urlscan.io logo urlscan.io
SecurityTrails logo

urseductiveladies.com Open in urlscan Pro
2606:4700:3037::681f:5592  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://adserver11.xyz/?sdomain=twilight-szene.de&srootdomain=twilight-szene.de&stld=de&keyword=x&snurl=&project=s_5_01...
Effective URL: https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
Submission: On November 18 via manual from RO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3037::681f:5592, located in United States and belongs to CLOUDFLARENET, US. The main domain is urseductiveladies.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2020. Valid for: a year.
This is the only time urseductiveladies.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 167.114.255.35 16276 (OVH)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
4 116.202.29.204 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
12 8
1    2606:4700:3037::681f:53b5 (United States)

ASN13335 (CLOUDFLARENET, US)
adserver11.xyz
1    167.114.255.35 (Roubaix, France)

ASN16276 (OVH, FR)
PTR: 35.ip-167-114-255.eu
t.bl-fastcdn.com
2    2606:4700:3037::681f:5592 (United States)

ASN13335 (CLOUDFLARENET, US)
urseductiveladies.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
4    116.202.29.204 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.204.29.202.116.clients.your-server.de
cadaner.com
1    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
4 cadaner.com urseductiveladies.com
2 urseductiveladies.com t.bl-fastcdn.com
urseductiveladies.com
1 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com urseductiveladies.com
1 fonts.googleapis.com urseductiveladies.com
1 cdnjs.cloudflare.com urseductiveladies.com
1 t.bl-fastcdn.com adserver11.xyz
1 adserver11.xyz
12 8

This site contains no links.

Subject Issuer Validity Valid
t.bl-fastcdn.com
Let's Encrypt Authority X3		 2020-10-13 -
2021-01-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-27 -
2021-06-27		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
cadaner.com
Let's Encrypt Authority X3		 2020-10-16 -
2021-01-14		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
Frame ID: 0D91838DEE60FCEF81E67EE5D11731AA
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://adserver11.xyz/?sdomain=twilight-szene.de&srootdomain=twilight-szene.de&stld=de&keyword=x&s... Page URL
  2. https://t.bl-fastcdn.com/directclick/?pid=a68xXYF9V9FHfob3CDTgGwSXpJc1&subid=ede Page URL
  3. https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

12
Requests

92 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

945 kB
Transfer

1097 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://adserver11.xyz/?sdomain=twilight-szene.de&srootdomain=twilight-szene.de&stld=de&keyword=x&snurl=&project=s_5_01&t=ede Page URL
  2. https://t.bl-fastcdn.com/directclick/?pid=a68xXYF9V9FHfob3CDTgGwSXpJc1&subid=ede Page URL
  3. https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
adserver11.xyz/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://adserver11.xyz/?sdomain=twilight-szene.de&srootdomain=twilight-szene.de&stld=de&keyword=x&snurl=&project=s_5_01&t=ede
Protocol
HTTP/1.1
Server
2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
adserver11.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 18 Nov 2020 14:54:27 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d1c4ef148d57ae301b75b44de1d8167cc1605711266; expires=Fri, 18-Dec-20 14:54:26 GMT; path=/; domain=.adserver11.xyz; HttpOnly; SameSite=Lax
vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
cf-request-id
067d729b6800001f4533a31000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F4znlLxiRWokF%2BrB%2F%2BH1jWlMiiM7Iz1dfBrI2nSzUhDTzBUgnQunrYCin7hSesDzuqixLZK65a%2FmBRAJIVfzmklHG%2BIoBC3i0sWM%2BkUJkfn10Gw3cCoZwNUVmw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5f4286d8ac071f45-FRA
Content-Encoding
gzip
Cookie set /
t.bl-fastcdn.com/directclick/ 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.bl-fastcdn.com/directclick/?pid=a68xXYF9V9FHfob3CDTgGwSXpJc1&subid=ede
Requested by
Host: adserver11.xyz
URL: http://adserver11.xyz/?sdomain=twilight-szene.de&srootdomain=twilight-szene.de&stld=de&keyword=x&snurl=&project=s_5_01&t=ede
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.255.35 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
35.ip-167-114-255.eu
Software
nginx /
Resource Hash
395fab8cd7482eeac3e659c9098253cf77cd15406feb63590bd0fc16eccd98f3

Request headers

Host
t.bl-fastcdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://adserver11.xyz/?sdomain=twilight-szene.de&srootdomain=twilight-szene.de&stld=de&keyword=x&snurl=&project=s_5_01&t=ede
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://adserver11.xyz/?sdomain=twilight-szene.de&srootdomain=twilight-szene.de&stld=de&keyword=x&snurl=&project=s_5_01&t=ede

