urlscan.io logo urlscan.io
SecurityTrails logo

sluttydates.com Open in urlscan Pro
2606:4700:3037::ac43:c225  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cutt.us/9UlQW
Effective URL: https://sluttydates.com/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7a257a283e0204ea1&...
Submission Tags: falconsandbox
Submission: On March 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 14 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3037::ac43:c225, located in United States and belongs to CLOUDFLARENET, US. The main domain is sluttydates.com. The Cisco Umbrella rank of the primary domain is 735925.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 19th 2022. Valid for: a year.
This is the only time sluttydates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 69.61.26.122 22653 (GLOBALCOM...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 142.251.32.98 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 3 80.89.238.69 204601 (ON-LINE-D...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 13.57.68.210 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 35.190.66.152 15169 (GOOGLE)
3 5 2606:4700:303... 13335 (CLOUDFLAR...)
30 12
1    69.61.26.122 (United States)

ASN22653 (GLOBALCOMPASS, US)
cutt.us
2    2607:f8b0:4006:823::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.com
1    2607:f8b0:4006:809::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2607:f8b0:4006:81f::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:81e::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
381db1f8a821fcdfde036b245ef7dd8a.safeframe.googlesyndication.com
3    80.89.238.69 (Enschede, Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: hottopnow.com
hottopnow.com
1    2606:4700:3031::6815:3481 (United States)

ASN13335 (CLOUDFLARENET, US)
go.cod10.xyz
4    13.57.68.210 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-57-68-210.us-west-1.compute.amazonaws.com
date-for-more.com
4    2607:f8b0:4006:816::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2607:f8b0:4006:822::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4006:81d::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    35.190.66.152 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 152.66.190.35.bc.googleusercontent.com
www.najf9trk.com
5    2606:4700:3037::ac43:c225 (United States)

ASN13335 (CLOUDFLARENET, US)
sluttydates.com
Apex Domain
Subdomains		 Transfer
8 googlesyndication.com
381db1f8a821fcdfde036b245ef7dd8a.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
40 KB
5 sluttydates.com
sluttydates.com — Cisco Umbrella Rank: 735925
17 KB
4 date-for-more.com
date-for-more.com — Cisco Umbrella Rank: 421124
4 KB
3 hottopnow.com
hottopnow.com
3 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
125 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 najf9trk.com
www.najf9trk.com — Cisco Umbrella Rank: 590848
452 B
1 cod10.xyz
go.cod10.xyz
781 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
37 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
28 KB
1 cutt.us
cutt.us — Cisco Umbrella Rank: 532798
2 KB
0 jsdelivr.net Failed
cdn.jsdelivr.net Failed
0 onesignal.com Failed
cdn.onesignal.com Failed
30 14
Domain Requested by
5 sluttydates.com 3 redirects date-for-more.com
sluttydates.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 date-for-more.com 1 redirects cutt.us
date-for-more.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 hottopnow.com 3 redirects
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.najf9trk.com 1 redirects
1 www.google.com tpc.googlesyndication.com
1 go.cod10.xyz 1 redirects
1 381db1f8a821fcdfde036b245ef7dd8a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 www.googletagmanager.com cutt.us
1 www.googletagservices.com cutt.us
1 cutt.us
0 cdn.jsdelivr.net Failed sluttydates.com
0 cdn.onesignal.com Failed sluttydates.com
30 17

This site contains no links.

Subject Issuer Validity Valid
www.cutt.us
R3		 2022-03-01 -
2022-05-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
date-for-more.com
Amazon		 2022-03-10 -
2023-04-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-19 -
2023-01-19		 a year crt.sh

This page contains 4 frames:

Primary Page: https://sluttydates.com/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7a257a283e0204ea1&cmp_id=70&gclid=&access=&pav=18&pavi=&psk=1&pce=0&ps=0&pcp=&ppu=1&pef=&pbo=&ppp=&pb=&pf=&pmr=1&ppn=&pmrdone=1&bo_idw=&prms=
Frame ID: 325CEB4FE9BBEB636CE4657A48FBF7B6
Requests: 24 HTTP requests in this frame

