vip-datingnow.com Open in urlscan Pro
5.101.45.21 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://postlutma.gq/
Effective URL:
https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Submission: On July 25 via automatic, source certstream-suspicious (July 25th 2021, 1:31:47 pm UTC)

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 32 domains to perform 73 HTTP transactions. The main IP is 5.101.45.21, located in Haarlem, Netherlands and belongs to FASTCONTENT, DE. The main domain is vip-datingnow.com.
TLS certificate: Issued by R3 on July 10th 2021. Valid for: 3 months.

This is the only time vip-datingnow.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3035::ac43:ca0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1bf8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3031::6815:cd9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.241.67.86 162.241.67.86	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	172.67.73.163 172.67.73.163	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	65.99.240.118 65.99.240.118	30496 (AS-TIERP-...) (AS-TIERP-30496)
1	173.205.124.60 173.205.124.60	54641 (IMH-IAD) (IMH-IAD)
1	104.109.67.14 104.109.67.14	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1e5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.146.254 130.211.146.254	15169 (GOOGLE) (GOOGLE)
1	151.101.194.2 151.101.194.2	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:2cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	72.249.48.96 72.249.48.96	30496 (AS-TIERP-...) (AS-TIERP-30496)
2	78.140.180.54 78.140.180.54	35415 (WEBZILLA) (WEBZILLA)
1	23.32.243.95 23.32.243.95	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	185.61.154.61 185.61.154.61	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::ac43:aeaa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 1	185.117.134.136 185.117.134.136	204006 (IQOPTION) (IQOPTION)
1 1	185.104.208.41 185.104.208.41	200449 (QRATOR-) (QRATOR-)
4	5.8.34.184 5.8.34.184	209813 (FASTCONTENT) (FASTCONTENT)
1	5.8.34.62 5.8.34.62	209813 (FASTCONTENT) (FASTCONTENT)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	46.148.125.75 46.148.125.75	35277 (LLHOST-IN...) (LLHOST-INC-SRL)
1 11	5.101.45.21 5.101.45.21	209813 (FASTCONTENT) (FASTCONTENT)
73	28

13 2606:4700:3035::ac43:ca0c (United States)

ASN13335 (CLOUDFLARENET, US)

postlutma.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1bf8 (United States)

ASN13335 (CLOUDFLARENET, US)

www.forexfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::6815:cd9 (United States)

ASN13335 (CLOUDFLARENET, US)

forex-indicators.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.241.67.86 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: munafasutra.com

www.bullkhan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.73.163 (United States)

ASN13335 (CLOUDFLARENET, US)

tradingsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.99.240.118 (Dallas, United States)

ASN30496 (AS-TIERP-30496, US)
PTR: us501.directrouter.com

www.aboutcurrency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.205.124.60 (United States)

ASN54641 (IMH-IAD, US)

www.incrediblecharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.67.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-67-14.deploy.static.akamaitechnologies.com

www.xm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

www.fxtradingrevolution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1e5f (United States)

ASN13335 (CLOUDFLARENET, US)

www.forex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.146.254 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 254.146.211.130.bc.googleusercontent.com

forextradingstrategies4u.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.2 (United States)

ASN54113 (FASTLY, US)

image.jimcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:2cd (United States)

ASN13335 (CLOUDFLARENET, US)

www.forexpeacearmy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.249.48.96 (Dallas, United States)

ASN30496 (AS-TIERP-30496, US)
PTR: us508.directrouter.com

www.dolphintrader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.140.180.54 (Netherlands)

ASN35415 (WEBZILLA, NL)

c.mql5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.243.95 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-243-95.deploy.static.akamaitechnologies.com

a.c-dn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.investoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.61.154.61 (United Kingdom)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium60-4.web-hosting.com

www.profitf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:aeaa (United States)

ASN13335 (CLOUDFLARENET, US)

algosit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.117.134.136 (Cyprus) 1 redirects

ASN204006 (IQOPTION, CY)

affiliate.iqbroker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.104.208.41 (Czech Republic) 1 redirects

ASN200449 (QRATOR-, CZ)

trkmad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.8.34.184 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

fastlovedatings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.8.34.62 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

p-analytics.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.148.125.75 (Haarlem, Netherlands)

ASN35277 (LLHOST-INC-SRL, RO)
PTR: har16.srv.llhost-inc.com

pushbizapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 5.101.45.21 (Haarlem, Netherlands) 1 redirects

ASN209813 (FASTCONTENT, DE)

vip-datingnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	postlutma.gq postlutma.gq	241 KB
11	vip-datingnow.com 1 redirects vip-datingnow.com	322 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	125 KB
4	fastlovedatings.com fastlovedatings.com	42 KB
4	forex-indicators.net forex-indicators.net	30 KB
3	aboutcurrency.com www.aboutcurrency.com	53 KB
2	pushbizapi.com pushbizapi.com
2	algosit.com algosit.com	2 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	mql5.com c.mql5.com	259 KB
1	p-analytics.life p-analytics.life	317 B
1	trkmad.com 1 redirects trkmad.com	189 B
1	iqbroker.com 1 redirects affiliate.iqbroker.com	258 B
1	profitf.com www.profitf.com	181 KB
1	investoo.com www.investoo.com	113 KB
1	c-dn.net a.c-dn.net	16 KB
1	dolphintrader.com www.dolphintrader.com
1	forexpeacearmy.com www.forexpeacearmy.com	38 KB
1	jimcdn.com image.jimcdn.com	68 KB
1	forextradingstrategies4u.com forextradingstrategies4u.com
1	forex.com www.forex.com	44 KB
1	fxtradingrevolution.com www.fxtradingrevolution.com	57 B
1	xm.com www.xm.com	92 KB
1	incrediblecharts.com www.incrediblecharts.com	19 KB
1	blogspot.com 4.bp.blogspot.com	23 KB
1	tradingsim.com dev.tradingsim.com Failed tradingsim.com	48 KB
1	bullkhan.com www.bullkhan.com
1	forexfactory.com www.forexfactory.com	35 KB
0	brandweerbinnenmaas.nl Failed brandweerbinnenmaas.nl Failed
0	cellularonewest.com Failed cellularonewest.com Failed
0	forexbangladesh.com Failed forexbangladesh.com Failed
0	strategy4forex.com Failed strategy4forex.com Failed
73	32

	Domain	Requested by
13	postlutma.gq	postlutma.gq
11	vip-datingnow.com	1 redirects fastlovedatings.com vip-datingnow.com
6	fonts.gstatic.com	fonts.googleapis.com
4	fastlovedatings.com	algosit.com fastlovedatings.com
4	forex-indicators.net	postlutma.gq
3	www.aboutcurrency.com	postlutma.gq
2	pushbizapi.com	fastlovedatings.com
2	www.gstatic.com	fastlovedatings.com
2	algosit.com	postlutma.gq algosit.com
2	fonts.googleapis.com	postlutma.gq vip-datingnow.com
2	c.mql5.com	postlutma.gq
1	p-analytics.life	fastlovedatings.com
1	trkmad.com	1 redirects
1	affiliate.iqbroker.com	1 redirects
1	www.profitf.com	postlutma.gq
1	www.investoo.com	postlutma.gq
1	a.c-dn.net	postlutma.gq
1	www.dolphintrader.com	postlutma.gq
1	www.forexpeacearmy.com	postlutma.gq
1	image.jimcdn.com	postlutma.gq
1	forextradingstrategies4u.com	postlutma.gq
1	www.forex.com	postlutma.gq
1	www.fxtradingrevolution.com	postlutma.gq
1	www.xm.com	postlutma.gq
1	www.incrediblecharts.com	postlutma.gq
1	4.bp.blogspot.com	postlutma.gq
1	tradingsim.com	postlutma.gq
1	www.bullkhan.com	postlutma.gq
1	www.forexfactory.com	postlutma.gq
0	brandweerbinnenmaas.nl Failed	postlutma.gq
0	cellularonewest.com Failed	postlutma.gq
0	forexbangladesh.com Failed	postlutma.gq
0	dev.tradingsim.com Failed	postlutma.gq
0	strategy4forex.com Failed	postlutma.gq
73	34