Response headers

Server
nginx
Date
Wed, 18 Nov 2020 14:54:27 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Set-Cookie
checkkeks=1; expires=Thu, 18-Nov-2021 14:54:27 GMT; Max-Age=31536000; path=/; domain=.bl-fastcdn.com eTag=1c4670504d1b1ef5087ace5ab9764b26; expires=Thu, 19-Nov-2020 14:54:27 GMT; Max-Age=86400; path=/; domain=.bl-fastcdn.com eTag=1c4670504d1b1ef5087ace5ab9764b26; expires=Thu, 19-Nov-2020 14:54:27 GMT; Max-Age=86400; path=/; domain=.slimspots.com ck_uniques=1605797666%3A22116-111252; expires=Thu, 18-Nov-2021 14:54:27 GMT; Max-Age=31536000; path=/; domain=.bl-fastcdn.com ck_uniques=1605797666%3A22116-111252; expires=Thu, 18-Nov-2021 14:54:27 GMT; Max-Age=31536000; path=/; domain=.slimspots.com ck_uniquesPa=1605797666%3A93059; expires=Thu, 18-Nov-2021 14:54:27 GMT; Max-Age=31536000; path=/; domain=.bl-fastcdn.com ck_uniquesPa=1605797666%3A93059; expires=Thu, 18-Nov-2021 14:54:27 GMT; Max-Age=31536000; path=/; domain=.slimspots.com ck_sys_uniques_3=1; expires=Thu, 19-Nov-2020 14:54:27 GMT; Max-Age=86400; path=/; domain=.bl-fastcdn.com ck_sys_uniques_3=1; expires=Thu, 19-Nov-2020 14:54:27 GMT; Max-Age=86400; path=/; domain=.slimspots.com u_current_ads_view=93059--93059_0%3A1605731427--; expires=Thu, 19-Nov-2020 14:54:27 GMT; Max-Age=86400; path=/; domain=.bl-fastcdn.com u_current_ads_view=93059--93059_0%3A1605731427--; expires=Thu, 19-Nov-2020 14:54:27 GMT; Max-Age=86400; path=/; domain=.slimspots.com
ETag
"1c4670504d1b1ef5087ace5ab9764b26"
Content-Encoding
gzip
Primary Request /
urseductiveladies.com/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
Requested by
Host: t.bl-fastcdn.com
URL: https://t.bl-fastcdn.com/directclick/?pid=a68xXYF9V9FHfob3CDTgGwSXpJc1&subid=ede
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:5592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb46b59419e3920c1316c502096c84a1846ffb60cf893f67af35c9ec65bc1e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
urseductiveladies.com
:scheme
https
:path
/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 18 Nov 2020 14:54:27 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d8331d4676fda63b020c664c9db0801f71605711267; expires=Fri, 18-Dec-20 14:54:27 GMT; path=/; domain=.urseductiveladies.com; HttpOnly; SameSite=Lax k=SFMyNTY.g3QAAAAIbQAAAARhdW5xdAAAAAFtAAAABDI3MDRtAAAAClJyWFh5YXhha0ttAAAAA2hpZG0AAAAkZW9VcnN2b1hma2t3c1BQR2Z4cXdtS3pkelBkak51Z0FtVFFhbQAAAAJobGQAA25pbG0AAAACcmR0AAAABGQACl9fc3RydWN0X19kABhFbGl4aXIuVGRleC5Sb3RhdGlvbkRhdGFkAA5jbGlja2VkX29mZmVyc3QAAAAAZAAIbGFuZGluZ3NsAAAAAWIAAAS8amQAC3NlZW5fb2ZmZXJzbAAAAAFiAAB0TGptAAAABXN1Yl8xbQAAAAthMzYyNTc4c2VkZW0AAAAFc3ViXzJtAAAAIDIwMTExODE1XzAxXzM2MjU3OF82YWMzOTJkYjJjZjU2bQAAAAd0cmFja2VybQAAAAdub3RyYWNrbQAAAAN1bnFtAAAADFZBaG9vdlFFUU1pag.QtzmNF6K_ZoD1Q9ArZZCn6Lh1eyA9nDeHi2hRvqaL5A; path=/; expires=Thu, 18 Nov 2021 14:54:27 GMT; max-age=31536000 uord=81502c69df065acc9e015c1572c8612a; path=/; expires=Fri, 18 Nov 2022 14:54:27 GMT; max-age=63072000; HttpOnly
vary
Accept-Encoding
cache-control
max-age=0, private, must-revalidate
cross-origin-window-policy
deny
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
067d72a00a0000dfa9d08d6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zlf8VeDEs7AvtvXUgUw9Xir%2BLKBHxOp5VX9xj8z69KN%2Fs%2Bo2I7X8usidyxXm7EsSKOgJD7qcyzDG3i1%2BplJg%2F8zx%2FSYDDTM%2Fg4c0rH2pvGPPJMHD9hyY7FIt1pyh5zhtGOg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5f4286e01f61dfa9-FRA
content-encoding
br
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: urseductiveladies.com
URL: https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 14:54:27 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
104186
x-via
cfworker/kv
status
200
content-length
3279
cf-request-id
067d72a08a00002bc6d788d000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
etag
"5eb03d2a-ce35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u8B9k6yGuO4AzwS2PwiCg8bONOM9wmDb3qZC%2FztiprJTS6flWYB52F0DUkVEiLHD7uDOoXDes1ypofX4aqJsZcYX9hc3tvd0u%2BEnYZB7Ot4ekmxo%2Bm9mPNqTDiczG74hfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f4286e0d9e22bc6-FRA
expires
Mon, 08 Nov 2021 14:54:27 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: urseductiveladies.com
URL: https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Nov 2020 14:53:49 GMT
server
ESF
date
Wed, 18 Nov 2020 14:54:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Nov 2020 14:54:27 GMT
jquery-3.2.1.min.js
code.jquery.com/ 		78 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: urseductiveladies.com
URL: https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Origin
https://urseductiveladies.com
Referer
https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 14:54:27 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
nginx
status
200
etag
W/"58d026fb-15283"
vary
Accept-Encoding
x-hw
1605711267.dop217.fr8.t,1605711267.cds285.fr8.hn,1605711267.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
p.js
urseductiveladies.com/ 		456 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://urseductiveladies.com/p.js?a=33803&cr=30380&lid=5207&mh=ZW9VcnN2b1hma2t3c1BQR2Z4cXdtS3pkelBkak51Z0FtVFFhLTExMzgx&mmid=268&p=0&rf=&rn=zc4XntGUys4WmdqVzgu&t=notrack
Requested by
Host: urseductiveladies.com
URL: https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:5592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
614ac38d6f6c932cb8ace5cc1f3898f2825183a02046ca090989c7097f7d2a43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 14:54:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
cross-origin-window-policy
deny
status
200
vary
Accept-Encoding
cf-request-id
067d72a07a0000dfa9c5014000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q4FkQMqfppgIm%2Fi801u5IrfafGjT1MQV1jXtJSydXhWxSjWSna%2B%2B7jwqttnWFbFAzOPFF%2FzHhPoJVF8LFdP%2BzVkzDHpaB0SH3WVE5%2BdigfdghEi7l0hktSt4bQ5Y%2BYwYz0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, max-age=14400, must-revalidate
cf-ray
5f4286e0c8c5dfa9-FRA
f.js
cadaner.com/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadaner.com/assets/f.js
Requested by
Host: urseductiveladies.com
URL: https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.29.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.29.202.116.clients.your-server.de
Software
/
Resource Hash
963a44fa6cbb7486c60762c3ee87598cebac50d93ffc8bcda9ac4b946637138b