Frame: https://381db1f8a821fcdfde036b245ef7dd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D7B15991F1BCA449E3DBADB45C82476D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 665C8D3297654C5EAD223A59F8F99119
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CD6AD6B0DCBEEA4874084B3F197B7732
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cutt.us/9UlQW Page URL
  2. http://hottopnow.com/mailbin?sub_id_2=all_mix HTTP 302
    http://hottopnow.com/317XMM?sub_id_3=allmix&sub2=sub_id_2 HTTP 302
    https://hottopnow.com/VVzgVzS6?sub_id_3=forbinary HTTP 302
    https://go.cod10.xyz/click?pid=6893&offer_id=3281&sub1=3f0n4vcfsll&sub2=&sub3=forbinary HTTP 302
    https://date-for-more.com/tds/rsl?tdsId=s7889mak_r&tds_campaign=s7889mak&utm_source=arba&utm_term=mob_... HTTP 302
    https://date-for-more.com/tds/interlayer/eb/s/afee8803c28ffc84c7a9ca3a396e4e7e?__t=1648040195631&__l=3600 Page URL
  3. https://www.najf9trk.com/5J4BBT/4G6SHH/?sub3=c4fcabf19274a399831f942f98bfe663b02ced6b&uid=1406&tds_ci... HTTP 302
    https://sluttydates.com/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7... HTTP 302
    https://sluttydates.com/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4... HTTP 302
    https://sluttydates.com/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4... HTTP 302
    https://sluttydates.com/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

30
Requests

77 %
HTTPS

64 %
IPv6

14
Domains

17
Subdomains

12
IPs

2
Countries

271 kB
Transfer

781 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutt.us/9UlQW Page URL
  2. http://hottopnow.com/mailbin?sub_id_2=all_mix HTTP 302
    http://hottopnow.com/317XMM?sub_id_3=allmix&sub2=sub_id_2 HTTP 302
    https://hottopnow.com/VVzgVzS6?sub_id_3=forbinary HTTP 302
    https://go.cod10.xyz/click?pid=6893&offer_id=3281&sub1=3f0n4vcfsll&sub2=&sub3=forbinary HTTP 302
    https://date-for-more.com/tds/rsl?tdsId=s7889mak_r&tds_campaign=s7889mak&utm_source=arba&utm_term=mob_sld_usa_fo_aff&s1=arb&data2=623b1903c589ce0001b26126&p1=6893&utm_campaign=01107683 HTTP 302
    https://date-for-more.com/tds/interlayer/eb/s/afee8803c28ffc84c7a9ca3a396e4e7e?__t=1648040195631&__l=3600 Page URL
  3. https://www.najf9trk.com/5J4BBT/4G6SHH/?sub3=c4fcabf19274a399831f942f98bfe663b02ced6b&uid=1406&tds_cid=c4fcabf19274a399831f942f98bfe663b02ced6b&sub1=b9660mak_01107683&sub2=6893&sub4=01107683 HTTP 302
    https://sluttydates.com/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7a257a283e0204ea1&cmp_id=70&pce=0&ps=0&ppu=1&pav=11&pmr=1&psk=1 HTTP 302
    https://sluttydates.com/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7a257a283e0204ea1&cmp_id=70&gclid=&access=&pav=11&pavi=&psk=1&pce=0&ps=0&pcp=&ppu=1&pef=&pbo=&ppp=&pb=&pf=&pmr=1&ppn=&pmrdone=&bo_idw=&prms= HTTP 302
    https://sluttydates.com/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7a257a283e0204ea1&cmp_id=70&gclid=&access=&pav=3&pavi=&psk=1&pce=0&ps=0&pcp=&ppu=1&pef=&pbo=&ppp=&pb=&pf=&pmr=1&ppn=&pmrdone=&bo_idw=&prms= HTTP 302
    https://sluttydates.com/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7a257a283e0204ea1&cmp_id=70&gclid=&access=&pav=18&pavi=&psk=1&pce=0&ps=0&pcp=&ppu=1&pef=&pbo=&ppp=&pb=&pf=&pmr=1&ppn=&pmrdone=1&bo_idw=&prms= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://hottopnow.com/mailbin?sub_id_2=all_mix HTTP 302
  • http://hottopnow.com/317XMM?sub_id_3=allmix&sub2=sub_id_2 HTTP 302
  • https://hottopnow.com/VVzgVzS6?sub_id_3=forbinary HTTP 302
  • https://go.cod10.xyz/click?pid=6893&offer_id=3281&sub1=3f0n4vcfsll&sub2=&sub3=forbinary HTTP 302
  • https://date-for-more.com/tds/rsl?tdsId=s7889mak_r&tds_campaign=s7889mak&utm_source=arba&utm_term=mob_sld_usa_fo_aff&s1=arb&data2=623b1903c589ce0001b26126&p1=6893&utm_campaign=01107683 HTTP 302
  • https://date-for-more.com/tds/interlayer/eb/s/afee8803c28ffc84c7a9ca3a396e4e7e?__t=1648040195631&__l=3600

