3kLKet7TMdHCAVOtffsAcbD4Lm5JAEHY%2F42mFbYdgVElsRZxeBj4sPI8wvfSGsVxkzyyVtmuZTepO7DmqqmKB17pc8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7939a497db24aad2-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111790449-1
Requested by
Host: short.adnet.cash
URL: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://short.adnet.cash/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43924
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Feb 2023 08:02:12 GMT
ads.js
short.adnet.cash/js/ 		106 B
408 B 		Script
General
Check archive.org
Download Go to
Full URL
https://short.adnet.cash/js/ads.js
Requested by
Host: short.adnet.cash
URL: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.21.77.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:11 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 18 Dec 2017 20:31:31 GMT
server
cloudflare
age
3163
etag
W/"6a-560a33c4a6ec0-gzip"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyrzI%2B09cTFY%2BbZigNT6SJyCd3ImTHa47%2B1hHmTxB7sFyJHRNG2%2Fma2cO49f2U2yerfrYITPv272SOVNA%2BosstvdrgMFuQCXsVcgPT7RmnTzf5LObo%2FbbJrN%2F4QEakHPIi27"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7939a497eb40aad2-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
script.min.js
short.adnet.cash/modern_theme/build/js/ 		192 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://short.adnet.cash/modern_theme/build/js/script.min.js?ver=4.5.1
Requested by
Host: short.adnet.cash
URL: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.21.77.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a5c71301f29f4b6c91efb3e913655c063523e9fecd20da490afdcfdd8955349

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 27 Aug 2019 15:05:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3163
etag
W/"2ff5a-5911a9bf38184-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBMmLp2tBvz5QaeatDJAY45qlg9nzEKsol55e%2Bq360T88WZglJ9cN%2FLvLG8pWhZD1aDQHWLhUaufZFRIPPg7J4ZBaA5Yh9RnPMbZ74CxxggJJxewTUGXMvU3xUkw9zJ73Lwm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7939a497eb43aad2-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api.js
www.google.com/recaptcha/ 		918 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: short.adnet.cash
URL: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://short.adnet.cash/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
581
x-xss-protection
1; mode=block
expires
Fri, 03 Feb 2023 08:02:12 GMT
banner.go
go.ero-advertising.com/ Frame 1620 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.ero-advertising.com/banner.go?spaceid=5112185
Requested by
Host: short.adnet.cash
URL: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.22.19.194 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://short.adnet.cash/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
content-length
2619
content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 08:02:13 GMT
expires
Mon, 03 Jul 2001 06:00:00 GMT
last-modified
Fri, 03 02 2023 08:02:13 GMT
pragma
no-cache
server
nginx
x-backend-server
nl2-web-202
header.jpg
short.adnet.cash/modern_theme/build/img/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://short.adnet.cash/modern_theme/build/img/header.jpg
Requested by
Host: short.adnet.cash
URL: https://short.adnet.cash/modern_theme/build/css/styles.min.css?ver=4.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.77.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://short.adnet.cash/modern_theme/build/css/styles.min.css?ver=4.5.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:12 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Dec 2017 03:37:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
694
etag
"db38-560a92ed4f0c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3Yu5LZHeuacCXxA7wP%2BSgJmcF%2FZO%2BdKv3E5A8asT6AMawhDEyYJc4Wbgj%2Bz5ngGqC2PNfx4qpaBFvgO%2F%2FQI0o2J2%2BTXGh%2FXYfUJM6ZorvM9JlrPo3z0ZKLpni240Aa1ier8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7939a49b88e6dfaf-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56120
footer.jpg
short.adnet.cash/modern_theme/build/img/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://short.adnet.cash/modern_theme/build/img/footer.jpg
Requested by
Host: short.adnet.cash
URL: https://short.adnet.cash/modern_theme/build/css/styles.min.css?ver=4.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.77.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://short.adnet.cash/modern_theme/build/css/styles.min.css?ver=4.5.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:12 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Dec 2017 20:31:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3151
etag
"33fd-560a33c4a6ec0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNyhjsm1NAffifokPtHZqRI3wFgFtDeCioXk%2Fvr%2FwEVTRj0uD4zePxHxs%2BtMQ8Bpc9ebGyjeJTf82ELuUwbHmz%2BlV5tV4X7e3VHksDAAE%2BKWBy6ewT9CEuAwu5q7RMLLSchW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7939a49b88e9dfaf-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13309
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://short.adnet.cash
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 09:59:27 GMT
x-content-type-options
nosniff
age
252165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31196
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:43:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 09:59:27 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://short.adnet.cash
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 16:44:04 GMT
x-content-type-options
nosniff
age
314288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 16:44:04 GMT
splash.php
syndication.optimizesrv.com/
Redirect Chain
  • https://short.adnet.cash/links/popad
  • https://syndication.optimizesrv.com/splash.php?type=8&idzone=745
1 KB
898 B 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.optimizesrv.com/splash.php?type=8&idzone=745
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.245 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://short.adnet.cash
Referer
https://short.adnet.cash/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Feb 2023 08:02:13 GMT
Server
nginx
Transfer-Encoding
chunked
X-Robots-Tag
noindex, follow