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-25` - `2022-07-24`	a year	crt.sh
bullkhan.com cPanel, Inc. Certification Authority	`2021-06-03` - `2021-09-01`	3 months	crt.sh
tradingsim.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
aboutcurrency.com cPanel, Inc. Certification Authority	`2021-05-20` - `2021-08-18`	3 months	crt.sh
incrediblecharts.com cPanel, Inc. Certification Authority	`2021-05-29` - `2021-08-27`	3 months	crt.sh
trading-point.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2021-12-06`	a year	crt.sh
www.fxtradingrevolution.com GTS CA 1D4	`2021-06-07` - `2021-09-05`	3 months	crt.sh
forextradingstrategies4u.com R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
*.jimcdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
dolphintrader.com R3	`2021-07-18` - `2021-10-16`	3 months	crt.sh
*.mql5.com Sectigo ECC Domain Validation Secure Server CA	`2020-10-02` - `2021-11-02`	a year	crt.sh
www.marketdatasystems.com GeoTrust RSA CA 2018	`2020-07-20` - `2021-10-19`	a year	crt.sh
www.profitf.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-09` - `2021-11-25`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
fastlovedatings.com R3	`2021-07-19` - `2021-10-17`	3 months	crt.sh
p-analytics.life R3	`2021-06-15` - `2021-09-13`	3 months	crt.sh
pushbizapi.com R3	`2021-07-04` - `2021-10-02`	3 months	crt.sh
vip-datingnow.com R3	`2021-07-10` - `2021-10-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Frame ID: 0A429B46C2B870DE0DBC411FDB177993
Requests: 73 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://postlutma.gq/ Page URL
https://affiliate.iqbroker.com/redir/?aff=17177&instrument=options&clickid=m4vpvq21qait HTTP 302
https://trkmad.com/125113/ HTTP 302
https://algosit.com/g1yCFw Page URL
https://fastlovedatings.com/18plus/?u=8bfp605&o=4f30vvg Page URL
http://vip-datingnow.com/?u=8bfp605&o=4f30vvg HTTP 301
https://vip-datingnow.com/?u=8bfp605&o=4f30vvg Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

73
Requests

90 %
HTTPS

38 %
IPv6

32
Domains

34
Subdomains

28
IPs

6
Countries

1752 kB
Transfer

2218 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://postlutma.gq/ Page URL
https://affiliate.iqbroker.com/redir/?aff=17177&instrument=options&clickid=m4vpvq21qait HTTP 302
https://trkmad.com/125113/ HTTP 302
https://algosit.com/g1yCFw Page URL
https://fastlovedatings.com/18plus/?u=8bfp605&o=4f30vvg Page URL
http://vip-datingnow.com/?u=8bfp605&o=4f30vvg HTTP 301
https://vip-datingnow.com/?u=8bfp605&o=4f30vvg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg HTTP 301
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg

Request Chain 50

https://affiliate.iqbroker.com/redir/?aff=17177&instrument=options&clickid=m4vpvq21qait HTTP 302
https://trkmad.com/125113/ HTTP 302
https://algosit.com/g1yCFw

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
postlutma.gq/ 31 KB
8 KB 164ms
107ms Document
text/html 2606:4700:3035::ac43:ca0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postlutma.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ca0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff78de2eb3fd86a38933169e493b4eac40d25afa2d520b42d0d806e4242791ed

Request headers

:method: GET
:authority: postlutma.gq
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
content-type: text/html; charset=utf-8
last-modified: Tue, 25 Aug 2020 15:45:12 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4%2BjBy48RlTqxcsINP6fzs5DW5megN%2BbVerX2NiFdKBc9F0m13agV%2B3HvfL%2F0yoBA%2Bz7ZHHAp9mYmyVpd3QuU5icLLf5%2B9pUWppySATcYwyUAQF1O%2FweGJWJq2MRPnIdAOa8vl6ge4hPmD0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6745bfb2de164e61-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 main.css
postlutma.gq/images/assets/css/ 50 KB
8 KB 128ms
107ms Stylesheet
text/css 2606:4700:3035::ac43:ca0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postlutma.gq/images/assets/css/main.css
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ca0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fe191c3611ca013cfd35ae69fb5af49beda51de5f8b5ef17261b2fee6ab52e0

Request headers

:path: /images/assets/css/main.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: postlutma.gq
referer: https://postlutma.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 05 Feb 2020 18:13:10 GMT
server: cloudflare
etag: W/"5e3b05b6-c838"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXjBep2VTmPDl6%2FIQtuz9C1ryFBWP%2F%2FJea2flVswa9UEyVHCQVGFJzSd5OyzIcngno8vlFWLUV2mRM8sW%2FIb7XRn9i3BXortETzwBdN13XKwvlZmHvngpx7GdXeG1J%2F%2FYNrnY3SDU%2BAXM%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6745bfb3bc6342cf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET

rao.jpg
strategy4forex.com/wp-content/uploads/2010/11/
Redirect Chain

https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg
https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg

0
0

GET
H2 200 attachment.php
www.forexfactory.com/ 34 KB
35 KB 587ms
558ms Image
image/png 2606:4700::6812:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.forexfactory.com/attachment.php?attachmentid=1532418&stc=1&thumb=1&d=1413861138

Requested by

Host: postlutma.gq
URL: https://postlutma.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

547c33c3fa05f2acfc807a9f14f594c58299acadd38ddc7f108defcfbf85c11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
content-disposition: inline; filename="xauusd-h1-hf-markets-ltd-3.png"
vary: User-Agent
content-length: 34453
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Oct 2014 03:12:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1532418"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains
content-type: image/png
access-control-allow-origin: http://www.forexfactory.com
cache-control: max-age=31536000, private
access-control-allow-credentials: false
s: w2
accept-ranges: bytes
cf-ray: 6745bfb3efdb4a56-FRA
expires: Mon, 25 Jul 2022 13:31:29 GMT

GET
H2 200 ma_shift.png
forex-indicators.net/files/indicators/ 7 KB
8 KB 297ms
257ms Image
image/png 2606:4700:3031::6815:cd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forex-indicators.net/files/indicators/ma_shift.png

Requested by

Host: postlutma.gq
URL: https://postlutma.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:cd9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3a107888d2b4d0bb0c68ae5c90d6c22aa983e05b7c8b87e4d93b37a809fcc13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7112
last-modified: Tue, 07 Sep 2010 10:19:19 GMT
server: cloudflare
etag: "ad028c1-1bc8-48fa8bada77c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAKe9QfPHlqUfS%2FPdYXYEwjPgoYC5SEEGYjxV0wYbQmnsUEPDHlS9yJZF5G78GZv3Ob121A62%2B8wgJFX6FAXErDHDyLLZYPxgInXyf0xIxFNS5Hjj2xn%2BMF9wp22Yp2H%2Bz4mGS3BrwNx0luJfEDSdGrzqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6745bfb3fb110614-FRA
expires: Sun, 08 Aug 2021 13:31:29 GMT

GET
H/1.1 200
OK /
www.bullkhan.com/forex/chart/USDTND/ 11 KB
0 1014ms
600ms Image
image/jpeg 162.241.67.86
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bullkhan.com/forex/chart/USDTND/
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.67.86 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: munafasutra.com
Software: Apache /
Resource Hash

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Jul 2021 13:31:28 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=3, max=30
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET Three-Moving-Averages-1024x403.png
dev.tradingsim.com/wp-content/uploads/2011/06/ 0
0

GET
H2 200 DMA-Strategy-3-1024x427.png
tradingsim.com/wp-content/uploads/2011/06/ 47 KB
48 KB 618ms
557ms Image
image/png 172.67.73.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tradingsim.com/wp-content/uploads/2011/06/DMA-Strategy-3-1024x427.png

Requested by

Host: postlutma.gq
URL: https://postlutma.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.163 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e725639bf53de98e12610d50aaaecb8e827c66e22c95bafa27f12bed53f2eed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://tradingsim.com https://bearbulltraders.com;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 48564
last-modified: Wed, 28 Aug 2019 06:29:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "bdb4-591278152e9c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbQcwB%2FGdEMQCnbbS1CbsVljI0nLSGr6%2BRYEY0sPFVRafYrqpBiwtW3g59f3ToyEU%2FGxHAxkXctNz%2Flniqc89FqsTija0kZtDuJVYmVmCBx9cl5c8svwY3MIegR6cV2uLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
content-security-policy: frame-ancestors 'self' https://tradingsim.com https://bearbulltraders.com;
accept-ranges: bytes
cf-ray: 6745bfb42c280814-CDG
expires: Mon, 25 Jul 2022 13:31:29 GMT