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
9UlQW
cutt.us/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cutt.us/9UlQW
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.122 , United States, ASN22653 (GLOBALCOMPASS, US),
Reverse DNS
Software
Hotcores.com /
Resource Hash
40fca61b7248b1615f85473d24a270d8ea47d20a149661c976197ed1f13d7e58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Hotcores.com
Date
Wed, 23 Mar 2022 12:56:04 GMT
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate, max-age=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
I-AM
Beta
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cutt.us
URL: https://cutt.us/9UlQW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0930969c5ce0e56fead33e968f090cfa432b5a1a1909943c04a954d819d8cb25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 12:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27964
x-xss-protection
0
server
sffe
etag
"1166 / 56 of 1000 / last-modified: 1648033489"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Mar 2022 12:56:33 GMT
js
www.googletagmanager.com/gtag/ 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Requested by
Host: cutt.us
URL: https://cutt.us/9UlQW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2472823d3645b6fcde3c942919c9b52d74357de02ab6e416ec67780d9a3b2cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 12:56:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37184
x-xss-protection
0
last-modified
Wed, 23 Mar 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Mar 2022 12:56:33 GMT
pubads_impl_2022031601.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 11:48:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4101
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126823
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Mar 2023 11:48:12 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		29 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
9485e103a1f890385ba2aeab76aa5b1c5adcb872527ea4ad64492edc137a4814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Mar 2022 12:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 23 Mar 2022 12:56:33 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
757
date
Wed, 23 Mar 2022 12:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 23 Mar 2022 14:43:56 GMT
collect
www.google-analytics.com/j/ 		1 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1716609550&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2F9UlQW&ul=en-us&de=UTF-8&dt=9UlQW&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=168928246&gjid=1882549816&cid=1995080416.1648040193&tid=UA-31510493-1&_gid=399343677.1648040193&_r=1&gtm=2ou3e0&z=228533488
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cutt.us/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Mar 2022 12:56:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cutt.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cutt.us
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Mar 2022 12:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		532 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3485881153853133&correlator=4210779663847319&eid=31060439%2C31065613%2C31065723%2C31061167%2C31063246%2C31062930&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&ifi=1&adks=1933368604&sfv=1-0-38&ecs=20220323&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1648040193551&lmt=1648040193&dlt=1648040193226&idt=295&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&oid=2&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fcutt.us%2F9UlQW&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x63&msz=0x0&fws=128&ohw=0&ga_vid=1995080416.1648040193&ga_sid=1648040194&ga_hid=1716609550&ga_fc=true&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 12:56:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
273
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutt.us
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
381db1f8a821fcdfde036b245ef7dd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D7B1 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://381db1f8a821fcdfde036b245ef7dd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 23 Mar 2022 12:56:33 GMT
expires
Thu, 23 Mar 2023 12:56:33 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
afee8803c28ffc84c7a9ca3a396e4e7e
date-for-more.com/tds/interlayer/eb/s/
Redirect Chain
  • http://hottopnow.com/mailbin?sub_id_2=all_mix
  • http://hottopnow.com/317XMM?sub_id_3=allmix&sub2=sub_id_2
  • https://hottopnow.com/VVzgVzS6?sub_id_3=forbinary
  • https://go.cod10.xyz/click?pid=6893&offer_id=3281&sub1=3f0n4vcfsll&sub2=&sub3=forbinary
  • https://date-for-more.com/tds/rsl?tdsId=s7889mak_r&tds_campaign=s7889mak&utm_source=arba&utm_term=mob_sld_usa_fo_aff&s1=arb&data2=623b1903c589ce0001b26126&p1=6893&utm_campaign=01107683
  • https://date-for-more.com/tds/interlayer/eb/s/afee8803c28ffc84c7a9ca3a396e4e7e?__t=1648040195631&__l=3600
980 B
978 B 		Document
General
Check archive.org
Download Go to
Full URL
https://date-for-more.com/tds/interlayer/eb/s/afee8803c28ffc84c7a9ca3a396e4e7e?__t=1648040195631&__l=3600
Requested by
Host: cutt.us
URL: https://cutt.us/9UlQW
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.68.210 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-68-210.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a521b751986b3e082741129a3825cf9c6930af4f09223a49dedf38d469e1d6ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/9UlQW