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7939a49b9900dfaf-SYD
content-type
text/html; charset=UTF-8
date
Fri, 03 Feb 2023 08:02:12 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://syndication.optimizesrv.com/splash.php?type=8&idzone=745
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VegkCC9QogQAJjTumVWXjN%2Fu4nOXa3LBFwOaFABtnHbUcOZvbUl8w%2BvmAATMVgjsvHKLEKAsWTDAg02tkvQSYr7OF%2BJ02jqhHsQpZWj8taV7huMEVSjUgsUn3IaQMSG%2BjQ6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111790449-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://short.adnet.cash/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Feb 2023 07:56:26 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
347
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 03 Feb 2023 09:56:26 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 		269 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://short.adnet.cash/
Origin
https://short.adnet.cash
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 17:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163841
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 17:01:03 GMT
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=914947785&t=pageview&_s=1&dl=https%3A%2F%2Fshort.adnet.cash%2FBUn9xVP9er4Ga4Am%3Fpop%3DSxK09NYQxTuidSu%252BOQt3Fw%253D%253D&dr=https%3A%2F%2Ftrac.adspop.me%2F&ul=en-us&de=UTF-8&dt=Adnet.Cash&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=583088118&gjid=2003033029&cid=969937360.1675411334&tid=UA-111790449-1&_gid=1805316131.1675411334&_r=1&_slc=1&gtm=457e3210&z=647489958
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://short.adnet.cash/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 08:02:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://short.adnet.cash
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
33839.jpg
static.eabids.com/data/bannerpools/112022/ Frame 1620 		0
0
Primary Request /
www.downundercuties.com/slp/
Redirect Chain
  • https://syndication.optimizesrv.com/splash.php?type=8&idzone=745&p=https%3A%2F%2Fshort.adnet.cash%2F&tested=1&check=df6bc240d62ca568a414ef6076d2ab95&screen_resolution=1600x1200&container_resolution...
  • https://s.optnx.com/cimp.php?data=TVRZM05UUXhNVE16Tkh4aFkyVTBNalEwTURaa016RTVNMkUwWTJFMU1ERXlNMkkxT1dZNU5USmhOUS0tfGh0dHBzOi8vd3d3LnNydjY5LmV1L3NtYXJ0bGluay8_aGFzaD1jMmI1MWM1OS0wMjM1LTQ3NWYtODg3ZC0...
  • https://www.srv69.eu/smartlink/?hash=c2b51c59-0235-475f-887d-9228129204fb&exffir=eyJjIjoiZGY2YmMyNDBkNjJjYTU2OGE0MTRlZjYwNzZkMmFiOTUiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIxNjAweDEyMDAiLCJpIjoi...
  • https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
36 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Requested by
Host: syndication.optimizesrv.com
URL: https://syndication.optimizesrv.com/splash.php?type=8&idzone=745
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
15.235.55.215 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5013088.ip-15-235-55.net
Software
Apache/2 /
Resource Hash
b06f9e782e0e6491241eea25ee7f032783cd6104953942c55031092e9856ebe2

Request headers

Referer
https://syndication.optimizesrv.com/splash.php?type=8&idzone=745
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-length
8688
content-type
text/html; charset=UTF-8
date
Fri, 03 Feb 2023 08:02:17 GMT
server
Apache/2
vary
Accept-Encoding,User-Agent

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 03 Feb 2023 08:02:16 GMT
location
https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
server
Apache/2
vary
User-Agent
styles.min.css
www.srv69.eu/slp/36/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.srv69.eu/slp/36/css/styles.min.css
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
7a990f697791b207988712c61861b01adcf7c5eb6220065b0365fd058a960685