GET
H2 200 dinapoli.gif
4.bp.blogspot.com/_pYBs9OZcZNU/RsiAzPRtPCI/AAAAAAAAABA/ULYubz4IK7M/w1200-h630-p-k-no-nu/ 23 KB
23 KB 511ms
479ms Image
image/gif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/_pYBs9OZcZNU/RsiAzPRtPCI/AAAAAAAAABA/ULYubz4IK7M/w1200-h630-p-k-no-nu/dinapoli.gif

Requested by

Host: postlutma.gq
URL: https://postlutma.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6d924ac5d24a03c0e3397979d2564334a86bbe6b955523db2dda35f655ec4533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v1f4"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="dinapoli.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
expires: Mon, 26 Jul 2021 13:31:29 GMT

GET
H2 200 support-resistance-metatrader4-indicator.gif
www.aboutcurrency.com/images/forexdownloads/indicators/mt4part1/ 11 KB
12 KB 465ms
126ms Image
image/gif 65.99.240.118
AS-TIERP-30496

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aboutcurrency.com/images/forexdownloads/indicators/mt4part1/support-resistance-metatrader4-indicator.gif
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 65.99.240.118 Dallas, United States, ASN30496 (AS-TIERP-30496, US),
Reverse DNS: us501.directrouter.com
Software: LiteSpeed /
Resource Hash: 3497fe45bda43b45162e884332383e3f27779e002beb7ca2df747327f3ba7c4d

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:04 GMT
last-modified: Tue, 01 Dec 2015 08:54:40 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 11718
expires: Sun, 01 Aug 2021 13:31:04 GMT

GET Euro-Weekly-Technical-Outlook-EURUSD-Rejected-by-200-DMA-Again_body_GBP1.png
forexbangladesh.com/wp-content/uploads/2019/03/ 0
0

GET
H2 200 aqp_rainbow_3dma.png
www.incrediblecharts.com/images/png_images/ 18 KB
19 KB 577ms
94ms Image
image/png 173.205.124.60
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.incrediblecharts.com/images/png_images/aqp_rainbow_3dma.png
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.205.124.60 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
Software: nginx/1.21.1 /
Resource Hash: deab2f61299cd3f7f691539102b7fd4f0183dc3b4c345a6f5198b6fdc70015e0

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
last-modified: Wed, 14 Oct 2020 07:14:07 GMT
server: nginx/1.21.1
etag: "5f86a53f-4910"
content-type: image/png
expires: Sun, 01 Aug 2021 13:31:29 GMT
cache-control: max-age=604800, public, must-revalidate
accept-ranges: bytes
content-length: 18704
x-proxy-cache: STATIC/TYPE

GET
H2 200 EURGBPDaily22april.png
www.xm.com/wp-content/uploads/2016/04/ 91 KB
92 KB 73ms
47ms Image
image/png 104.109.67.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xm.com/wp-content/uploads/2016/04/EURGBPDaily22april.png

Requested by

Host: postlutma.gq
URL: https://postlutma.gq/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.67.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-67-14.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

880302696f9b828c71f300a8bb75acd265b5e4b74531709b458a94ee2471b575

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
last-modified: Fri, 22 Apr 2016 07:21:44 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "16bcc-5310dadd50046"
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, OPTIONS
content-type: image/png
cache-control: max-age=2591961
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=12, origin; dur=22
accept-ranges: bytes
access-control-allow-headers: Authorization, X-Requested-With, Content-Type, Origin, Accept, Cookie
content-length: 93132
expires: Tue, 24 Aug 2021 13:30:50 GMT

GET
H2 404 sn-mek-obrazovky-2017-05-11-v-12-26-58_orig.png
www.fxtradingrevolution.com/uploads/5/4/6/5/54651913/ 0
57 B 467ms
412ms Image
text/plain 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxtradingrevolution.com/uploads/5/4/6/5/54651913/sn-mek-obrazovky-2017-05-11-v-12-26-58_orig.png
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
via: 1.1 google
server: Kestrel
content-length: 0

GET
H2 200 dma-trading2.png
www.forex.com/~/media/forex/images/accounts/dma/ 44 KB
44 KB 514ms
496ms Image
image/png 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.forex.com/~/media/forex/images/accounts/dma/dma-trading2.png
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 20decdeb6022014a21d978b6f1704b1307df2590d58b9b138ec945ab76ffb7f8

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:30 GMT
cf-cache-status: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename="DMA trading2.png"
content-length: 44866
last-modified: Fri, 05 Oct 2018 16:42:29 GMT
server: cloudflare
etag: f08800376fb24874bb8a3009039018ae
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6745bfb5bee697ba-FRA
expires: Sun, 08 Aug 2021 13:31:30 GMT

GET DMA-Strategy-2-1024x403.png
dev.tradingsim.com/wp-content/uploads/2011/06/ 0
0

GET
H2 403 displaced-moving-average-trading-strategy.jpg
forextradingstrategies4u.com/wp-content/uploads/2017/02/ 0
0 558ms
216ms Image
text/html 130.211.146.254
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forextradingstrategies4u.com/wp-content/uploads/2017/02/displaced-moving-average-trading-strategy.jpg
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.146.254 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 254.146.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 image.gif
image.jimcdn.com/app/cms/image/transf/none/path/s2e2ea4a9b3965dd1/image/i5519015784d511be/version/1325385226/ 67 KB
68 KB 49ms
25ms Image
image/gif 151.101.194.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.jimcdn.com/app/cms/image/transf/none/path/s2e2ea4a9b3965dd1/image/i5519015784d511be/version/1325385226/image.gif
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db1956266c0a8ccdf05c4f4f85d1ae81a58adf51017cea4f839ba9ed76503a27

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CRrGKci1qkhhCQB431FsTbVcjPlzlw4Z
via: 1.1 varnish, 1.1 varnish
etag: "748b9997a0e9b0eac5cee9ede34f408c"
age: 0
x-cache: HIT, MISS
content-disposition: inline; filename*=UTF-8''1325385226.gif
fastly-restarts: 1
x-amz-id-2: 7H2dTiLpH1mCobxqLvUJ4JBGaheLg60UrWTk2WZb9ozKXlqyOY30q33PRYwUsg6dVJ69SSdGIcY=
x-served-by: cache-lcy19222-LCY, cache-hhn4058-HHN
accept-ranges: bytes
last-modified: Sun, 01 Jan 2012 02:33:22 GMT
server: AmazonS3
x-timer: S1627219890.558788,VS0,VE18
date: Sun, 25 Jul 2021 13:31:29 GMT
x-amz-request-id: ED1PXY2AH3VG9WJD
access-control-allow-origin: *
expires: Fri, 30 Jul 2021 17:09:41 GMT
content-length: 68663
content-type: image/gif
x-cache-hits: 1, 0

GET 2eeadd62e4a467649ed93e00bb50f6db.jpg
cellularonewest.com/img/ 0
0

GET 3678260828_forex-com-demo-login.png
brandweerbinnenmaas.nl/imgs/ 0
0

GET /
www.bullkhan.com/forex/chart/USDBRL/ 0
0

GET
H2 200 7-5bc731cfdaf8e.jpg
www.forexpeacearmy.com/community/s3/book/ 37 KB
38 KB 641ms
615ms Image
application/octet-stream 2606:4700:10::6816:2cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.forexpeacearmy.com/community/s3/book/7-5bc731cfdaf8e.jpg
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:30 GMT
cf-cache-status: MISS
last-modified: Wed, 17 Oct 2018 12:57:52 GMT
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
etag: "31141be27b28775275ca460c4e85c089"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6745bfb66c774357-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38239

GET
H3-29 200 mas.png
forex-indicators.net/files/indicators/ 4 KB
4 KB 263ms
251ms Image
image/png 2606:4700:3031::6815:cd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forex-indicators.net/files/indicators/mas.png

Requested by

Host: postlutma.gq
URL: https://postlutma.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:cd9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a5dc50ee0f4be950875fec9425834af3fa431e483f77fa702c59cbbeb8bf5a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3630
last-modified: Sun, 11 Jan 2009 19:13:31 GMT
server: cloudflare
etag: "ad02883-e2e-46039c926acc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GG%2FhygWxEGXRMSnz5g%2FebR7ec%2F2TMg4cwXiV9qgeQSxSHNiD5h5c4tV2U2Y1ekFumof6MA6MSUNDtpmVQHOCgCInlrS%2B7Ll2ESwmUp7L3EDgHYjQKB%2FxVppSIdis%2B3yPt9T0DpmO1oiHJkedkNGNnlLcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6745bfb6490905d0-FRA
expires: Sun, 08 Aug 2021 13:31:29 GMT