Request headers

Referer
https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 14:54:28 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 14:00:49 GMT
status
200
etag
W/"5fad4011-6ca"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
pattern.png
cadaner.com/assets/cb828aea8fcbce504bdf05d173b543a5/images/ 		811 KB
812 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cadaner.com/assets/cb828aea8fcbce504bdf05d173b543a5/images/pattern.png
Requested by
Host: urseductiveladies.com
URL: https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.29.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.29.202.116.clients.your-server.de
Software
/
Resource Hash
550354f9dbf9602e01d868240ce1855acce334e0fea2a7c46a241d195b10fcdf

Request headers

Referer
https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 14:54:28 GMT
last-modified
Tue, 08 Sep 2020 12:27:28 GMT
etag
"5f5778b0-cacba"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
830650
1.jpg
cadaner.com/assets/cb828aea8fcbce504bdf05d173b543a5/images/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cadaner.com/assets/cb828aea8fcbce504bdf05d173b543a5/images/1.jpg
Requested by
Host: urseductiveladies.com
URL: https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.29.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.29.202.116.clients.your-server.de
Software
/
Resource Hash
8a35b1fe147cdfd16e774d739994c2755cbb97bfd3a44f7a6751e96d8755debf

Request headers

Referer
https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 14:54:28 GMT
last-modified
Tue, 08 Sep 2020 12:27:27 GMT
etag
"5f5778af-c7dd"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
51165
bg.jpg
cadaner.com/assets/cb828aea8fcbce504bdf05d173b543a5/images/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cadaner.com/assets/cb828aea8fcbce504bdf05d173b543a5/images/bg.jpg
Requested by
Host: urseductiveladies.com
URL: https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.29.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.29.202.116.clients.your-server.de
Software
/
Resource Hash
8a35b1fe147cdfd16e774d739994c2755cbb97bfd3a44f7a6751e96d8755debf

Request headers

Referer
https://urseductiveladies.com/?utm_source=LjIyGDU8Qxc3&s1=a362578sede&s2=20111815_01_362578_6ac392db2cf56&affe=intdesk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 14:54:28 GMT
last-modified
Tue, 08 Sep 2020 12:27:27 GMT
etag
"5f5778af-c7dd"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
51165
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://urseductiveladies.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 19:32:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
501723
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Fri, 12 Nov 2021 19:32:25 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes

6 Cookies

Domain/Path Name / Value
.bl-fastcdn.com/ Name: u_current_ads_view
Value: 93059--93059_0%3A1605731427--
.bl-fastcdn.com/ Name: ck_sys_uniques_3
Value: 1
.bl-fastcdn.com/ Name: ck_uniquesPa
Value: 1605797666%3A93059
.bl-fastcdn.com/ Name: ck_uniques
Value: 1605797666%3A22116-111252
.bl-fastcdn.com/ Name: eTag
Value: 1c4670504d1b1ef5087ace5ab9764b26
.bl-fastcdn.com/ Name: checkkeks
Value: 1