daddce.naughtymets.com Open in urlscan Pro
178.162.199.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://is.gd/6C3mEf
Effective URL:
https://daddce.naughtymets.com/s/625941d166f1f?track=TENTREMT&click_id=VEVOVFJFTVQsRVMsMTg1LjE4My4xMDYuMTQ3LFdFQixJTlNBVkU
Submission: On April 17 via manual (April 17th 2022, 4:51:15 am UTC) from ES — Scanned from ES

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 13 HTTP transactions. The main IP is 178.162.199.80, located in Germany and belongs to LEASEWEB-DE-FRA-10, DE. The main domain is daddce.naughtymets.com.
TLS certificate: Issued by R3 on February 16th 2022. Valid for: 3 months.

This is the only time daddce.naughtymets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::6819:ea35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:20e... 2600:9000:20eb:b000:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	172.96.184.202 172.96.184.202	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
6	178.162.199.80 178.162.199.80	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
13	5

1 2606:4700:20::6819:ea35 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:b000:19:9934:6a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

zgi9k.app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.96.184.202 (Schiphol, Netherlands) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: 172.96.184.202-static.reverse.arandomserver.com

alexa.insavegirls.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.162.199.80 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)

daddce.naughtymets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	naughtymets.com daddce.naughtymets.com	229 KB
3	insavegirls.info 1 redirects alexa.insavegirls.info	2 KB
2	gstatic.com fonts.gstatic.com	74 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 647	29 KB
1	app.link 1 redirects zgi9k.app.link	589 B
1	is.gd 1 redirects is.gd — Cisco Umbrella Rank: 55099	478 B
13	7

	Domain	Requested by
6	daddce.naughtymets.com	alexa.insavegirls.info daddce.naughtymets.com
3	alexa.insavegirls.info	1 redirects alexa.insavegirls.info
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	daddce.naughtymets.com
1	code.jquery.com	daddce.naughtymets.com
1	zgi9k.app.link	1 redirects
1	is.gd	1 redirects
13	7

This site contains no links.

Subject Issuer	Validity	Valid
naughtymets.com R3	`2022-02-16` - `2022-05-17`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://daddce.naughtymets.com/s/625941d166f1f?track=TENTREMT&click_id=VEVOVFJFTVQsRVMsMTg1LjE4My4xMDYuMTQ3LFdFQixJTlNBVkU
Frame ID: 6BAC6468F19B18D032E2C4495BBFF8A4
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

El sitio de citas más popular de este mes

Page URL History Show full URLs

https://is.gd/6C3mEf HTTP 301
https://zgi9k.app.link/QeLKkwcqgpb HTTP 307
http://alexa.insavegirls.info/TWJ1V3csSU5TQVZFLVRFTlRSRU1ULDE2NTAwODA5ODYsLFRSQUZFRSww?_branch_match_id=10... Page URL
http://alexa.insavegirls.info/_meetups/?click_id=insave-tentremt&network=TRAFEE&guid=a77d9356a26d4e239ba79... HTTP 302
http://alexa.insavegirls.info/_meetups/r.php?click_id=tentremt&groups=insave&network=TRAFEE&guid=ed2473402... Page URL
https://daddce.naughtymets.com/s/625941d166f1f?track=TENTREMT&click_id=VEVOVFJFTVQsRVMsMTg1LjE4My4xMDYuMTQ3... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

85 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

335 kB
Transfer

396 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://is.gd/6C3mEf HTTP 301
https://zgi9k.app.link/QeLKkwcqgpb HTTP 307
http://alexa.insavegirls.info/TWJ1V3csSU5TQVZFLVRFTlRSRU1ULDE2NTAwODA5ODYsLFRSQUZFRSww?_branch_match_id=1044100001903788865&utm_source=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXr0rPtMzWSywo0MvJzMvWD0z18c4uTy5ML0gCAKqEEOEiAAAA Page URL
http://alexa.insavegirls.info/_meetups/?click_id=insave-tentremt&network=TRAFEE&guid=a77d9356a26d4e239ba79d3f78aada2a HTTP 302
http://alexa.insavegirls.info/_meetups/r.php?click_id=tentremt&groups=insave&network=TRAFEE&guid=ed24734027cc0117b45f150eb8da0c73 Page URL
https://daddce.naughtymets.com/s/625941d166f1f?track=TENTREMT&click_id=VEVOVFJFTVQsRVMsMTg1LjE4My4xMDYuMTQ3LFdFQixJTlNBVkU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://is.gd/6C3mEf HTTP 301
https://zgi9k.app.link/QeLKkwcqgpb HTTP 307
http://alexa.insavegirls.info/TWJ1V3csSU5TQVZFLVRFTlRSRU1ULDE2NTAwODA5ODYsLFRSQUZFRSww?_branch_match_id=1044100001903788865&utm_source=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXr0rPtMzWSywo0MvJzMvWD0z18c4uTy5ML0gCAKqEEOEiAAAA