GET
H2 200 fast-moving-average-cross-strategy.png
www.dolphintrader.com/wp-content/uploads/2013/08/ 80 KB
0 497ms
242ms Image
image/png 72.249.48.96
AS-TIERP-30496

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dolphintrader.com/wp-content/uploads/2013/08/fast-moving-average-cross-strategy.png
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.249.48.96 Dallas, United States, ASN30496 (AS-TIERP-30496, US),
Reverse DNS: us508.directrouter.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:31 GMT
last-modified: Thu, 08 Aug 2013 09:28:52 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 93037
expires: Sun, 01 Aug 2021 13:31:31 GMT

GET
H3-29 200 bigtrend-metatrader4-indicator.gif
www.aboutcurrency.com/images/forexdownloads/indicators/mt4part1/ 28 KB
28 KB 380ms
125ms Image
image/gif 65.99.240.118
AS-TIERP-30496

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aboutcurrency.com/images/forexdownloads/indicators/mt4part1/bigtrend-metatrader4-indicator.gif
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H3-29
Security: QUIC, , CHACHA20_POLY1305
Server: 65.99.240.118 Dallas, United States, ASN30496 (AS-TIERP-30496, US),
Reverse DNS: us501.directrouter.com
Software: LiteSpeed /
Resource Hash: f64c478320d4463b724ec6ed3bc23ee3e2eac98518d2b880932a139290f39edc

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:04 GMT
last-modified: Tue, 01 Dec 2015 08:54:24 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28991
expires: Sun, 01 Aug 2021 13:31:04 GMT

GET
H2 200 dma_experiment__1.png
c.mql5.com/forextsd/forum/226/ 139 KB
139 KB 55ms
21ms Image
image/png 78.140.180.54
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mql5.com/forextsd/forum/226/dma_experiment__1.png

Requested by

Host: postlutma.gq
URL: https://postlutma.gq/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.140.180.54 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ff808864900fdf9f90fcb87bfb2ed03e3861a262521f386dea1aa6dcb17009e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 14:35:40 GMT
server: nginx/1.18.0 (Ubuntu)
generate-time: 535
x-cache-status: MISS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, immutable,no-transform
accept-ranges: bytes
content-length: 141978
x-xss-protection: 1;
expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H3-29 200 21dema.png
forex-indicators.net/files/indicators/ 10 KB
11 KB 262ms
262ms Image
image/png 2606:4700:3031::6815:cd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forex-indicators.net/files/indicators/21dema.png

Requested by

Host: postlutma.gq
URL: https://postlutma.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:cd9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cedce2737b3f9f0848fa871f7618fe2f7b24639e05c27970dbc3fd82de088675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:30 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10156
last-modified: Thu, 03 Feb 2011 10:46:31 GMT
server: cloudflare
etag: "ad029a7-27ac-49b5e7a7bafc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UPYtBwGngnd4uMTsmewBN8ggDU7Y4s703tz68zaEr15%2BF7rQ8t7y4YdIGin2onE4PKbHq8B7x1xKRe8twKiCpi20etmXKxZJh2%2BXBMTqqUDAkq2kLZd6URGEs2940NcKkcUVBVWt6mHk0PwJXMmTCd0rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6745bfb75b4a05d0-FRA
expires: Sun, 08 Aug 2021 13:31:29 GMT

GET
H3-29 200 adaptive-stochastic-metatrader4-indicator.gif
www.aboutcurrency.com/images/forexdownloads/indicators/mt4part1/ 13 KB
13 KB 287ms
146ms Image
image/gif 65.99.240.118
AS-TIERP-30496

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aboutcurrency.com/images/forexdownloads/indicators/mt4part1/adaptive-stochastic-metatrader4-indicator.gif
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H3-29
Security: QUIC, , CHACHA20_POLY1305
Server: 65.99.240.118 Dallas, United States, ASN30496 (AS-TIERP-30496, US),
Reverse DNS: us501.directrouter.com
Software: LiteSpeed /
Resource Hash: 7b7b6ff9e105c78e580cf68962a95a359caf33a75c90a491a3b57fe7263a918b

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:04 GMT
last-modified: Tue, 01 Dec 2015 08:54:21 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12965
expires: Sun, 01 Aug 2021 13:31:04 GMT

GET
H2 200 1484222821661.jpg
a.c-dn.net/c/content/igcom/en_CH/ig-financial-markets/market-news-and-analysis/view-ig/2017/01/11/crude-future-determined-by-us-output-36209/jcr:content/textimage/image.img.jpg/ 16 KB
16 KB 59ms
27ms Image
image/jpeg 23.32.243.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.c-dn.net/c/content/igcom/en_CH/ig-financial-markets/market-news-and-analysis/view-ig/2017/01/11/crude-future-determined-by-us-output-36209/jcr:content/textimage/image.img.jpg/1484222821661.jpg
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.243.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-243-95.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: db94ea9e3837ec04fadecf6bdeeff09e9335828c6b7811de2302f6ba130ee7b8

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
last-modified: Thu, 17 Jun 2021 10:03:02 GMT
server: Apache
content-type: image/jpeg
cache-control: public, max-age=7257700
accept-ranges: bytes
content-length: 16227
expires: Sun, 17 Oct 2021 13:33:09 GMT

GET
H2 200 dma.png
c.mql5.com/forextsd/forum/226/ 119 KB
120 KB 25ms
24ms Image
image/png 78.140.180.54
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mql5.com/forextsd/forum/226/dma.png

Requested by

Host: postlutma.gq
URL: https://postlutma.gq/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.140.180.54 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6a97b644e00effca9519303d579b610c4c8b938b72fbace5f9bd4d3c22ced178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 14:35:40 GMT
server: nginx/1.18.0 (Ubuntu)
generate-time: 603
x-cache-status: MISS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, immutable,no-transform
accept-ranges: bytes
content-length: 122203
x-xss-protection: 1;
expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 ctrader.png
www.investoo.com/wp-content/uploads/2014/09/ 112 KB
113 KB 150ms
58ms Image
image/png 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investoo.com/wp-content/uploads/2014/09/ctrader.png
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a8df4f69be5c827092f70d787e38a7009bf3342667b8826d6e63e95ed4c4dbe

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:30 GMT
cf-cache-status: MISS
last-modified: Mon, 21 Jan 2019 13:45:21 GMT
server: cloudflare
etag: "5c45ccf1-1c04c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6745bfb88a42409f-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 114764

GET
H2 200 MarCo-indicator.png
www.profitf.com/wp-content/uploads/2016/05/ 181 KB
181 KB 114ms
40ms Image
image/png 185.61.154.61
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.profitf.com/wp-content/uploads/2016/05/MarCo-indicator.png

Requested by

Host: postlutma.gq
URL: https://postlutma.gq/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.154.61 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

premium60-4.web-hosting.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
last-modified: Sun, 21 Jan 2018 09:40:42 GMT
server: Apache
accept-ranges: bytes
date: Sun, 25 Jul 2021 13:31:30 GMT
content-length: 185315
content-type: image/png

GET
H3-29 200 ma_method.png
forex-indicators.net/files/indicators/ 7 KB
8 KB 252ms
252ms Image
image/png 2606:4700:3031::6815:cd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forex-indicators.net/files/indicators/ma_method.png

Requested by

Host: postlutma.gq
URL: https://postlutma.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:cd9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:30 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7109
last-modified: Tue, 07 Sep 2010 10:00:30 GMT
server: cloudflare
etag: "ad029be-1bc5-48fa8778f4b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBDLvktRXEnqz5x7SvMe4MuHqlVKovMgfOWM8XY%2BHVvT6GiRf0ovyP25ObaSoTM2U5RMxMOFp7LrXgoHRYzrcu9Q47JV96aiAmMYicN7Yn0QJ%2Bq7UDELA9Ulo69%2FFF9G7ITVBEyFtLFRFXdckvWAlWNJJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6745bfb83d6605d0-FRA
expires: Sun, 08 Aug 2021 13:31:30 GMT

GET
H3-29 200 jquery.min.js Show response
postlutma.gq/images/assets/js/ 86 KB
32 KB 210ms
195ms Script
application/javascript 2606:4700:3035::ac43:ca0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postlutma.gq/images/assets/js/jquery.min.js
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ca0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