Response headers

Date
Wed, 23 Mar 2022 12:56:35 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Access-Control-Allow-Origin
*
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin
*
Accept-CH
UA, Platform, Model, Mobile, Arch
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Date
Wed, 23 Mar 2022 12:56:35 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Access-Control-Allow-Origin
*
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin
*
Accept-CH
UA, Platform, Model, Mobile, Arch
Location
https://date-for-more.com/tds/interlayer/eb/s/afee8803c28ffc84c7a9ca3a396e4e7e?__t=1648040195631&__l=3600
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Mar 2022 12:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10587
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 12:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Mar 2022 12:56:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 665C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 23 Mar 2022 00:26:15 GMT
expires
Thu, 23 Mar 2023 00:26:15 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
45018
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame CD6A 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TEDqbINsB91HZ+cxlVDm8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 23 Mar 2022 12:56:34 GMT
date
Wed, 23 Mar 2022 12:56:34 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-TEDqbINsB91HZ+cxlVDm8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame 665C 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 00:26:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
45007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Mar 2023 00:26:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CD6A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=3485881153853133&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 665C 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OyoGow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 12:56:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=3485881153853133&bg=!q6ilqOzNAAba2mK92to7ACkAdvg8WsUB2gVOJj9Z9GS1rIXj2PjFe7LFp46vgz--Q5Ve0pJeasjHdAIAAABSUgAAAAFoAQcKAHN53OjzvrcUdPzOnV6psSyvV-cA4buCZt_PuTorTzOSSS_ub4nk1Y9LgnxvCZlsCqApB-4ZjzZJh7un51g_CS6HBlTBYBQMXQ4OR_EN3nYxRTkkACye-KWqq89NABKD-jVmeuSO3PCv2ao-_UYiGL4Ou6GPmQLWhM0G15rb4Gys0WcNwrtEpWcwRow3eN90lLYabIXvBouvXsjgAf5dPsE0NayzQdJAsSmB-hFXWoht6fynHAkcMAjEMadqGc9wy-EwJnkzAE3d6lhcqv-qSugkHGxMQyKw6_QrkG6fGrcnOHXtsniPtxpuRzgoIxx0OQjnlOcigRdgO_0WPtC5j_ZFzm-8uJgOolhIdeFkaXSKuYwlpMsMVzSvXsgZqH1BZSimjrvomj4T4qjRcgRmEmXoNaeF10u6i8zsDDHOrIeXK0-tBMp-GCj6grEbe9TKDgPHYPEUU5CdiGGqT-p5x13ZhMVH_1WIDOIp7hxDdvpTBBIDaX_2vmOxzp6FbcdzoVbc4gyjy5DzZou5fnrJ9abPUj1DmrN8Ep4EQJEs8tOCN0FWWDM9fWi7cSg8lYVNfCR6vOKEGgiqnegXjCevzcfy2T-45HlNth0UnHvleorZW3HLkQxw8d0PI973vPA2xTqKjuh57fjY6DzaZ5KeIzVILzRcN5-g_cT7Nn6tN0BTN17mx3xTTO4we3ajN8ZDR1JHXT7mN4vP4uMUznyx41RoEIlNpzivdxAv-weYFxhO518IUFgpOVoe1krQvIn6O8o6b8YtG9pHxNbkIjml1fp2WT43XMm-AG3c6NdZJO4FD4A62-O0PN7RUOATSDXNmEf5e8y1sjffn1J_RxjLj0rE6ogIqwMhwGG79LfYyBR4YxMM8RtBDqy15TniMCE7W7Uu1QbF9om8H-xauzyhCoEx20hEXQJzCtmPxYvvdUVS4rPZA6wZWXHZPu-7UKmTqLC1bL3sZ_DuEaimmRF_A8HleeK7voqSFDTDlN5dEAy8iTy3LZ25czx4qejpp5SS1l16PC6r75vAowtC6ldniaD9eWek-3qyc3r-x8Um2qnWx-onaCFgybpY6Iwwni1B90PqiIukK0oNf9LE6fozAvCDuRhiY1AVjXFdKVJn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Mar 2022 12:56:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mtu-integration.js
date-for-more.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://date-for-more.com/mtu-integration.js
Requested by
Host: date-for-more.com
URL: https://date-for-more.com/tds/interlayer/eb/s/afee8803c28ffc84c7a9ca3a396e4e7e?__t=1648040195631&__l=3600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.68.210 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-68-210.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b2dade8b67f0c15c8cbcad0b61696b517c762d7c7b4da61a72d61c99b3594827