Request Chain 1

http://alexa.insavegirls.info/_meetups/?click_id=insave-tentremt&network=TRAFEE&guid=a77d9356a26d4e239ba79d3f78aada2a HTTP 302
http://alexa.insavegirls.info/_meetups/r.php?click_id=tentremt&groups=insave&network=TRAFEE&guid=ed24734027cc0117b45f150eb8da0c73

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

TWJ1V3csSU5TQVZFLVRFTlRSRU1ULDE2NTAwODA5ODYsLFRSQUZFRSww
alexa.insavegirls.info/
Redirect Chain

https://is.gd/6C3mEf
https://zgi9k.app.link/QeLKkwcqgpb
http://alexa.insavegirls.info/TWJ1V3csSU5TQVZFLVRFTlRSRU1ULDE2NTAwODA5ODYsLFRSQUZFRSww?_branch_match_id=1044100001903788865&utm_source=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXr0rPtMzWSywo...

878 B
756 B

168ms
73ms

Document
text/html

172.96.184.202
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://alexa.insavegirls.info/TWJ1V3csSU5TQVZFLVRFTlRSRU1ULDE2NTAwODA5ODYsLFRSQUZFRSww?_branch_match_id=1044100001903788865&utm_source=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXr0rPtMzWSywo0MvJzMvWD0z18c4uTy5ML0gCAKqEEOEiAAAA
Protocol: HTTP/1.1
Server: 172.96.184.202 Schiphol, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: 172.96.184.202-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache
content-encoding: gzip
content-length: 448
content-type: text/html; charset=UTF-8
date: Sun, 17 Apr 2022 04:51:05 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34

Redirect headers

date: Sun, 17 Apr 2022 04:51:05 GMT
last-modified: Sun, 17 Apr 2022 04:51:05 GMT
location: http://alexa.insavegirls.info/TWJ1V3csSU5TQVZFLVRFTlRSRU1ULDE2NTAwODA5ODYsLFRSQUZFRSww?_branch_match_id=1044100001903788865&utm_source=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXr0rPtMzWSywo0MvJzMvWD0z18c4uTy5ML0gCAKqEEOEiAAAA
server: openresty
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-id: 7WzOupQZSmn6TDvaJHTGqsJvUGPINKtPkUmETA8MTQFML0n2rB75sg==
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H/1.1

200
OK

r.php
alexa.insavegirls.info/_meetups/
Redirect Chain

http://alexa.insavegirls.info/_meetups/?click_id=insave-tentremt&network=TRAFEE&guid=a77d9356a26d4e239ba79d3f78aada2a
http://alexa.insavegirls.info/_meetups/r.php?click_id=tentremt&groups=insave&network=TRAFEE&guid=ed24734027cc0117b45f150eb8da0c73

751 B
722 B

79ms
79ms

Document
text/html

172.96.184.202
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://alexa.insavegirls.info/_meetups/r.php?click_id=tentremt&groups=insave&network=TRAFEE&guid=ed24734027cc0117b45f150eb8da0c73
Requested by: Host: alexa.insavegirls.info
URL: http://alexa.insavegirls.info/TWJ1V3csSU5TQVZFLVRFTlRSRU1ULDE2NTAwODA5ODYsLFRSQUZFRSww?_branch_match_id=1044100001903788865&utm_source=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXr0rPtMzWSywo0MvJzMvWD0z18c4uTy5ML0gCAKqEEOEiAAAA
Protocol: HTTP/1.1
Server: 172.96.184.202 Schiphol, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: 172.96.184.202-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash

Request headers

Referer: http://alexa.insavegirls.info/TWJ1V3csSU5TQVZFLVRFTlRSRU1ULDE2NTAwODA5ODYsLFRSQUZFRSww?_branch_match_id=1044100001903788865&utm_source=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXr0rPtMzWSywo0MvJzMvWD0z18c4uTy5ML0gCAKqEEOEiAAAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache
content-encoding: gzip
content-length: 414
content-type: text/html; charset=UTF-8
date: Sun, 17 Apr 2022 04:51:06 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 17 Apr 2022 04:51:06 GMT
location: /_meetups/r.php?click_id=tentremt&groups=insave&network=TRAFEE&guid=ed24734027cc0117b45f150eb8da0c73
pragma: no-cache
server: LiteSpeed
x-powered-by: PHP/7.2.34