:path: /images/assets/js/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: postlutma.gq
referer: https://postlutma.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 13:17:02 GMT
server: cloudflare
etag: W/"5cf9124e-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ud2%2FZNp4McA8jPyq%2FLTt8OKPOUP1ZwSh8S7ZQjnPzwcOg3HPCeGk9GMXsBlZYOckox93nKmpZydaSFMVsATlcIeIBym1kbB7vjeD%2BD3vTXxiuvyry10o5xDlF0CTJeE8XwbPTk5DF%2BdylBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6745bfb3cc7942cf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 browser.min.js Show response
postlutma.gq/images/assets/js/ 2 KB
1 KB 116ms
101ms Script
application/javascript 2606:4700:3035::ac43:ca0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postlutma.gq/images/assets/js/browser.min.js
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ca0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4

Request headers

:path: /images/assets/js/browser.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: postlutma.gq
referer: https://postlutma.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 13:17:02 GMT
server: cloudflare
etag: W/"5cf9124e-73b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBOWMt%2FIKet6Hm%2BXPJ%2BbjsJr76%2F8Ss90oC4YbqXXNQ3mw%2FuLDO3Yl4fgnLgbfEkYXMMEjFpT35DG2kwPS%2FalIGShCOrCgZZJUgGaqK4QoZ0MHEARIzaZkPXrK44IcFzreray9FgztualMME%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6745bfb3cc7f42cf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 breakpoints.min.js Show response
postlutma.gq/images/assets/js/ 2 KB
1 KB 145ms
131ms Script
application/javascript 2606:4700:3035::ac43:ca0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postlutma.gq/images/assets/js/breakpoints.min.js
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ca0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52

Request headers

:path: /images/assets/js/breakpoints.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: postlutma.gq
referer: https://postlutma.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 13:17:02 GMT
server: cloudflare
etag: W/"5cf9124e-987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1w3niI0gH8dAPNlLF1L%2BWyFAJSA4yfHowPHjqYDIoHdBta%2BkYNLjIQspEAd%2FZDA6wvWRTVwTQ1fx7kEpcIEs9yi%2BEI6RG2IpGMcbG%2FBjCvV1F1os%2FqBVtDiElBTTiXKWwIcRDjfsJSUEX8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6745bfb3cc8542cf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 util.js Show response
postlutma.gq/images/assets/js/ 12 KB
4 KB 135ms
121ms Script
application/javascript 2606:4700:3035::ac43:ca0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postlutma.gq/images/assets/js/util.js
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ca0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00

Request headers

:path: /images/assets/js/util.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: postlutma.gq
referer: https://postlutma.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 13:17:02 GMT
server: cloudflare
etag: W/"5cf9124e-3091"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSOmSBxr4yEuI5hNks%2B3Q%2Fzwa9AEghci%2B0mZsTSf6YEtYJYrVmY6vOdJbwSdVKW3so4FOjSBDi6jOYJgFdaBq8nHbjdcSNcC31Bzk7KIg93rKoLIKyQpqOTb2DbLut37IS0DTv1WLO0bIrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6745bfb3cc8942cf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 main.js Show response
postlutma.gq/images/assets/js/ 1 KB
1 KB 129ms
114ms Script
application/javascript 2606:4700:3035::ac43:ca0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postlutma.gq/images/assets/js/main.js
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ca0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1b203c754524dcba75cf677446420df14a387d42e7e052f65881678ef34e785

Request headers

:path: /images/assets/js/main.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: postlutma.gq
referer: https://postlutma.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 13:17:02 GMT
server: cloudflare
etag: W/"5cf9124e-5e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acq%2F3%2FTIhynKt9GXt%2Fh8TU6mycRqYslI5810P0nRhYu104wkiATKKdrnSik9shzLDMWQOOO480gwPseMGUFwGbmAFcplyI0HA4xM0IvGkWJSAoq15GqjiBc82heQijWRLvhvpoEzjY9Cb4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6745bfb3cc8b42cf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 fontawesome-all.min.css
postlutma.gq/images/assets/css/ 55 KB
12 KB 110ms
109ms Stylesheet
text/css 2606:4700:3035::ac43:ca0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postlutma.gq/images/assets/css/fontawesome-all.min.css
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/images/assets/css/main.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ca0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

:path: /images/assets/css/fontawesome-all.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: postlutma.gq
referer: https://postlutma.gq/images/assets/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postlutma.gq/images/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 15 Nov 2019 20:55:02 GMT
server: cloudflare
etag: W/"5dcf10a6-da9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZKPE5HWqFZQ08TdvwCNEXx4wfPRCZNtX9RjtHsGbR1q9UVg96FW1p2UPG9Jqd8GjB6fv445zFOJsdn6XMwF9wmbtrSX%2BGSQaxVRRF5ed2I1ytnjZC%2B5OljHnUYOO8hyDwI4cy0lxqJuwWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6745bfb46e4642cf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1005 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,700|Open+Sans+Condensed:300,700

Requested by

Host: postlutma.gq
URL: https://postlutma.gq/images/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099a055db4b534ef3892632460fe4080811d8a046af26e494deef13c2615c22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Jul 2021 13:31:29 GMT
server: ESF
date: Sun, 25 Jul 2021 13:31:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jul 2021 13:31:29 GMT

GET
H2 200 Jx6F4x
algosit.com/ 502 B
1 KB 122ms
97ms Script
application/javascript 2606:4700:3032::ac43:aeaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://algosit.com/Jx6F4x?se_referrer=&default_keyword=Dma%20forex%20indicator&&frm5f44f08b17853=script5f44f08b17855&_cid=a1e97e6b-1500-d292-024e-05d402f90012
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aeaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://postlutma.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 13:31:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 25 Jul 2021 13:31:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5jo0%2BiH12jHiXbtGjg5bCVWmXzvFtHYHmvXwot6CjDigajv03tF2BI0T6TiXsMkFw1DKNj4Gc%2FAcQx3fAHAY%2BN3I%2FzOTvh2%2BrhhaLaT%2BPB6P5q1FH07HhP4Gbd4cEsbkbBqQP8ALF2qCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
cf-ray: 6745bfb8abe83260-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: 0

GET
H3-29 200 bg02.png
postlutma.gq/images/assets/css/images/ 3 KB
4 KB 102ms
101ms Image
image/png 2606:4700:3035::ac43:ca0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postlutma.gq/images/assets/css/images/bg02.png
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/images/assets/css/main.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ca0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5bd22cb3c4050e97252bc32883b1a8fa2fb3ef5de82a38a3004e99df8fdaa2d

Request headers

:path: /images/assets/css/images/bg02.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: postlutma.gq
referer: https://postlutma.gq/images/assets/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postlutma.gq/images/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3535
last-modified: Thu, 06 Jun 2019 13:17:02 GMT
server: cloudflare
etag: "5cf9124e-dcf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42hnQrzdbkuXg%2BAYgivDJ13sJS3Xvknf8BndM2Bfr7eXklgkv6rPJk%2BsSXTrPLdkPm7y7V81C0F1UZJ9lqLgWH1Xv%2Fs1tlnOxmxp5dn22eP0czuzZLXQmdz%2B5fbjqjYaQxos%2FD92ydfaohg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6745bfb5287c42cf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 bg01.png
postlutma.gq/images/assets/css/images/ 6 KB
7 KB 136ms
135ms Image
image/png 2606:4700:3035::ac43:ca0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postlutma.gq/images/assets/css/images/bg01.png
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/images/assets/css/main.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ca0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b23a9a6ecb7dcd0a48fd166739ed50cf6f5c46b93c9654b6a761241816c3dd0

Request headers

:path: /images/assets/css/images/bg01.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: postlutma.gq
referer: https://postlutma.gq/images/assets/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postlutma.gq/images/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6310
last-modified: Thu, 06 Jun 2019 13:17:02 GMT
server: cloudflare
etag: "5cf9124e-18a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcfGbNdq072IUXRlKilz9Ei2F8PmvxaeLExjm7sl%2FX8SVWmySkN9OMVXhjEGNAnaM49mdBaGl14BNthiZ67Uo3zCI9sNg%2FiNI%2Fdib1dak0jVLvrCf%2F0CNyv%2BO%2FRa6nljvQ2V0Tdm4HZhjYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6745bfb5388f42cf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 15 KB
15 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,700|Open+Sans+Condensed:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://postlutma.gq
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:16:18 GMT
x-content-type-options: nosniff
age: 436511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14872
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:16:18 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 16 KB
16 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,700|Open+Sans+Condensed:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://postlutma.gq
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 11:34:38 GMT
x-content-type-options: nosniff
age: 439011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16256
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 11:34:38 GMT