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://date-for-more.com/tds/interlayer/eb/s/afee8803c28ffc84c7a9ca3a396e4e7e?__t=1648040195631&__l=3600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 23 Mar 2022 12:56:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Mar 2022 11:25:31 GMT
Server
nginx
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ETag
W/"1030-17fb68653f8"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
interlayer
date-for-more.com/tds/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://date-for-more.com/tds/interlayer
Requested by
Host: date-for-more.com
URL: https://date-for-more.com/mtu-integration.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.68.210 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-68-210.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://date-for-more.com/tds/interlayer/eb/s/afee8803c28ffc84c7a9ca3a396e4e7e?__t=1648040195631&__l=3600
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Wed, 23 Mar 2022 12:56:35 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
UA, Platform, Model, Mobile, Arch
Timing-Allow-Origin
*
Primary Request 1
sluttydates.com/en/lp/sexy/5/1/steps/
Redirect Chain
  • https://www.najf9trk.com/5J4BBT/4G6SHH/?sub3=c4fcabf19274a399831f942f98bfe663b02ced6b&uid=1406&tds_cid=c4fcabf19274a399831f942f98bfe663b02ced6b&sub1=b9660mak_01107683&sub2=6893&sub4=01107683
  • https://sluttydates.com/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7a257a283e0204ea1&cmp_id=70&pce=0&ps=0&ppu=1&pav=11&pmr=1&psk=1
  • https://sluttydates.com/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7a257a283e0204ea1&cmp_id=70&gclid=&access=&pav=11&pavi=&psk=1&pce=0&ps=0&pcp=&ppu=1&pef=&pbo=&p...
  • https://sluttydates.com/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7a257a283e0204ea1&cmp_id=70&gclid=&access=&pav=3&pavi=&psk=1&pce=0&ps=0&pcp=&ppu=1&pef=&pbo=&pp...
  • https://sluttydates.com/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7a257a283e0204ea1&cmp_id=70&gclid=&access=&pav=18&pavi=&psk=1&pce=0&ps=0&pcp=&ppu=1&pef=&pbo=&p...
30 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sluttydates.com/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7a257a283e0204ea1&cmp_id=70&gclid=&access=&pav=18&pavi=&psk=1&pce=0&ps=0&pcp=&ppu=1&pef=&pbo=&ppp=&pb=&pf=&pmr=1&ppn=&pmrdone=1&bo_idw=&prms=
Requested by
Host: date-for-more.com
URL: https://date-for-more.com/mtu-integration.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b3b2e2f8d7a3860a25d63cf58dc4cd90389e2a9c512e39ce4712420b0ed05b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://date-for-more.com/