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
content-encoding
gzip
last-modified
Thu, 23 Jun 2022 10:50:40 GMT
server
Apache/2
etag
"1339-5e21b397c6000-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
1359
login.min.css
www.srv69.eu/slp/36/css/ 		1 KB
561 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.srv69.eu/slp/36/css/login.min.css
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
c35d893f67318c2bf8a1565762293ba63ac3e3a0e98d4538aa389ce509c7046a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
content-encoding
gzip
last-modified
Thu, 23 Jun 2022 10:51:32 GMT
server
Apache/2
etag
"478-5e21b3c95d500-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
415
corner.css
www.srv69.eu/slp/36/css/ 		255 B
280 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.srv69.eu/slp/36/css/corner.css
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
21b85cf45e99aea9fd32f5ec188b8af730b1f9f45cf3140a0ab64f9bd42e911c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
content-encoding
gzip
last-modified
Thu, 23 Jun 2022 10:51:50 GMT
server
Apache/2
etag
"ff-5e21b3da87d80-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
205
css2
fonts.googleapis.com/ 		4 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Feb 2023 08:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 06:08:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Feb 2023 08:02:18 GMT
leaflet.css
unpkg.com/leaflet@1.7.1/dist/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/leaflet@1.7.1/dist/leaflet.css
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.125.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f7caf4ce6fdf87365cfea9d1cc55cf599440bb2dd204cb9349a573b92ea1d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.downundercuties.com/
Origin
https://www.downundercuties.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:18 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
25701308
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G0D62Q5X8FK72ZE231M1APJQ-syd
server
cloudflare
etag
W/"37c0-cW5oWHzFcgrzuKuBtMixbfPjmt4"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7939a4c3a8a9a864-SYD
leaflet.js
unpkg.com/leaflet@1.7.1/dist/ 		139 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/leaflet@1.7.1/dist/leaflet.js
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.125.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.downundercuties.com/
Origin
https://www.downundercuties.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:18 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
25701302
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G0D62WXASJ1QK7WTHE499BTW-syd
server
cloudflare
etag
W/"22a75-iKkf+OateC1bxjLRQ9tMu5Nt07Q"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7939a4c3a8aca864-SYD
style-white-im.min.css
www.srv69.eu/slp/36/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.srv69.eu/slp/36/css/style-white-im.min.css
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
99cf92637951022f7a5d81803ed3d9a1f7943f947cbd8557695b6fdf731492d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
content-encoding
gzip
last-modified
Thu, 23 Jun 2022 11:34:15 GMT
server
Apache/2
etag
"435f-5e21bd55a1bc0-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
3350
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-179945334-1
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
eda184625aa2d87cc0dd92157a43e0b525b28479ce2b72c7ade9ee07803ce5c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43904
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Feb 2023 08:02:19 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 21:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 21:59:57 GMT
1.jpg
www.srv69.eu/slp/36/img/adult/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.srv69.eu/slp/36/img/adult/1.jpg
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
56bd2812eced46e6e34e77fc46f4daf9a065e4a24f643986cc7a6a9b1f950fd3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
last-modified
Tue, 01 Mar 2022 17:28:26 GMT
server
Apache/2
accept-ranges
bytes
etag
"4212-5d92b7e19e280"
content-length
16914
content-type
image/jpeg
2.jpg
www.srv69.eu/slp/36/img/adult/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.srv69.eu/slp/36/img/adult/2.jpg
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
0883c72c2913423d315872613f336737229bbe1e3de311a27ecd5e4c97d0a00d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
last-modified
Tue, 01 Mar 2022 17:28:26 GMT
server
Apache/2
accept-ranges
bytes
etag
"3f5d-5d92b7e19e280"
content-length
16221
content-type
image/jpeg
3.jpg
www.srv69.eu/slp/36/img/adult/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.srv69.eu/slp/36/img/adult/3.jpg
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
60011353e1e6980165a5e7182e2ad764e10e04bbd34b3cb188835ef300ead2ac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
last-modified
Tue, 01 Mar 2022 17:28:26 GMT
server
Apache/2
accept-ranges
bytes
etag
"3a3c-5d92b7e19e280"
content-length
14908
content-type
image/jpeg
4.jpg
www.srv69.eu/slp/36/img/adult/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.srv69.eu/slp/36/img/adult/4.jpg
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
b6677ab2d0f688545fd63b9795ea776a4748d219201a4a19158b21ddf6c8f354

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
last-modified
Tue, 01 Mar 2022 17:28:26 GMT
server
Apache/2
accept-ranges
bytes
etag
"3ace-5d92b7e19e280"
content-length
15054
content-type
image/jpeg
5.jpg
www.srv69.eu/slp/36/img/adult/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.srv69.eu/slp/36/img/adult/5.jpg
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
5ef272afecd9f66487c62c0c08dbdbaa166d3fe8a395b577258970ac1dd860d3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
last-modified
Tue, 01 Mar 2022 17:28:26 GMT
server
Apache/2
accept-ranges
bytes
etag
"454f-5d92b7e19e280"
content-length
17743
content-type
image/jpeg
6.jpg
www.srv69.eu/slp/36/img/adult/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.srv69.eu/slp/36/img/adult/6.jpg
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
50fcb8e11fd609c69a0709d8e9255ac0770f38504cac6ff50b8adc7aaee1054e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
last-modified
Tue, 01 Mar 2022 17:28:26 GMT
server
Apache/2
accept-ranges
bytes
etag
"4abe-5d92b7e19e280"
content-length
19134
content-type
image/jpeg
7.jpg
www.srv69.eu/slp/36/img/adult/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.srv69.eu/slp/36/img/adult/7.jpg
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
02ab445f1205ce674f7be3c98a2bfde847ad060fa39269844a9caca48e9d84e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
last-modified
Tue, 01 Mar 2022 17:28:26 GMT
server
Apache/2
accept-ranges
bytes
etag
"4bfc-5d92b7e19e280"
content-length
19452
content-type
image/jpeg
8.jpg
www.srv69.eu/slp/36/img/adult/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.srv69.eu/slp/36/img/adult/8.jpg
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
f57c0870dfde70bb52ac7a5bda92c79ec0496ab70956ed4cc5d8f037fff4a21b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
last-modified
Tue, 01 Mar 2022 17:28:26 GMT
server
Apache/2
accept-ranges
bytes
etag
"3258-5d92b7e19e280"
content-length
12888
content-type
image/jpeg
9.jpg
www.srv69.eu/slp/36/img/adult/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.srv69.eu/slp/36/img/adult/9.jpg
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
2fa1bc50616400b623e5bcccbe9b19dd9619a9cb3b04bfcddae072784aa7df45

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
last-modified
Tue, 01 Mar 2022 17:28:26 GMT
server
Apache/2
accept-ranges
bytes
etag
"474d-5d92b7e19e280"
content-length
18253
content-type
image/jpeg
10.jpg
www.srv69.eu/slp/36/img/adult/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.srv69.eu/slp/36/img/adult/10.jpg
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
82b06e3f0e28ac64e5e10c5bd8f4c971bacdc2cf609b8dd03bc23e18d131352d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
last-modified
Tue, 01 Mar 2022 17:28:26 GMT
server
Apache/2
accept-ranges
bytes
etag
"4504-5d92b7e19e280"
content-length
17668
content-type
image/jpeg
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 09:28:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
599646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 09:28:13 GMT
fade.min.js
www.srv69.eu/slp/36/js/ 		2 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.srv69.eu/slp/36/js/fade.min.js
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
0f49f40e7096d568fe0f4fe290690db9ae2b58154912109af9b83214a60a7f9f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
content-encoding
gzip
last-modified
Thu, 23 Jun 2022 10:55:53 GMT
server
Apache/2
etag
"800-5e21b4c246040-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
913
popwin.js
www.srv69.eu/slp/36/js/ 		1 KB
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.srv69.eu/slp/36/js/popwin.js
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
405c7188844d525c9ede1360cc138f97c06f6d1f8e60aa8b73cfc657b4ace6fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:19 GMT
content-encoding
gzip
last-modified
Thu, 23 Jun 2022 10:56:12 GMT
server
Apache/2
etag
"4b3-5e21b4d464b00-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
530
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.downundercuties.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 07:55:12 GMT
x-content-type-options
nosniff
age
259627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 07:55:12 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.downundercuties.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 21:09:32 GMT
x-content-type-options
nosniff
age
557567
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 21:09:32 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179945334-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Feb 2023 07:56:26 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
353
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 03 Feb 2023 09:56:26 GMT
-42.8825088-147.3281233.jpg
www.srv69.eu/slp/36/img/maps/ 		327 KB
329 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.srv69.eu/slp/36/img/maps/-42.8825088-147.3281233.jpg
Requested by
Host: www.downundercuties.com
URL: https://www.downundercuties.com/slp/?lp=36&pid=33143&pi=KEausDownundercuties&source=&website=downundercuties.com&l=en-au&t=adult&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.204 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163846.ip-51-89-234.eu
Software
Apache/2 /
Resource Hash
61fa1ec10feffd874a14d63f76769b36a22d12422cc7d589a73c0f9dccda7ff9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downundercuties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:02:20 GMT
last-modified
Wed, 22 Jun 2022 17:57:16 GMT
server
Apache/2
accept-ranges
bytes
etag
"51a3c-5e20d1148f700"
content-length
334396
content-type
image/jpeg
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1215828509&t=pageview&_s=1&dl=https%3A%2F%2Fwww.downundercuties.com%2Fslp%2F%3Flp%3D36%26pid%3D33143%26pi%3DKEausDownundercuties%26source%3D%26website%3Ddownundercuties.com%26l%3Den-au%26t%3Dadult%26i%3D1&dr=https%3A%2F%2Fsyndication.optimizesrv.com%2F&ul=en-us&de=UTF-8&dt=Downundercuties.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1151563316&gjid=31621402&cid=1582879964.1675411340&tid=UA-179945334-1&_gid=414824006.1675411340&_r=1&_slc=1&gtm=457e3210&z=1089928344
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.downundercuties.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 08:02:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.downundercuties.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.eabids.com
URL
https://static.eabids.com/data/bannerpools/112022/33839.jpg

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| L function| gtag object| dataLayer function| $ function| jQuery boolean| notJsCanvas object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| eventWindowLoaded function| Debugger function| _handlingServerReponseError function| showFadedMobile function| showErr function| canvasApp object| Popwin number| x function| getLocation function| success function| error function| getGEOcoordinates function| data function| shake function| displayTime function| validateEmail function| nextstep function| post function| createUser function| openPop function| acceptCookie function| changeEmailInput object| gaplugins object| gaGlobal object| gaData

17 Cookies

Domain/Path Name / Value
trac.adspop.me/ Name: Adspopme
Value: 73c7m3lc8kcpfkgeivlpnsvh8r
trac.adspop.me/ Name: csrfToken
Value: 73d3d60ecb6a11c5da469fb6b7563407a5f154adaf0a935d1b1c003a81969b7f829779958cd3e7e127576631f54ffa21745470a5c13d93d948f4c4809ea62729
trac.adspop.me/ Name: visitor
Value: Q2FrZQ%3D%3D.YTNhZDE2MWRkMjA0NmY2YmY2YWFiMTdjODM0ZDUwOTg5OWQ5MGE3NGZhNGMxMGYwNzc1YzE3YWRlNmM1MDk1Y3C1ObXyP0k5CsEkz61ZP%2BODOYAsuSpN8Q96LriGQ3WCh0zm5MEO46LwbYxzS4SBg4fynwJ3cMBKKL6nWznqnBPk5ma1IPZTpGGZBcMvnOrk
trac.adspop.me/ Name: ab
Value: 2
short.adnet.cash/ Name: Adnetcash
Value: 56iqsj880hdn9a4ml69qn489at
short.adnet.cash/ Name: csrfToken
Value: 70e295f331d07be1a697e289bb0b7a8f2ff9332e2dcb10b99e3d6a41ad51d0932016a254c2a2b2fa579698bb0355f8ea687287a6e8a367ea811150a12e1cf40c
short.adnet.cash/ Name: visitor
Value: Q2FrZQ%3D%3D.YzFjMjc0NGI0ODE5MGRiOTExMzZiYjhjYmEwZDNhZDQ1ZDY1ZjFlNjZjZjY0NjgwZDE1MThlZWI0NjU5ZGQ2OSRLvhSorunEQyIG4QyxJckWDjCBVO56Uobv%2FMg1JOxHAt90kmIFNGmrniRtAU%2FYV9Drp8I%2FCS7Hep4P7GD7Y49BSRg9iLgaesUdArmDjvvb
short.adnet.cash/ Name: ab
Value: 2
.adnet.cash/ Name: _ga
Value: GA1.2.969937360.1675411334
.adnet.cash/ Name: _gid
Value: GA1.2.1805316131.1675411334
.adnet.cash/ Name: _gat_gtag_UA_111790449_1
Value: 1
.optimizesrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263dcbf85bf8824.085927014092982645%22%3B%7D
.optnx.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263dcbf874d5b24.370450383079901475%22%3B%7D
.optnx.com/ Name: c-tag
Value: %7B%22tag-link%22%3A%22v3%7C%7CAUS%7C3511125%7C74334492%7C0%7C%7C508%7C41%7C2%7C40%7C0%7C0%7C0%7C0%7C2155400%7C2147714%7C0%7C0%7C13%7C4096%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cd522dc35bfe1d633e2e3da2534f786ae%7C745%7Cshort.adnet.cash%7C1600x1200%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
.downundercuties.com/ Name: _ga
Value: GA1.2.1582879964.1675411340
.downundercuties.com/ Name: _gid
Value: GA1.2.414824006.1675411340
.downundercuties.com/ Name: _gat_gtag_UA_179945334_1
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
go.adspop.me
go.ero-advertising.com
s.optnx.com
short.adnet.cash
static.eabids.com
syndication.optimizesrv.com
trac.adspop.me
unpkg.com
www.downundercuties.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.srv69.eu
static.eabids.com
104.16.125.175
104.21.39.92
104.21.77.26
142.250.4.94
142.250.4.95
142.251.12.105
142.251.12.94
142.251.12.97
15.235.55.215
172.253.118.113
172.67.144.5
217.22.19.194
51.89.234.204
74.125.68.95
95.211.229.245
02ab445f1205ce674f7be3c98a2bfde847ad060fa39269844a9caca48e9d84e2
04f7caf4ce6fdf87365cfea9d1cc55cf599440bb2dd204cb9349a573b92ea1d0
0883c72c2913423d315872613f336737229bbe1e3de311a27ecd5e4c97d0a00d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a5c71301f29f4b6c91efb3e913655c063523e9fecd20da490afdcfdd8955349
0f49f40e7096d568fe0f4fe290690db9ae2b58154912109af9b83214a60a7f9f
21b85cf45e99aea9fd32f5ec188b8af730b1f9f45cf3140a0ab64f9bd42e911c
2fa1bc50616400b623e5bcccbe9b19dd9619a9cb3b04bfcddae072784aa7df45
405c7188844d525c9ede1360cc138f97c06f6d1f8e60aa8b73cfc657b4ace6fb
42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee
50fcb8e11fd609c69a0709d8e9255ac0770f38504cac6ff50b8adc7aaee1054e
56bd2812eced46e6e34e77fc46f4daf9a065e4a24f643986cc7a6a9b1f950fd3
58b8b919bc0d87670d60621cdaa8d6fd29bf58a01664d18836d6193aa014c954
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ef272afecd9f66487c62c0c08dbdbaa166d3fe8a395b577258970ac1dd860d3
60011353e1e6980165a5e7182e2ad764e10e04bbd34b3cb188835ef300ead2ac
61fa1ec10feffd874a14d63f76769b36a22d12422cc7d589a73c0f9dccda7ff9
6778284577f9cfff0b561c5d98f252c7daf4506e34555ad54b4378141f792db5
7a990f697791b207988712c61861b01adcf7c5eb6220065b0365fd058a960685
82b06e3f0e28ac64e5e10c5bd8f4c971bacdc2cf609b8dd03bc23e18d131352d
99cf92637951022f7a5d81803ed3d9a1f7943f947cbd8557695b6fdf731492d4
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a70e6409c8d31c1305875c330fb419b1ab556bf3855d0fe1e67cc778b2e2d39c
b06f9e782e0e6491241eea25ee7f032783cd6104953942c55031092e9856ebe2
b6677ab2d0f688545fd63b9795ea776a4748d219201a4a19158b21ddf6c8f354
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c35d893f67318c2bf8a1565762293ba63ac3e3a0e98d4538aa389ce509c7046a
c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24
eced69e931e3d6fbbb896aec7733312d0f897063880d3d73b1403c5ca82aba7a
eda184625aa2d87cc0dd92157a43e0b525b28479ce2b72c7ade9ee07803ce5c9
f1b120437cbc1eef249776e788cad6708c8c95995e5f3b907d374037765f0b1b
f57c0870dfde70bb52ac7a5bda92c79ec0496ab70956ed4cc5d8f037fff4a21b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e