GET
H3-29 200 fa-regular-400.woff2
postlutma.gq/images/assets/webfonts/ 13 KB
14 KB 104ms
103ms Font
application/octet-stream 2606:4700:3035::ac43:ca0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postlutma.gq/images/assets/webfonts/fa-regular-400.woff2
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/images/assets/css/fontawesome-all.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ca0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Request headers

:path: /images/assets/webfonts/fa-regular-400.woff2
pragma: no-cache
origin: https://postlutma.gq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: postlutma.gq
referer: https://postlutma.gq/images/assets/css/fontawesome-all.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://postlutma.gq
Referer: https://postlutma.gq/images/assets/css/fontawesome-all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 13:17:02 GMT
server: cloudflare
etag: "5cf9124e-350c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwGDB6WdWaCaFNlH5iNQtaECY40irrYov5QXQXrQUFOFD29IFC4dXCrrHjySIXRp2sJL0K19pvFeOiTWELQUSQlrZPqMHqior%2F2YbjHOKGmVdABuNbjdRIjP0F0dXPJ119c99BlKQBSy6AU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6745bfb5389e42cf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13580

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
16 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,700|Open+Sans+Condensed:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://postlutma.gq
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:30:51 GMT
x-content-type-options: nosniff
age: 493238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:17 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 20:30:51 GMT

GET
H3-29 200 fa-brands-400.woff2
postlutma.gq/images/assets/webfonts/ 73 KB
73 KB 194ms
193ms Font
application/octet-stream 2606:4700:3035::ac43:ca0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postlutma.gq/images/assets/webfonts/fa-brands-400.woff2
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/images/assets/css/fontawesome-all.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ca0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473

Request headers

:path: /images/assets/webfonts/fa-brands-400.woff2
pragma: no-cache
origin: https://postlutma.gq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: postlutma.gq
referer: https://postlutma.gq/images/assets/css/fontawesome-all.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://postlutma.gq
Referer: https://postlutma.gq/images/assets/css/fontawesome-all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 13:17:02 GMT
server: cloudflare
etag: "5cf9124e-1230c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWF7z6Is%2FT%2BEjpLdnbDUxIEuJISkBxRK35sWplU8%2BbwD4QWxVyMIc7l6V03VrPKMtmROiaX2hSByxFje1i1RHIfI4bwV9mnoOw3lQMhthu4LsqiZHENUsh0RnQfMaTJnC9LVWPMGIN0LhAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6745bfb538a142cf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 74508

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,700|Open+Sans+Condensed:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://postlutma.gq
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 13:27:21 GMT
x-content-type-options: nosniff
age: 432248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 13:27:21 GMT

GET
H3-29 200 fa-solid-900.woff2
postlutma.gq/images/assets/webfonts/ 74 KB
74 KB 188ms
187ms Font
application/octet-stream 2606:4700:3035::ac43:ca0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postlutma.gq/images/assets/webfonts/fa-solid-900.woff2
Requested by: Host: postlutma.gq
URL: https://postlutma.gq/images/assets/css/fontawesome-all.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ca0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

:path: /images/assets/webfonts/fa-solid-900.woff2
pragma: no-cache
origin: https://postlutma.gq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: postlutma.gq
referer: https://postlutma.gq/images/assets/css/fontawesome-all.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://postlutma.gq
Referer: https://postlutma.gq/images/assets/css/fontawesome-all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:31:29 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2019 13:17:02 GMT
server: cloudflare
etag: "5cf9124e-126b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDcq89pMJDMsWUhZa0V9pIyFGMQfXNoRjIIpl1ZEnvMRoS3oeO%2BJSzzn6BnmLVGtFhesV2cSUDiDBbXW6D9Yey%2BiWVwXbsulb9miYJ02OF8Sry7NZh9i5SvrCgf2af7is0fhjyBQ%2FaCNILw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6745bfb538a442cf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 75440

GET
H3-29

200

g1yCFw
algosit.com/
Redirect Chain

https://affiliate.iqbroker.com/redir/?aff=17177&instrument=options&clickid=m4vpvq21qait
https://trkmad.com/125113/
https://algosit.com/g1yCFw

692 B
1 KB

79ms
67ms

Document
text/html

2606:4700:3032::ac43:aeaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://algosit.com/g1yCFw
Requested by: Host: algosit.com
URL: https://algosit.com/Jx6F4x?se_referrer=&default_keyword=Dma%20forex%20indicator&&frm5f44f08b17853=script5f44f08b17855&_cid=a1e97e6b-1500-d292-024e-05d402f90012
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:aeaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: algosit.com
:scheme: https
:path: /g1yCFw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://postlutma.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://postlutma.gq/

Response headers

date: Sun, 25 Jul 2021 13:31:30 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Sun, 25 Jul 2021 13:31:30 GMT
pragma: no-cache
set-cookie: _subid=m4vpvq21qaiv;Expires=Wednesday, 25-Aug-2021 13:31:30 GMT;Max-Age=2678400;Path=/ fe084=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUxXCI6MTYyNzIxOTg5MH0sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE2MjcyMTk4OTB9LFwidGltZVwiOjE2MjcyMTk4OTB9In0.xTNYXytrayNWBYcRrg0R4o76XwrM0tb-CGPaZX7Fj9I;Expires=Friday, 17-Feb-2073 03:03:00 GMT;Max-Age=1627306290;Path=/
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9E5NPtU4VNU%2FXyD3YKHNp3i2A9g2XT2l1ANUDgg8a57Sa1alUuh7xYuDsOH2fKZILIOUmAsz2VAiNH%2FrQxr9g6%2B0GARgJ%2Fnq7RVsSCo2TvjB0AKbG2rJmV9ITv5MdI5AdELcBoy6AwucIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6745bfba4da205fd-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Location: https://algosit.com/g1yCFw
Date: Sun, 25 Jul 2021 13:31:30 GMT
Content-Length: 0
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H/1.1 200
OK / Show response
fastlovedatings.com/18plus/ 2 KB
1 KB 165ms
79ms Document
text/html 5.8.34.184
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlovedatings.com/18plus/?u=8bfp605&o=4f30vvg
Requested by: Host: algosit.com
URL: https://algosit.com/g1yCFw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.8.34.184 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: a89d394fa14bc6159dc2e6cb4b21935203f37f312e59119c3389cb900ed15aec

Request headers

Host: fastlovedatings.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://algosit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://algosit.com/

Response headers

Server: nginx
Date: Sun, 25 Jul 2021 13:31:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 20 Apr 2021 19:45:10 GMT
ETag: W/"607f2f46-950"
Content-Encoding: gzip

GET
H/1.1 200
OK trls.js Show response
fastlovedatings.com/18plus/js/ 8 KB
8 KB 85ms
84ms Script
application/javascript 5.8.34.184
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlovedatings.com/18plus/js/trls.js
Requested by: Host: fastlovedatings.com
URL: https://fastlovedatings.com/18plus/?u=8bfp605&o=4f30vvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.8.34.184 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: f0cdc20bbe8dceba13ca9e43b94745100f0c81ec60b0af31fadb2ff4e3406849

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: fastlovedatings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://fastlovedatings.com/18plus/?u=8bfp605&o=4f30vvg
Connection: keep-alive
Referer: https://fastlovedatings.com/18plus/?u=8bfp605&o=4f30vvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:30 GMT
Last-Modified: Sat, 19 Dec 2020 01:38:12 GMT
Server: nginx
ETag: "5fdd5984-1e53"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7763

GET
H/1.1 200
OK settings.js Show response
fastlovedatings.com/18plus/js/ 71 B
313 B 56ms
18ms Script
application/javascript 5.8.34.184
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlovedatings.com/18plus/js/settings.js
Requested by: Host: fastlovedatings.com
URL: https://fastlovedatings.com/18plus/?u=8bfp605&o=4f30vvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.8.34.184 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: f5109ad2374b7d75fc2f3ce5cc6ea89e5552333783ee7cec0d2b3dbb3edba61b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: fastlovedatings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://fastlovedatings.com/18plus/?u=8bfp605&o=4f30vvg
Connection: keep-alive
Referer: https://fastlovedatings.com/18plus/?u=8bfp605&o=4f30vvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:30 GMT
Last-Modified: Fri, 25 Oct 2019 06:42:33 GMT
Server: nginx
ETag: "5db29959-47"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71

GET
H/1.1 200
OK ps-new.js Show response
fastlovedatings.com/js/ 32 KB
33 KB 138ms
96ms Script
application/javascript 5.8.34.184
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlovedatings.com/js/ps-new.js
Requested by: Host: fastlovedatings.com
URL: https://fastlovedatings.com/18plus/?u=8bfp605&o=4f30vvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.8.34.184 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 3d603d8904675fc31383237959d80556ebffb36109f07ef693248fc64b1f9efb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: fastlovedatings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://fastlovedatings.com/18plus/?u=8bfp605&o=4f30vvg
Connection: keep-alive
Referer: https://fastlovedatings.com/18plus/?u=8bfp605&o=4f30vvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:30 GMT
Last-Modified: Tue, 20 Jul 2021 21:43:09 GMT
Server: nginx
ETag: "60f7436d-8161"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33121

GET
H/1.1 200
OK pxl.png
p-analytics.life/ 0
317 B 62ms
18ms Image
image/png 5.8.34.62
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p-analytics.life/pxl.png
Requested by: Host: fastlovedatings.com
URL: https://fastlovedatings.com/18plus/?u=8bfp605&o=4f30vvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.8.34.62 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fastlovedatings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:30 GMT
Last-Modified: Mon, 18 May 2020 14:09:57 GMT
Server: nginx
ETag: "5ec29735-0"
Content-Type: image/png
Cache-Control: no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Sun, 25 Jul 2021 13:31:29 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.4.1/ 21 KB
7 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.4.1/firebase-app.js

Requested by

Host: fastlovedatings.com
URL: https://fastlovedatings.com/js/ps-new.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastlovedatings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6763
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 22:20:44 GMT

GET
H3-29 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.4.1/ 40 KB
11 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

Requested by

Host: fastlovedatings.com
URL: https://fastlovedatings.com/js/ps-new.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastlovedatings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 17:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10908
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 17:50:56 GMT

GET
H/1.1 200
OK install
pushbizapi.com/api/errors/ 0
0 69ms
25ms Fetch 46.148.125.75
LLHOST-INC-SRL

General

Check archive.org

Show headers Download Go to

Full URL: https://pushbizapi.com/api/errors/install?message=FirebaseError:%20Messaging:%20This%20browser%20doesn%27t%20support%20the%20API%27s%20required%20to%20use%20the%20firebase%20SDK.%20(messaging/unsupported-browser).
Requested by: Host: fastlovedatings.com
URL: https://fastlovedatings.com/js/ps-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.148.125.75 Haarlem, Netherlands, ASN35277 (LLHOST-INC-SRL, RO),
Reverse DNS: har16.srv.llhost-inc.com
Software: nginx/1.16.0 / ASP.NET
Resource Hash

Request headers

Referer: https://fastlovedatings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:30 GMT
X-AspNetMvc-Version: 5.2
Server: nginx/1.16.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 0

GET
H/1.1 200
OK install
pushbizapi.com/api/errors/ 0
0 68ms
25ms Fetch 46.148.125.75
LLHOST-INC-SRL

General

Check archive.org

Show headers Download Go to

Full URL: https://pushbizapi.com/api/errors/install?message=TypeError:%20Cannot%20read%20property%20%27onTokenRefresh%27%20of%20undefined
Requested by: Host: fastlovedatings.com
URL: https://fastlovedatings.com/js/ps-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.148.125.75 Haarlem, Netherlands, ASN35277 (LLHOST-INC-SRL, RO),
Reverse DNS: har16.srv.llhost-inc.com
Software: nginx/1.16.0 / ASP.NET
Resource Hash

Request headers

Referer: https://fastlovedatings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:30 GMT
X-AspNetMvc-Version: 5.2
Server: nginx/1.16.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 0

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
vip-datingnow.com/
Redirect Chain

http://vip-datingnow.com/?u=8bfp605&o=4f30vvg
https://vip-datingnow.com/?u=8bfp605&o=4f30vvg

7 KB
7 KB

116ms
68ms

Document
text/html

5.101.45.21
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Requested by: Host: fastlovedatings.com
URL: https://fastlovedatings.com/js/ps-new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.21 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 08e9d6cbb8204d567490065000e3bb42bed956204102a72bb79cce2866a74b49

Request headers

Host: vip-datingnow.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fastlovedatings.com/18plus/?u=8bfp605&o=4f30vvg

Response headers

Server: nginx
Date: Sun, 25 Jul 2021 13:31:30 GMT
Content-Type: text/html
Content-Length: 7417
Connection: keep-alive
Cache-Control: private no-transform
Set-Cookie: sid=t3~45csdctwbwbbnn4qowlagggv; path=/

Redirect headers

Server: nginx
Date: Sun, 25 Jul 2021 13:31:30 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg

GET
H/1.1 200
OK animate.min.css
vip-datingnow.com/media/dating/toon2/css/ 52 KB
4 KB 18ms
18ms Stylesheet
text/css 5.101.45.21
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://vip-datingnow.com/media/dating/toon2/css/animate.min.css
Requested by: Host: vip-datingnow.com
URL: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.21 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: vip-datingnow.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Cookie: sid=t3~45csdctwbwbbnn4qowlagggv
Connection: keep-alive
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:30 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:53 GMT
Server: nginx
ETag: W/"60a50cf5-ce35"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK style.css
vip-datingnow.com/media/dating/toon2/css/ 8 KB
2 KB 69ms
21ms Stylesheet
text/css 5.101.45.21
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://vip-datingnow.com/media/dating/toon2/css/style.css
Requested by: Host: vip-datingnow.com
URL: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.21 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: vip-datingnow.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Cookie: sid=t3~45csdctwbwbbnn4qowlagggv
Connection: keep-alive
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:30 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:53 GMT
Server: nginx
ETag: W/"60a50cf5-21a0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK js.cookie.js Show response
vip-datingnow.com/cookie/ 4 KB
2 KB 70ms
21ms Script
application/javascript 5.101.45.21
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://vip-datingnow.com/cookie/js.cookie.js
Requested by: Host: vip-datingnow.com
URL: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.21 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: vip-datingnow.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Cookie: sid=t3~45csdctwbwbbnn4qowlagggv
Connection: keep-alive
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:30 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 12:38:46 GMT
Server: nginx
ETag: W/"60a506d6-10a8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK utils.js Show response
vip-datingnow.com/util/ 7 KB
3 KB 145ms
37ms Script
application/javascript 5.101.45.21
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://vip-datingnow.com/util/utils.js
Requested by: Host: vip-datingnow.com
URL: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.21 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9d3e2b083b6e120ba261fe376a4ccd4effde642640e8af81036ecaff262a68d7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: vip-datingnow.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Cookie: sid=t3~45csdctwbwbbnn4qowlagggv
Connection: keep-alive
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:31 GMT
Content-Encoding: br
Last-Modified: Mon, 21 Jun 2021 15:49:14 GMT
Server: nginx
ETag: W/"60d0b4fa-1d57"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK 123.jpg
vip-datingnow.com/media/dating/toon2/images/ 175 KB
166 KB 1075ms
18ms Image
image/jpeg 5.101.45.21
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vip-datingnow.com/media/dating/toon2/images/123.jpg
Requested by: Host: vip-datingnow.com
URL: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.21 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: vip-datingnow.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Cookie: sid=t3~45csdctwbwbbnn4qowlagggv
Connection: keep-alive
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:32 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Server: nginx
ETag: W/"60a50cf6-2bbe8"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
vip-datingnow.com/media/dating/toon2/js/ 84 KB
29 KB 66ms
18ms Script
application/javascript 5.101.45.21
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://vip-datingnow.com/media/dating/toon2/js/jquery-2.2.4.min.js
Requested by: Host: vip-datingnow.com
URL: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.21 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: vip-datingnow.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Cookie: sid=t3~45csdctwbwbbnn4qowlagggv
Connection: keep-alive
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:31 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Server: nginx
ETag: W/"60a50cf6-14e4a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK bb.js Show response
vip-datingnow.com/media/ 639 B
642 B 64ms
18ms Script
application/javascript 5.101.45.21
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://vip-datingnow.com/media/bb.js
Requested by: Host: vip-datingnow.com
URL: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.21 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: vip-datingnow.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Cookie: sid=t3~45csdctwbwbbnn4qowlagggv
Connection: keep-alive
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:31 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 12:39:28 GMT
Server: nginx
ETag: W/"60a50700-27f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK exit1.js Show response
vip-datingnow.com/media/exit-new/ 3 KB
1 KB 140ms
41ms Script
application/javascript 5.101.45.21
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://vip-datingnow.com/media/exit-new/exit1.js
Requested by: Host: vip-datingnow.com
URL: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.21 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: vip-datingnow.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
Cookie: sid=t3~45csdctwbwbbnn4qowlagggv
Connection: keep-alive
Referer: https://vip-datingnow.com/?u=8bfp605&o=4f30vvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:31 GMT
Content-Encoding: br
Last-Modified: Mon, 31 May 2021 11:57:41 GMT
Server: nginx
ETag: W/"60b4cf35-d91"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H3-29 200 css
fonts.googleapis.com/ 30 KB
1 KB 26ms
25ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Requested by

Host: vip-datingnow.com
URL: https://vip-datingnow.com/media/dating/toon2/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ea057744ac643261590d3c2d3ba9f8436db41e04691800a5a507142d322fe57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vip-datingnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Jul 2021 13:31:31 GMT
server: ESF
date: Sun, 25 Jul 2021 13:31:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jul 2021 13:31:31 GMT

GET
H/1.1 200
OK bg.jpg
vip-datingnow.com/media/dating/toon2/images/ 117 KB
108 KB 1090ms
18ms Image
image/jpeg 5.101.45.21
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vip-datingnow.com/media/dating/toon2/images/bg.jpg
Requested by: Host: vip-datingnow.com
URL: https://vip-datingnow.com/media/dating/toon2/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.21 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: vip-datingnow.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://vip-datingnow.com/media/dating/toon2/css/style.css
Cookie: sid=t3~45csdctwbwbbnn4qowlagggv
Connection: keep-alive
Referer: https://vip-datingnow.com/media/dating/toon2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 13:31:32 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Server: nginx
ETag: W/"60a50cf6-1d3ca"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: no-transform
Connection: close

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://vip-datingnow.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 08:34:22 GMT
x-content-type-options: nosniff
age: 449829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 08:34:22 GMT

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://vip-datingnow.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 00:16:41 GMT
x-content-type-options: nosniff
age: 479690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 00:16:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: strategy4forex.com
URL: https://strategy4forex.com/wp-content/uploads/2010/11/rao.jpg

Domain: dev.tradingsim.com
URL: https://dev.tradingsim.com/wp-content/uploads/2011/06/Three-Moving-Averages-1024x403.png

Domain: forexbangladesh.com
URL: https://forexbangladesh.com/wp-content/uploads/2019/03/Euro-Weekly-Technical-Outlook-EURUSD-Rejected-by-200-DMA-Again_body_GBP1.png

Domain: dev.tradingsim.com
URL: https://dev.tradingsim.com/wp-content/uploads/2011/06/DMA-Strategy-2-1024x403.png

Domain: cellularonewest.com
URL: https://cellularonewest.com/img/2eeadd62e4a467649ed93e00bb50f6db.jpg

Domain: brandweerbinnenmaas.nl
URL: https://brandweerbinnenmaas.nl/imgs/3678260828_forex-com-demo-login.png

Domain: www.bullkhan.com
URL: https://www.bullkhan.com/forex/chart/USDBRL/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			vip-datingnow.com/	1969-12-31 23:59:59	Name: sid Value: t3~45csdctwbwbbnn4qowlagggv

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://fastlovedatings.com/js/ps-new.js(Line 1) Message: Error: TypeError: Cannot read property 'onTokenRefresh' of undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
a.c-dn.net
affiliate.iqbroker.com
algosit.com
brandweerbinnenmaas.nl
c.mql5.com
cellularonewest.com
dev.tradingsim.com
fastlovedatings.com
fonts.googleapis.com
fonts.gstatic.com
forex-indicators.net
forexbangladesh.com
forextradingstrategies4u.com
image.jimcdn.com
p-analytics.life
postlutma.gq
pushbizapi.com
strategy4forex.com
tradingsim.com
trkmad.com
vip-datingnow.com
www.aboutcurrency.com
www.bullkhan.com
www.dolphintrader.com
www.forex.com
www.forexfactory.com
www.forexpeacearmy.com
www.fxtradingrevolution.com
www.gstatic.com
www.incrediblecharts.com
www.investoo.com
www.profitf.com
www.xm.com
brandweerbinnenmaas.nl
cellularonewest.com
dev.tradingsim.com
forexbangladesh.com
strategy4forex.com
www.bullkhan.com
104.109.67.14
130.211.146.254
141.193.213.20
151.101.194.2
162.241.67.86
172.67.73.163
173.205.124.60
185.104.208.41
185.117.134.136
185.61.154.61
2001:4860:4802:32::15
23.32.243.95
2606:4700:10::6816:2cd
2606:4700:3031::6815:cd9
2606:4700:3032::ac43:aeaa
2606:4700:3035::ac43:ca0c
2606:4700::6812:1bf8
2606:4700::6812:1e5f
2a00:1450:4001:800::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
46.148.125.75
5.101.45.21
5.8.34.184
5.8.34.62
65.99.240.118
72.249.48.96
78.140.180.54
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
08e9d6cbb8204d567490065000e3bb42bed956204102a72bb79cce2866a74b49
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
099a055db4b534ef3892632460fe4080811d8a046af26e494deef13c2615c22c
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
20decdeb6022014a21d978b6f1704b1307df2590d58b9b138ec945ab76ffb7f8
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52
3497fe45bda43b45162e884332383e3f27779e002beb7ca2df747327f3ba7c4d
3d603d8904675fc31383237959d80556ebffb36109f07ef693248fc64b1f9efb
4e725639bf53de98e12610d50aaaecb8e827c66e22c95bafa27f12bed53f2eed
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
547c33c3fa05f2acfc807a9f14f594c58299acadd38ddc7f108defcfbf85c11a
5b23a9a6ecb7dcd0a48fd166739ed50cf6f5c46b93c9654b6a761241816c3dd0
5ea057744ac643261590d3c2d3ba9f8436db41e04691800a5a507142d322fe57
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6a97b644e00effca9519303d579b610c4c8b938b72fbace5f9bd4d3c22ced178
6d924ac5d24a03c0e3397979d2564334a86bbe6b955523db2dda35f655ec4533
6fe191c3611ca013cfd35ae69fb5af49beda51de5f8b5ef17261b2fee6ab52e0
7b7b6ff9e105c78e580cf68962a95a359caf33a75c90a491a3b57fe7263a918b
87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4
880302696f9b828c71f300a8bb75acd265b5e4b74531709b458a94ee2471b575
8a5dc50ee0f4be950875fec9425834af3fa431e483f77fa702c59cbbeb8bf5a0
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
9a8df4f69be5c827092f70d787e38a7009bf3342667b8826d6e63e95ed4c4dbe
9d3e2b083b6e120ba261fe376a4ccd4effde642640e8af81036ecaff262a68d7
a89d394fa14bc6159dc2e6cb4b21935203f37f312e59119c3389cb900ed15aec
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cedce2737b3f9f0848fa871f7618fe2f7b24639e05c27970dbc3fd82de088675
d1b203c754524dcba75cf677446420df14a387d42e7e052f65881678ef34e785
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
d3a107888d2b4d0bb0c68ae5c90d6c22aa983e05b7c8b87e4d93b37a809fcc13
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
d5bd22cb3c4050e97252bc32883b1a8fa2fb3ef5de82a38a3004e99df8fdaa2d
db1956266c0a8ccdf05c4f4f85d1ae81a58adf51017cea4f839ba9ed76503a27
db94ea9e3837ec04fadecf6bdeeff09e9335828c6b7811de2302f6ba130ee7b8
deab2f61299cd3f7f691539102b7fd4f0183dc3b4c345a6f5198b6fdc70015e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0cdc20bbe8dceba13ca9e43b94745100f0c81ec60b0af31fadb2ff4e3406849
f5109ad2374b7d75fc2f3ce5cc6ea89e5552333783ee7cec0d2b3dbb3edba61b
f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57
f64c478320d4463b724ec6ed3bc23ee3e2eac98518d2b880932a139290f39edc
ff78de2eb3fd86a38933169e493b4eac40d25afa2d520b42d0d806e4242791ed
ff808864900fdf9f90fcb87bfb2ed03e3861a262521f386dea1aa6dcb17009e5

vip-datingnow.com Open in urlscan Pro 5.101.45.21 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

90 %HTTPS

38 %IPv6

32 Domains

34 Subdomains

28 IPs

6 Countries

1752 kBTransfer

2218 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vip-datingnow.com Open in urlscan Pro
5.101.45.21 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

90 %
HTTPS

38 %
IPv6

32
Domains

34
Subdomains

28
IPs

6
Countries

1752 kB
Transfer

2218 kB
Size

1
Cookies

73 HTTP transactions
0 data transactions