GET
H/1.1 200
OK Primary Request 625941d166f1f Show response
daddce.naughtymets.com/s/ 6 KB
2 KB 2151ms
1923ms Document
text/html 178.162.199.80
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://daddce.naughtymets.com/s/625941d166f1f?track=TENTREMT&click_id=VEVOVFJFTVQsRVMsMTg1LjE4My4xMDYuMTQ3LFdFQixJTlNBVkU
Requested by: Host: alexa.insavegirls.info
URL: http://alexa.insavegirls.info/_meetups/r.php?click_id=tentremt&groups=insave&network=TRAFEE&guid=ed24734027cc0117b45f150eb8da0c73
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: openresty/1.19.3.1 /
Resource Hash: 62ba9f78f0dabe98964e1de16ecdedb4f60f1abbeccba4d038ef3d647c264c2f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 17 Apr 2022 04:51:08 GMT
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK style.css
daddce.naughtymets.com/bundle/387/assets/css/ 4 KB
4 KB 64ms
64ms Stylesheet
text/css 178.162.199.80
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://daddce.naughtymets.com/bundle/387/assets/css/style.css
Requested by: Host: daddce.naughtymets.com
URL: https://daddce.naughtymets.com/s/625941d166f1f?track=TENTREMT&click_id=VEVOVFJFTVQsRVMsMTg1LjE4My4xMDYuMTQ3LFdFQixJTlNBVkU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: openresty/1.19.3.1 /
Resource Hash: fc78ed22b4e5b4b2e161c395e7dfaee92caafc4cda3974da7ccbbe9b35163fe2

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://daddce.naughtymets.com/s/625941d166f1f?track=TENTREMT&click_id=VEVOVFJFTVQsRVMsMTg1LjE4My4xMDYuMTQ3LFdFQixJTlNBVkU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 04:51:08 GMT
Last-Modified: Sun, 22 Nov 2020 17:35:04 GMT
Server: openresty/1.19.3.1
ETag: "5fbaa148-10dd"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4317

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 184ms
61ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: daddce.naughtymets.com
URL: https://daddce.naughtymets.com/s/625941d166f1f?track=TENTREMT&click_id=VEVOVFJFTVQsRVMsMTg1LjE4My4xMDYuMTQ3LFdFQixJTlNBVkU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://daddce.naughtymets.com/
Origin: https://daddce.naughtymets.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 04:51:08 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e4a"
vary: Accept-Encoding
x-hw: 1650171068.dop002.ml1.t,1650171068.cds211.ml1.hn,1650171068.cds220.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H/1.1 200
OK functions.js Show response
daddce.naughtymets.com/bundle/387/assets/js/ 447 B
727 B 128ms
63ms Script
application/javascript 178.162.199.80
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://daddce.naughtymets.com/bundle/387/assets/js/functions.js
Requested by: Host: daddce.naughtymets.com
URL: https://daddce.naughtymets.com/s/625941d166f1f?track=TENTREMT&click_id=VEVOVFJFTVQsRVMsMTg1LjE4My4xMDYuMTQ3LFdFQixJTlNBVkU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: openresty/1.19.3.1 /
Resource Hash: c07679657ede961eef1346649b2b0dd5088a01544ab871ae3c6f867f8f2ab248

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://daddce.naughtymets.com/s/625941d166f1f?track=TENTREMT&click_id=VEVOVFJFTVQsRVMsMTg1LjE4My4xMDYuMTQ3LFdFQixJTlNBVkU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 04:51:08 GMT
Last-Modified: Sun, 22 Nov 2020 17:35:05 GMT
Server: openresty/1.19.3.1
ETag: "5fbaa149-1bf"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 447

GET
H/1.1 200
OK click.js Show response
daddce.naughtymets.com/js/ 4 KB
4 KB 272ms
148ms Script
application/javascript 178.162.199.80
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://daddce.naughtymets.com/js/click.js
Requested by: Host: daddce.naughtymets.com
URL: https://daddce.naughtymets.com/s/625941d166f1f?track=TENTREMT&click_id=VEVOVFJFTVQsRVMsMTg1LjE4My4xMDYuMTQ3LFdFQixJTlNBVkU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: openresty/1.19.3.1 /
Resource Hash: 8abe2a77b34ca2d18a92f3c8619e5315bc86526b2cd0a6a5e219c566d39681bb

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://daddce.naughtymets.com/s/625941d166f1f?track=TENTREMT&click_id=VEVOVFJFTVQsRVMsMTg1LjE4My4xMDYuMTQ3LFdFQixJTlNBVkU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 04:51:08 GMT
Last-Modified: Mon, 11 Apr 2022 12:29:06 GMT
Server: openresty/1.19.3.1
ETag: "62541f12-109f"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4255