Response headers

date
Wed, 23 Mar 2022 12:56:37 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
x-backend-server
dating-prod-web-3
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nX7zp%2BDQ6QOgpajLjrK7RXVfbzFLVAUgBKKBTRP9v08psemVJmaia1o06ON%2BsmPCXLamjy7%2FmxM0W%2Ft34ayBwgkRexjfB6lqcLooApR1OPsTaaXji9hn41TdDbDk%2Fk9e3JOZu0pF7OYplS04Tkc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6f0754003b6f19a1-EWR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 23 Mar 2022 12:56:37 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
location
/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7a257a283e0204ea1&cmp_id=70&gclid=&access=&pav=18&pavi=&psk=1&pce=0&ps=0&pcp=&ppu=1&pef=&pbo=&ppp=&pb=&pf=&pmr=1&ppn=&pmrdone=1&bo_idw=&prms=
x-backend-server
dating-prod-web-2
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t402E%2BrGM%2FE%2F2t0RLqkLQTiCgEjDOEUjfSnKx42OWH1UMHYlSPoR9i%2BF9AA0Y2JFP0ekhMg3qLEV2%2BZ0eG1%2BidxHgy1CNxBS0%2FfT9Zh%2FZW25ls%2FtZTTRhUDVyxvQK2dIsZhSN%2BUS9bKzVHNdC0c%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6f0753fe3fef19a1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
3f0cb80.css
sluttydates.com/css/ 		68 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sluttydates.com/css/3f0cb80.css?114
Requested by
Host: sluttydates.com
URL: https://sluttydates.com/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7a257a283e0204ea1&cmp_id=70&gclid=&access=&pav=18&pavi=&psk=1&pce=0&ps=0&pcp=&ppu=1&pef=&pbo=&ppp=&pb=&pf=&pmr=1&ppn=&pmrdone=1&bo_idw=&prms=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sluttydates.com/en/lp/sexy/5/1/steps/1?idw=100&t1=b9660mak_01107683&t2=6893&td=e5a9d52a6baa4be7a257a283e0204ea1&cmp_id=70&gclid=&access=&pav=18&pavi=&psk=1&pce=0&ps=0&pcp=&ppu=1&pef=&pbo=&ppp=&pb=&pf=&pmr=1&ppn=&pmrdone=1&bo_idw=&prms=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 12:56:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5985
x-backend-server
dating-prod-web-4
last-modified
Wed, 23 Mar 2022 11:04:43 GMT
server
cloudflare
etag
W/"623afecb-10f84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQj2amwFh%2BF8oHaQQ8LJ1HusbY8E9UJeBaetLKhPsTsJ%2FGwJ1H3MRAbE0EUEbgBF86Wb9rz9m9%2BJu2GWYqwSy3g%2BnBs%2FjfiknTUsVMa1dFnZuZOh7kDYGq6Amw5iTpeCDDS9nqnr0qzX0Ydu0wM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-ray
6f075403186619a1-EWR
d168041.css
sluttydates.com/css/ 		0
0
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		0
0
alpine.min.js
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.x.x/dist/ 		0
0
logo.png
sluttydates.com/img/site_id/site_10/ 		0
0
router.js
sluttydates.com/bundles/fosjsrouting/js/ 		0
0
routing
sluttydates.com/en/js/ 		0
0
f0c44e5.js
sluttydates.com/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sluttydates.com
URL
https://sluttydates.com/css/d168041.css?114
Domain
cdn.onesignal.com
URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.x.x/dist/alpine.min.js
Domain
sluttydates.com
URL
https://sluttydates.com/img/site_id/site_10/logo.png?114
Domain
sluttydates.com
URL
https://sluttydates.com/bundles/fosjsrouting/js/router.js?114
Domain
sluttydates.com
URL
https://sluttydates.com/en/js/routing?callback=fos.Router.setData
Domain
sluttydates.com
URL
https://sluttydates.com/js/f0c44e5.js?114

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

16 Cookies

Domain/Path Name / Value
.cutt.us/ Name: _ga
Value: GA1.2.1995080416.1648040193
.cutt.us/ Name: _gid
Value: GA1.2.399343677.1648040193
.cutt.us/ Name: _gat_gtag_UA_31510493_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.cutt.us/ Name: __gads
Value: ID=22b47cae17a0fa6e-22781666df7b004d:T=1648040193:S=ALNI_MY-wSEk07N_upui29ofY1e_QTBCBA
hottopnow.com/ Name: _subid
Value: 3f0n4vcfsll
hottopnow.com/ Name: _token
Value: uuid_3f0n4vcfsll_3f0n4vcfsll623b1903011266.06975963
hottopnow.com/ Name: 6240c
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIwOThcIjoxNjQ4MDQwMTk0LFwiMjA0MVwiOjE2NDgwNDAxOTQsXCIyMDgzXCI6MTY0ODA0MDE5NH0sXCJjYW1wYWlnbnNcIjp7XCIyNjVcIjoxNjQ4MDQwMTk0LFwiNjI0XCI6MTY0ODA0MDE5NCxcIjYyNlwiOjE2NDgwNDAxOTR9LFwidGltZVwiOjE2NDgwNDAxOTR9In0.s-NWAqx_6gu7__lM0JojEn33efgeDzRbpFjyVr1qHk8
go.cod10.xyz/ Name: afclick
Value: 623b1903c589ce0001b26126
go.cod10.xyz/ Name: afoffers
Value: {"3281":1648040195}
.date-for-more.com/ Name: dci
Value: 16bbce5bc99fa3cf8ada0e8be8f153899e803822
date-for-more.com/ Name: dm
Value: fe450dd0d1dadc615429144d33241f42
www.najf9trk.com/ Name: uniqueClick_4G6SHH
Value: e2df17c5-75fd-49a3-870f-ca57a4741e61:1648040196
www.najf9trk.com/ Name: transaction_id
Value: e5a9d52a6baa4be7a257a283e0204ea1
.sluttydates.com/ Name: SESSID_10
Value: afcuha7s9bhtra8391qrrdihs2
sluttydates.com/ Name: device_view_full
Value: full

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;