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 232ms
78ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: daddce.naughtymets.com
URL: https://daddce.naughtymets.com/bundle/387/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://daddce.naughtymets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Apr 2022 03:28:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 17 Apr 2022 04:51:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Apr 2022 04:51:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 1011 B
493 B 239ms
84ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playball&subset=latin-ext

Requested by

Host: daddce.naughtymets.com
URL: https://daddce.naughtymets.com/bundle/387/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

862b84c21e2c6bd0670e54452f5c7eea4fbcd238b6183d18a0b6a19efe7dd493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://daddce.naughtymets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Apr 2022 03:45:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 17 Apr 2022 04:51:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Apr 2022 04:51:08 GMT

GET
H/1.1 200
OK 1.jpg
daddce.naughtymets.com/bundle/387/assets/img/ 187 KB
187 KB 125ms
124ms Image
image/jpeg 178.162.199.80
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://daddce.naughtymets.com/bundle/387/assets/img/1.jpg
Requested by: Host: daddce.naughtymets.com
URL: https://daddce.naughtymets.com/bundle/387/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: openresty/1.19.3.1 /
Resource Hash: 033f72fe4e566d8157cd1f54e2767118dff4004f72b7d81edaef3852e3538df2

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://daddce.naughtymets.com/bundle/387/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 04:51:08 GMT
Last-Modified: Sun, 22 Nov 2020 17:35:04 GMT
Server: openresty/1.19.3.1
ETag: "5fbaa148-2ea25"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 191013

GET
H2 200 TK3gWksYAxQ7jbsKcg8Eneo.woff2
fonts.gstatic.com/s/playball/v14/ 30 KB
30 KB 314ms
169ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playball/v14/TK3gWksYAxQ7jbsKcg8Eneo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playball&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bdb2c285cdd30b68da0947a4b540c200d29107ca0bad1c223397f2149f449fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://daddce.naughtymets.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 09:26:45 GMT
x-content-type-options: nosniff
age: 415464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30352
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 19:48:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Apr 2023 09:26:45 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 221ms
77ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://daddce.naughtymets.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 367562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:45:07 GMT

GET
H/1.1 200
OK fp2.min.js Show response
daddce.naughtymets.com/js/ 30 KB
30 KB 228ms
228ms Script
application/javascript 178.162.199.80
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://daddce.naughtymets.com/js/fp2.min.js
Requested by: Host: daddce.naughtymets.com
URL: https://daddce.naughtymets.com/js/click.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: openresty/1.19.3.1 /
Resource Hash: 6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://daddce.naughtymets.com/s/625941d166f1f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 04:51:09 GMT
Last-Modified: Mon, 11 Apr 2022 12:29:06 GMT
Server: openresty/1.19.3.1
ETag: "62541f12-77dd"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30685

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.app.link/	1970-01-20 11:08:27	Name: _s Value: rHp%2FXkh9OELTisvPe8RX7LzjrEq8yd196PPVCOaiRnB53tdOPFPxuG4Y0l5FFxiq
			.naughtymets.com/	1970-01-21 04:39:39	Name: SID Value: eac39ab1a43ea02e19d2903996492882

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alexa.insavegirls.info
code.jquery.com
daddce.naughtymets.com
fonts.googleapis.com
fonts.gstatic.com
is.gd
zgi9k.app.link
172.96.184.202
178.162.199.80
2001:4de0:ac18::1:a:3a
2600:9000:20eb:b000:19:9934:6a80:93a1
2606:4700:20::6819:ea35
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2003
033f72fe4e566d8157cd1f54e2767118dff4004f72b7d81edaef3852e3538df2
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
2bdb2c285cdd30b68da0947a4b540c200d29107ca0bad1c223397f2149f449fd
62ba9f78f0dabe98964e1de16ecdedb4f60f1abbeccba4d038ef3d647c264c2f
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e
862b84c21e2c6bd0670e54452f5c7eea4fbcd238b6183d18a0b6a19efe7dd493
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8abe2a77b34ca2d18a92f3c8619e5315bc86526b2cd0a6a5e219c566d39681bb
c07679657ede961eef1346649b2b0dd5088a01544ab871ae3c6f867f8f2ab248
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
fc78ed22b4e5b4b2e161c395e7dfaee92caafc4cda3974da7ccbbe9b35163fe2

daddce.naughtymets.com Open in urlscan Pro 178.162.199.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

85 %HTTPS

71 %IPv6

7 Domains

7 Subdomains

5 IPs

3 Countries

335 kBTransfer

396 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

2 Cookies

Indicators

daddce.naughtymets.com Open in urlscan Pro
178.162.199.80 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

85 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

335 kB
Transfer

396 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions