urlscan.io logo urlscan.io
SecurityTrails logo

imahookup.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.affscash.pro/redirect?aff_id=533&offer_id=160
Effective URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Submission: On July 29 via automatic, source links-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 11 domains to perform 47 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is imahookup.com.
TLS certificate: Issued by GTS CA 1P5 on July 4th 2023. Valid for: 3 months.
This is the only time imahookup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.29.132.21 22612 (NAMECHEAP...)
25 188.114.97.3 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 3 163.171.128.172 54994 (QUANTILNE...)
9 207.120.33.37 3356 (LEVEL3)
1 152.199.19.160 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
47 9
1    66.29.132.21 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium198-4.web-hosting.com
click.affscash.pro
25    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
imahookup.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
fonts.googleapis.com
3    163.171.128.172 (Germany)

ASN54994 (QUANTILNETWORKS, CA)
geoip.joinsafelyonline.com
affscsh.joinsafelyonline.com
9    207.120.33.37 (United States)

ASN3356 (LEVEL3, US)
vfrvttwsl.com
geoip.registersafely.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
3    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
25 imahookup.com
imahookup.com
134 KB
8 vfrvttwsl.com
vfrvttwsl.com
49 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
182 KB
3 joinsafelyonline.com
geoip.joinsafelyonline.com
affscsh.joinsafelyonline.com
2 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
fonts.googleapis.com — Cisco Umbrella Rank: 79
61 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1042
31 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 58
21 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2112
9 KB
1 registersafely.com
geoip.registersafely.com
461 B
1 affscash.pro
click.affscash.pro
1 KB
47 11
Domain Requested by
25 imahookup.com imahookup.com
8 vfrvttwsl.com imahookup.com
vfrvttwsl.com
ajax.googleapis.com
3 www.googletagmanager.com vfrvttwsl.com
www.googletagmanager.com
2 geoip.joinsafelyonline.com imahookup.com
2 ajax.googleapis.com imahookup.com
vfrvttwsl.com
2 maxcdn.bootstrapcdn.com imahookup.com
1 www.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com vfrvttwsl.com
1 ajax.aspnetcdn.com vfrvttwsl.com
1 geoip.registersafely.com vfrvttwsl.com
1 affscsh.joinsafelyonline.com 1 redirects
1 click.affscash.pro 1 redirects
47 13

This site contains no links.

Subject Issuer Validity Valid
imahookup.com
GTS CA 1P5		 2023-07-04 -
2023-10-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.joinsafelyonline.com
AlphaSSL CA - SHA256 - G4		 2023-04-20 -
2024-05-21		 a year crt.sh
vfrvttwsl.com
R3		 2023-06-30 -
2023-09-28		 3 months crt.sh
geoip.registersafely.com
R3		 2023-07-21 -
2023-10-19		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Frame ID: F971414969030B9027521B88A2CD86F0
Requests: 30 HTTP requests in this frame

Frame: https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
Frame ID: A3B0E39CE80E210A166BB081ED97A8B8
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Safe Dating Verified

Page URL History Show full URLs

  1. https://click.affscash.pro/redirect?aff_id=533&offer_id=160 HTTP 302
    https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={cli... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

13
Subdomains

9
IPs

3
Countries

508 kB
Transfer

1285 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.affscash.pro/redirect?aff_id=533&offer_id=160 HTTP 302
    https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id} Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://affscsh.joinsafelyonline.com/routes/AffsCsh/?ofid=&ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id=%7Bclick_id%7D HTTP 302
  • https://vfrvttwsl.com/user/?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id=%7Bclick_id%7D&sitekey=9ba047c69635f362&rtr=1&rtid=22151757789

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
imahookup.com/Badd_Birdie2/
Redirect Chain
  • https://click.affscash.pro/redirect?aff_id=533&offer_id=160
  • https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6393884ed2a7c1157b0d4d588e43847473f8aa4fe43715c30fcd74d0e36070d7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ee3a44649451c07-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 29 Jul 2023 07:27:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXOU1ovSJPK2BVDAL%2FooRcI4T9%2FURUjndctQIrYoABq2gHvwqXgrMr%2Fd5i1Sz45cErKjaJyf41IKzDMuzF%2BNmzyQ7xqtRZx%2FMT4AQbJZ7DRxXH2W7DfnFBINHFVH39Og"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
content-length
225
content-type
text/html; charset=UTF-8
date
Sat, 29 Jul 2023 07:27:50 GMT
location
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617, 617
age
13995706
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f3a3007506374a305b1a96efe5ee1490
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7ee3a44c9f755b80-FRA
cdn-requestpullsuccess
True
main.css
imahookup.com/Badd_Birdie2/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imahookup.com/Badd_Birdie2/css/main.css
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6feeb272ecdf3f5d810f758f8ad88c1053eee242e0c941076530b1bc023a6eb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"613264ab-5dd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuExGQpEa0oe7WRXUs6gi04WDGQXbeJMwULO7RwkDd3qmbQ%2BskzLv17PcjZ6nJ%2FIFvhPzm22IfGp39DYtD4qe68%2F9jf%2FcjoFlUBmkN3GVodCtJ25wAnXH5oFxwC3jT4H"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7ee3a44c69621c07-FRA
alt-svc
h3=":443"; ma=86400
styles.css
imahookup.com/Badd_Birdie2/css/ 		2 KB
887 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imahookup.com/Badd_Birdie2/css/styles.css
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3dd637507db81e6e4052b8142d3c4052ca7ed35afe7f17657a4be2411014ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"613264ab-705"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0zOC40cJTWKlNZ%2F32RO%2FEn5cXHLzc3ZjE6P8uoEnmea9nDBJmlsIRvVVk%2BcxGGGtOzKxPm%2FCs9Lykk%2FuZ6UjeG3a%2BqPnPcxpdBIVZSHnye7bUv%2B6z8WU1%2BA%2FUpokWLv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7ee3a44c69661c07-FRA
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 08:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Jul 2024 08:02:08 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
755
age
17556923
cdn-cachedat
12/13/2021 20:18:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
48135f30fbfcba704628453df5764d8f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7ee3a44c9f785b80-FRA
cdn-requestpullsuccess
True
scripts.js
imahookup.com/Badd_Birdie2/js/ 		1 KB
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imahookup.com/Badd_Birdie2/js/scripts.js
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2dc0e7960168cc6c9f8ed8dcdd60702472b04f903dd6976f8d052206880c5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"613264ac-450"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6i%2BVGFysKd1srZh%2BhnCS9XJhapucWWmY3r5Lr2CBanVznzqvDrQpIMaVgZWWxswSJUx%2BL%2FgZvv4PJdPavamd2bCMMpJCjKBlsfgXg2NLABzDrIUo1v0ncUp4ynqC5vUR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7ee3a44c696a1c07-FRA
alt-svc
h3=":443"; ma=86400
flexslider.css
imahookup.com/Badd_Birdie2/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imahookup.com/Badd_Birdie2/css/flexslider.css
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
435409dde08bbf73ecb912e53919a497da3e61549cb8f335cd559f507e6b9386

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"613264ab-1ad4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fM6rU1fN2fEE9%2B%2FCCCDR6Ha%2FOF%2FeTh5nJC1tWsTSG9tA0rriPpN9djb4B2XQwepsISomeaGQ2Sv52yOjq5unhy8J98BTzNijfyB42odImAszSKuYf9OuZtxjRvS7ocW5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7ee3a44c69691c07-FRA
alt-svc
h3=":443"; ma=86400
/
geoip.joinsafelyonline.com/ 		404 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip.joinsafelyonline.com/
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
waf/4.34.6-0.el7 /
Resource Hash
0cb523a69700c6fe089745458fd221bade6b1ed57ee0f199f6af2bc8079428fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 07:27:52 GMT
server
waf/4.34.6-0.el7
x-ws-request-id
64c4bf77_PSdgflkfFRA1vg90_43591-47288
x-via
1.1 PS-DFW-01gGZ147:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
expires
0
a_Logo.png
imahookup.com/Badd_Birdie2/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/a_Logo.png
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2f4c83889e1345a78f9fac09062c5971e7eb7a5751a88774b727f5cf55d15a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ab-266e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3dOS9rAIwj%2FRXESFBaZ4CdA7hJewDwMWvWa64kwbcfXIBWttKgxZlAS3adNFU9MFxhUhgVV8cUrOXrlmd2TMAcNqroJOr15cB089WwgHZauAuUrmxvwttObKpWh%2BHiB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a4509fe63aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
9838
18plus_WT.png
imahookup.com/Badd_Birdie2/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/18plus_WT.png
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ef4648721012f0c3783b9db1973b7293fa643fe084b1bd602336fbfa82a966

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ab-3fc1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFkgvXu3ZbBzaydjr3IOnW42xosBcOiyp2%2BJ4SdjCGtDBlYrxpCkzJLBDEiL6ntUfxju88tt%2F1WQ3OwtRtzfebvYtTFrCVE%2FM3h9JAaOPIrYqWghyfK8IBcDMvxgWMsI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a4509fe73aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
16321
profile_img1a.jpg
imahookup.com/Badd_Birdie2/img/prf/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/profile_img1a.jpg
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
754dd5c015336cd12ae898c116d978eca9d38f63a45f314219ffebd2efd3313b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-21b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBb%2BK0uIF9NjGSbA4zQXNilZdnjtUYJuMddKkQwx0op0yH4P3G8vZdmW%2F3oBUinr7c56pk%2FrZ8zJqanOzGxe%2Btlpp3bbqjx1tE2wk7rrhEFF0A29SUSm5L4%2BK6LC8AIw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a4509fe83aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
8628
profile_img2.jpg
imahookup.com/Badd_Birdie2/img/prf/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/profile_img2.jpg
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c36ad768d786cdad492433747ceb7b9c9ee5912d706e201916d04b2e3d9dbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-2360"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BvyHLlfBgqeU1N7Ym4pV7oEp6eQ1%2FRr%2FYkYxYId5lGhMRqDjng2P1B26hYfX9EMb8KFrHPTh4jniAyVkfgzcKZ%2FsVWUDHLhor9bCStidRafZrEoV9t5biSmI22NFIIX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a4509fea3aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
9056
profile_img3.jpg
imahookup.com/Badd_Birdie2/img/prf/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/profile_img3.jpg
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90e59a85c9e8c4e82d0a2f663b58f53c16a28d60fbc461da849a2266c0519add

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-1518"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVItcVaaivc5Ab9l6uvGxxy13jeQasjRMQWSwysjW%2BlbvBeMmEEvOApMJZE0rqHWRBcB5Vm5yecXMyoFJFA7uUQoj1sPNoruNWDtqqeAqekvZd20UCYN2%2FZHOERS7eR1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a4509fec3aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
5400
profile_img4.jpg
imahookup.com/Badd_Birdie2/img/prf/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/profile_img4.jpg
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c792e590f6d393a1f6ccf2a3a31d1a9af75c3b7f0412fbb3a8496c1425d941ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-213c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2KI0dyBjy91nvgRmqrLh7dqGbS4JL6pp3%2BmjAdtOONlDAuPgX7fz94QRhXScHohXigwdRXD9gg0xf%2BiHRvl6pZbTBhjZ5zPS%2Blox1R0dTHITRVPP0X%2BasDob4IlHfp1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a4509fed3aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
8508
p_img1a.jpg
imahookup.com/Badd_Birdie2/img/prf/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/p_img1a.jpg
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1de6ed97d72fc9ef920ec71084c70e5e27601565cf301d157bfea7f86a0efe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-f35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fx0hwMC5QQvarz6uso%2Bax0pfskamlJm%2F5MQ0fHqs8CSxJxY20OmPhkDxOPK5zVcdq9xK%2FssGfStyopqFl71uazcKWaanNzrVnZpBNXrF3Zc8IYRv3Uhex8kdY13sIDln"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a4509fef3aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
3893
p_img2.jpg
imahookup.com/Badd_Birdie2/img/prf/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/p_img2.jpg
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9653a4f425d889eca1e96ccaf7dacf14ae2ff4730aca83db874e5ff117ada93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-ce8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGxymiKZrTHW6iN4Efbr9Qz1ahC02uluOFp3RO744K3SYnMovNK7HnVz787NDYv%2FKV%2FSBF4FE4HMWH99KIIb7iM%2BUQauUr0ht%2BwJhnNBMJRAuRmxSGdXLKbg4B%2Bqsltz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a4509ff13aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
3304
p_img3.jpg
imahookup.com/Badd_Birdie2/img/prf/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/p_img3.jpg
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d79d6825eadfbdf5404878a04df5a4ecbf5daa912c501b38ed06c8411e375620

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-d98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNztInEqOpPrlccst3khH4DC0UHxSOTuRE19bKnBTCehEP%2BF5YYpG3aDCSK%2Bd5z7bnWrrdA4PbT5q6av9x%2FyqmzCrJ%2BJZhrrWCSoCyyd5RJGj1BgbBNQhZiBGG%2BKDSq1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a4509ff33aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
3480
p_img4.jpg
imahookup.com/Badd_Birdie2/img/prf/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/p_img4.jpg
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f817bd806c9979dbe7c019096c353b01e70ef88f62f8cb98418cef8218239860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-1066"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpH3KjmxLeSpD23DbWW1zyWkV5%2F%2FZx4i6%2Fa2fFhNK%2BM7ecffqjpkaF2hshl6JiPyjbI%2BjituIKnBFBx5RcwuX45YPSg4dysUNMDYBQUdgHcMLX9dEovx7Jo4ynGwtDZN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a4509ff63aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
4198
p_img5.jpg
imahookup.com/Badd_Birdie2/img/prf/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/p_img5.jpg
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed9b694c01129cb2a1430a01e032c93ba7db12d25f1f8fd7dc3894d59365267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-f71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEGBXVb7CvJjHJ668zodUtkaK9D76rO51UmKp9x5lsoQxVvF5V%2FhldxvPI8PUyoSoo76SzPAHmQTYwIahXB0AeaQ%2F3gHDCfRwKRG7F9uR%2Bnp%2FcWXxBySymTEqyg9IjZc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a4509ff83aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
3953
p_img6.jpg
imahookup.com/Badd_Birdie2/img/prf/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/p_img6.jpg
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b29c1198c6d27d1efb779fcd9bebca701eed328dab6e36adc8bb4a346b13904

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-ddf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKYyGolO6QiVxO4Ev9V%2B7Kj4%2B7TZwfMLf7iPCcZlrNgxQyeUWQJDOI%2F1kiDkuS9IJ8zw6Ea%2BJAYVnt%2FsIRPKjmQnpbi2lGBzFwIALNX1yUrtkDZOtcJXjc%2F0eDtFhBgT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a4509ffa3aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
3551
p_img7.jpg
imahookup.com/Badd_Birdie2/img/prf/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/p_img7.jpg
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d99b1b9df48fa65982e718273b14dd2637cbffed3b9972fb9b1bcb7910982e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-d20"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTNkJ%2B627U%2BY8CVLmT2fjLv%2BM7efGA5rkO1dDc5QBOq9iD%2FWolVlKd4ikl3K8gLs%2Bghb9Gt%2BiNqGMTk1BotHMq94TwcX8urlzSp55TlWnlELcMyTafbQWOvM3Ggf7Al9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a4509ffd3aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
3360
p_img8.jpg
imahookup.com/Badd_Birdie2/img/prf/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/p_img8.jpg
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d765f85e4ccbc41d79438684d1e49f0eb743ea4302a2236c0c7dec11973127e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-e2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvpZkNfnPF%2B4vxDYg5fC1HB8DqVWHYfc%2BjXtcOTF3xMN7qVbsBi16zl%2Fd43TlkWOdDeQU4Z3JPqOYTmbQneotwyLzU5TjyfQKSUCZZfMptNXbxOqIJ8%2Bq%2ByAyoS%2BJZ86"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a4509fff3aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
3627
p_img9.jpg
imahookup.com/Badd_Birdie2/img/prf/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/p_img9.jpg
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b80391097238174b903773c0878526f18c0110a0d4ea8bd09f99ead364d85da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-ebc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8IpVO6hEWwlOvSmF8T4dY4f5F8OfZrFWBa4xQxy2iO0gVFbQAcHTcnzu6tkWTVt1TCZJkFvqjbhuxlJC1kbrVgnssmeqiwZjdKfU2dTITPEWBKI2gLDYpfnQPXnl9x9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a45098003aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
3772
p_img10.jpg
imahookup.com/Badd_Birdie2/img/prf/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/p_img10.jpg
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
155770ae700d58f7d0df61c9c1553575313352b25a504a1126049a5d6d1c4644

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-e18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8AfoEXPBzdOoSYhtp74rowFvIPh8kgOXUZaitvGtMfkvrRciA%2F%2FPLv6n35yGqYzQ0Gh57I9YNCdyDDC9XEi1rfErXwAuns7HqZuyIyaKMZZtUGqgl4wQr%2Bea2YYho6Q"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a450980e3aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
3608
iframeResizer.min.js
imahookup.com/common/js/iframeResizer/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imahookup.com/common/js/iframeResizer/iframeResizer.min.js
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:04:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"613263ca-2e17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWjXXeD3C5zsbBZWNvIppLoXWhQNR0P6aA8dQ4E8U%2BClSotDbmQ6jWhIQevSCzjNeiqBh7J7b2eJydUG4O62uIXQd3%2FGEZZ7Aepp2nzw5DNbxSagmqR%2Bp5Bdzc2N8hfQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7ee3a4506f763aa2-FRA
alt-svc
h3=":443"; ma=86400
/
vfrvttwsl.com/user/ Frame A3B0
Redirect Chain
  • https://affscsh.joinsafelyonline.com/routes/AffsCsh/?ofid=&ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id=%7Bclick_id%7D
  • https://vfrvttwsl.com/user/?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id=%7Bclick_id%7D&sitekey=9ba047c69635f362&rtr=1&rtid=22151757789
339 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://vfrvttwsl.com/user/?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id=%7Bclick_id%7D&sitekey=9ba047c69635f362&rtr=1&rtid=22151757789
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.37 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
00a15f3765bc0511760543ed856791a630b902be8780ea0db97e59a4af42289f

Request headers

Referer
https://imahookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-length
277
content-type
text/html; charset=UTF-8
date
Sat, 29 Jul 2023 07:27:53 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
section-io-cache
Miss
section-io-id
8fe7592d9bf8aa9b04e9be300e0fb0c5
vary
Accept-Encoding
via
1.1 varnish-65c66bdb8c-bcwfl (Varnish/7.2)
x-varnish
10127911

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Sat, 29 Jul 2023 07:27:52 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://vfrvttwsl.com/user/?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id=%7Bclick_id%7D&sitekey=9ba047c69635f362&rtr=1&rtid=22151757789
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
waf/4.34.6-0.el7
x-via
1.1 PS-DFW-01gGZ147:7 (Cdn Cache Server V2.0), 1.1 PS-FRA-01E6z147:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:6 (Cdn Cache Server V2.0)
x-ws-request-id
64c4bf78_PSdgflkfFRA1vg90_43591-47336
18plus_WT.png
imahookup.com/Badd_Birdie2/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/18plus_WT.png
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ef4648721012f0c3783b9db1973b7293fa643fe084b1bd602336fbfa82a966

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Sep 2021 18:08:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"613264ab-3fc1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsCR0oPyKu6%2BT2EBnRy6pKeOq%2FyLUNZs4OyxDepU0BMtfmnSmcZPjsdcEgrn0nbilFc37wAS%2FnT%2BrzZhXgLHFpZlFmB%2FWXZDOmYmnJc7Qs9hJDvmuxGmkNdebns2Ntd9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a450a8223aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
16321
icon_yes.png
imahookup.com/Badd_Birdie2/img/prf/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/icon_yes.png
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1966b3e5d0f91aa46f5f7ed6047b99b928a591864ce31f67f81c729a9afb8b2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-40b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGjBweUXRYZ%2Biv3tY1dDQdz6cQUOkONnI7C5c1MYB9g7pHF%2BByarDKxChJCGl0jZoDkKPL6KbG3vNC2vCwf6Aft6CcagulTqRQsL8I3rlydS912HE4p0djx7Rp8RFgqs"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a450b83c3aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
1035
icon_no.png
imahookup.com/Badd_Birdie2/img/prf/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imahookup.com/Badd_Birdie2/img/prf/icon_no.png
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17bcd2b8977ada18108766158b00bc43f2842d063887d123d4088f0e585a8d39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/Badd_Birdie2/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 18:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613264ac-41a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWBplAPI6i3IjyEXMOtnO10EiBKCyg6nZu%2BFLPYncfq9xWChJ6BYL2AbvN2Pjo%2Fe%2FQ1MTUbo5i%2BeRdoDIwXJiW5AtOdeV837q2134s4A7UTfOuAnBSkH%2FlpDOXyQqYDr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ee3a450c83f3aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
1050
/
geoip.joinsafelyonline.com/ 		404 B
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip.joinsafelyonline.com/
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
waf/4.34.6-0.el7 /
Resource Hash
0cb523a69700c6fe089745458fd221bade6b1ed57ee0f199f6af2bc8079428fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imahookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 07:27:53 GMT
server
waf/4.34.6-0.el7
x-ws-request-id
64c4bf79_PSdgflkfFRA1vg90_43591-47382
x-via
1.1 PSmgdfDEN1kz93:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
expires
0
/
vfrvttwsl.com/user/ Frame A3B0 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
Requested by
Host: imahookup.com
URL: https://imahookup.com/Badd_Birdie2/index.php?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id={click_id}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.37 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
c9b87768b517165d97653f6022f10ce74cb8b535f518b57113e07893752331e8

Request headers

Referer
https://vfrvttwsl.com/user/?ofid=302&a_aid=AffsCsh&a_bid=0dd00f65&x_click_id=%7Bclick_id%7D&sitekey=9ba047c69635f362&rtr=1&rtid=22151757789
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 29 Jul 2023 07:27:53 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
section-io-cache
Miss
section-io-id
545d56006acfcaf352daa863544640e6
vary
Accept-Encoding
via
1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
x-varnish
5915142
/
geoip.registersafely.com/ Frame A3B0 		404 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip.registersafely.com/?v=1
Requested by
Host: vfrvttwsl.com
URL: https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.37 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
0cb523a69700c6fe089745458fd221bade6b1ed57ee0f199f6af2bc8079428fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vfrvttwsl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 07:27:54 GMT
via
1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
content-encoding
gzip
age
0
vary
Accept-Encoding
x-varnish
5915147
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
section-io-cache
Miss
section-io-id
a615dedd30e607c7732423e1991a9521
expires
0
greenSimple.css
vfrvttwsl.com/common_tpls/compact/css/ Frame A3B0 		134 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vfrvttwsl.com/common_tpls/compact/css/greenSimple.css
Requested by
Host: vfrvttwsl.com
URL: https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.37 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
14daf82bbac97472fa50b8614353fedd85d77012bdeec699289eab701be680da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
content-encoding
gzip
section-io-cache-id
9d11e2f0bab1f37f7f90112d374a3fe0
last-modified
Thu, 23 Mar 2017 20:00:34 GMT
age
2939
etag
W/"58d42962-21966"
vary
Accept-Encoding
content-type
text/css
x-varnish
10127916 7897922
via
1.1 varnish-65c66bdb8c-bcwfl (Varnish/7.2)
accept-ranges
bytes
section-io-cache
Hit
section-io-id
581d4d396d2cd5740c6eec616485360c
content-length
28194
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame A3B0 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: vfrvttwsl.com
URL: https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vfrvttwsl.com/
Origin
https://vfrvttwsl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 19:29:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 19:29:19 GMT
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/ Frame A3B0 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
Requested by
Host: vfrvttwsl.com
URL: https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF4) /
Resource Hash
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vfrvttwsl.com/
Origin
https://vfrvttwsl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27417939
x-cache
HIT
content-length
9409
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:09:58 GMT
server
ECAcc (frc/4CF4)
etag
"02729e6cb33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
form_support.js
vfrvttwsl.com/common_tpls/js/ Frame A3B0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vfrvttwsl.com/common_tpls/js/form_support.js?v=1516308712
Requested by
Host: vfrvttwsl.com
URL: https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.37 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
via
1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
section-io-cache-id
0d9b836581cd512e3ff0dd8f4990b9f0
last-modified
Fri, 18 Nov 2022 21:23:38 GMT
age
16285
etag
W/"6377f7da-ed7"
vary
Accept-Encoding
x-varnish
5915145 7123726
content-type
application/javascript
content-encoding
gzip
section-io-cache
Hit
section-io-id
3ef736c93b08804b4d71263f1db1efc6
validate_form_v2.js
vfrvttwsl.com/common_tpls/js/ Frame A3B0 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vfrvttwsl.com/common_tpls/js/validate_form_v2.js?jsv=24
Requested by
Host: vfrvttwsl.com
URL: https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.37 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
82541640f7edc753be5fb44d233216f5906f8f6ebc7200a02f229e263997b0ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:53 GMT
via
1.1 varnish-65c66bdb8c-bcwfl (Varnish/7.2)
section-io-cache-id
d8f7a521729afa65bb3e4dc04b5de7d6
last-modified
Mon, 13 Feb 2023 23:40:03 GMT
age
21555
etag
W/"63eaca53-63ed"
vary
Accept-Encoding
x-varnish
9375896 5232890
content-type
application/javascript
content-encoding
gzip
section-io-cache
Hit
section-io-id
1593ba5774549ba08243eed52662557d
ajax-loader.gif
vfrvttwsl.com/common_tpls/images/ Frame A3B0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vfrvttwsl.com/common_tpls/images/ajax-loader.gif
Requested by
Host: vfrvttwsl.com
URL: https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.37 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:54 GMT
via
1.1 varnish-65c66bdb8c-bcwfl (Varnish/7.2)
section-io-cache-id
e785ff52000c6fa25bc500926cec50d8
last-modified
Mon, 07 Oct 2013 22:49:23 GMT
age
74
etag
"52533a73-c88"
x-varnish
10127919 10421596
content-type
image/gif
accept-ranges
bytes
section-io-cache
Hit
section-io-id
ea672607eb48c859c54688b190574402
content-length
3208
iframeResizer.contentWindow.min.js
vfrvttwsl.com/common_tpls/js/ Frame A3B0 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vfrvttwsl.com/common_tpls/js/iframeResizer.contentWindow.min.js
Requested by
Host: vfrvttwsl.com
URL: https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.37 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:54 GMT
via
1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
section-io-cache-id
1016340ae475642071cfc7278e701ae2
last-modified
Thu, 04 Feb 2016 15:06:03 GMT
age
16367
etag
W/"56b368db-3445"
vary
Accept-Encoding
x-varnish
5915146 2517045
content-type
application/javascript
content-encoding
gzip
section-io-cache
Hit
section-io-id
ec83421cab237f14a7e33672cec22754
js
www.googletagmanager.com/gtag/ Frame A3B0 		178 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-208173773-1
Requested by
Host: vfrvttwsl.com
URL: https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e86dff0cebc98f5daa592b8a5c3eb3c9e2ca3e1318fb5bafae29f6c89a49005
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vfrvttwsl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65875
x-xss-protection
0
last-modified
Sat, 29 Jul 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Jul 2023 07:27:54 GMT
css
fonts.googleapis.com/ Frame A3B0 		3 KB
918 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: vfrvttwsl.com
URL: https://vfrvttwsl.com/common_tpls/compact/css/greenSimple.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vfrvttwsl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 29 Jul 2023 07:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 29 Jul 2023 06:21:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 29 Jul 2023 07:27:54 GMT
gtm.js
www.googletagmanager.com/ Frame A3B0 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NSCK9H9
Requested by
Host: vfrvttwsl.com
URL: https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b28a6f67a7fb0a1aa09199fd481bb74f8f76d4c4a809a7f50124e6f4bddb4104
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vfrvttwsl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42200
x-xss-protection
0
last-modified
Sat, 29 Jul 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Jul 2023 07:27:54 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ Frame A3B0 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vfrvttwsl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 06:04:28 GMT
x-content-type-options
nosniff
age
5006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:19:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 06:04:28 GMT
/
vfrvttwsl.com/user/trk/ Frame A3B0 		21 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vfrvttwsl.com/user/trk/?rtid=22151757789
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.37 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
040112f52923bf54437d1dae7ed8689893271712a43edb1e93686e949c391f27

Request headers

Accept
*/*
Referer
https://vfrvttwsl.com/user/?SID=d17674447e633544af31ef0f08397d18
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 07:27:54 GMT
via
1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
content-encoding
gzip
age
0
vary
Accept-Encoding
content-type
text/json;charset=UTF-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish
5264423
cache-control
no-store, no-cache, must-revalidate
section-io-cache
Miss
section-io-id
a6c7183c20c738dc28e67468d3a37d98
expires
Thu, 19 Nov 1981 08:52:00 GMT
js
www.googletagmanager.com/gtag/ Frame A3B0 		215 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-90FLKCEX7T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-208173773-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c8bf5dbfa8926f51fe8dd4d6bb68b8f434cf4f5a70d035db1e099e908c14757e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vfrvttwsl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:27:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77539
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 29 Jul 2023 07:27:54 GMT
analytics.js
www.google-analytics.com/ Frame A3B0 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-208173773-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vfrvttwsl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Jul 2023 05:44:24 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6210
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 29 Jul 2023 07:44:24 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| geoip_country_code function| geoip_country_name function| geoip_city function| geoip_region function| geoip_region_name function| geoip_latitude function| geoip_longitude function| geoip_postal_code function| geoip_resolved_ip function| iFrameResize

4 Cookies

Domain/Path Name / Value
click.affscash.pro/ Name: XSRF-TOKEN
Value: eyJpdiI6ImlOZkVXZXBWcGw3SXFXMk0vKzMrVGc9PSIsInZhbHVlIjoiWEVuYnZaQ3dYMTJTL0pZdk12eUd6NlU0aS9kdFJKcXVjV2craks4amVyQi9aUHRuY2U1dHFPRWhRbzhpenFaUFlkQ09SZEZ0dWh0RGpKLzFoYkNkRlNDbjUxdHVJR0dHRHZQbEhScVk5dUR6Q3F4eTNGdEFva3g0UXRuN1Q1U0QiLCJtYWMiOiJhZmYyYThlMTFhMDgxNzI4MzI4NTQ3MDY5YjkyN2U0MjI5MDFiODJkYjhlYjU0ZDJjZDczNThiNmM3NjYwNDNmIn0%3D
click.affscash.pro/ Name: affscash_session
Value: eyJpdiI6IldLQWc2Ny9IQkkvaXgzbVQvRE5aNXc9PSIsInZhbHVlIjoic0k4ekFPbGFuNW9FaG1pWDZtUDlLa21YUzEwMXI1Rm1kTzRpY1FxV0M1bXZiVFVpNExoWCs5endDRmkxOTNCVThpWkR2eGtvYWJlTnJNbGljL3ZzOEhIUE9vSVQycmUxbEUyT2pkQzM0M25ITkxiam8reXY4OWZwYkxKVzdabTciLCJtYWMiOiIxY2FkZDY2N2MwNTUwOWU4Yzk3NjM1YzhhNGI3NWE4YmM3ZWNjZTA2MGFhZGNjMDI0ZjJmOWEyNDJmMGE4YWY4In0%3D
affscsh.joinsafelyonline.com/ Name: PHPSESSID
Value: 6bec632fc1932fd742126765e887658a
vfrvttwsl.com/ Name: PHPSESSID
Value: d17674447e633544af31ef0f08397d18

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affscsh.joinsafelyonline.com
ajax.aspnetcdn.com
ajax.googleapis.com
click.affscash.pro
fonts.googleapis.com
fonts.gstatic.com
geoip.joinsafelyonline.com
geoip.registersafely.com
imahookup.com
maxcdn.bootstrapcdn.com
vfrvttwsl.com
www.google-analytics.com
www.googletagmanager.com
152.199.19.160
163.171.128.172
188.114.97.3
207.120.33.37
2606:4700::6812:bcf
2a00:1450:4001:801::2008
2a00:1450:4001:806::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:831::2003
66.29.132.21
00a15f3765bc0511760543ed856791a630b902be8780ea0db97e59a4af42289f
040112f52923bf54437d1dae7ed8689893271712a43edb1e93686e949c391f27
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0cb523a69700c6fe089745458fd221bade6b1ed57ee0f199f6af2bc8079428fe
0d3dd637507db81e6e4052b8142d3c4052ca7ed35afe7f17657a4be2411014ca
0e2dc0e7960168cc6c9f8ed8dcdd60702472b04f903dd6976f8d052206880c5b
14daf82bbac97472fa50b8614353fedd85d77012bdeec699289eab701be680da
155770ae700d58f7d0df61c9c1553575313352b25a504a1126049a5d6d1c4644
17bcd2b8977ada18108766158b00bc43f2842d063887d123d4088f0e585a8d39
1966b3e5d0f91aa46f5f7ed6047b99b928a591864ce31f67f81c729a9afb8b2f
1c36ad768d786cdad492433747ceb7b9c9ee5912d706e201916d04b2e3d9dbf6
1ed9b694c01129cb2a1430a01e032c93ba7db12d25f1f8fd7dc3894d59365267
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33
435409dde08bbf73ecb912e53919a497da3e61549cb8f335cd559f507e6b9386
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
46ef4648721012f0c3783b9db1973b7293fa643fe084b1bd602336fbfa82a966
4b80391097238174b903773c0878526f18c0110a0d4ea8bd09f99ead364d85da
4d765f85e4ccbc41d79438684d1e49f0eb743ea4302a2236c0c7dec11973127e
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6393884ed2a7c1157b0d4d588e43847473f8aa4fe43715c30fcd74d0e36070d7
6d99b1b9df48fa65982e718273b14dd2637cbffed3b9972fb9b1bcb7910982e4
6e1de6ed97d72fc9ef920ec71084c70e5e27601565cf301d157bfea7f86a0efe
6feeb272ecdf3f5d810f758f8ad88c1053eee242e0c941076530b1bc023a6eb9
754dd5c015336cd12ae898c116d978eca9d38f63a45f314219ffebd2efd3313b
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
82541640f7edc753be5fb44d233216f5906f8f6ebc7200a02f229e263997b0ef
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
90e59a85c9e8c4e82d0a2f663b58f53c16a28d60fbc461da849a2266c0519add
9b29c1198c6d27d1efb779fcd9bebca701eed328dab6e36adc8bb4a346b13904
9e86dff0cebc98f5daa592b8a5c3eb3c9e2ca3e1318fb5bafae29f6c89a49005
a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0
b28a6f67a7fb0a1aa09199fd481bb74f8f76d4c4a809a7f50124e6f4bddb4104
c792e590f6d393a1f6ccf2a3a31d1a9af75c3b7f0412fbb3a8496c1425d941ab
c8bf5dbfa8926f51fe8dd4d6bb68b8f434cf4f5a70d035db1e099e908c14757e
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
c9b87768b517165d97653f6022f10ce74cb8b535f518b57113e07893752331e8
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
d2f4c83889e1345a78f9fac09062c5971e7eb7a5751a88774b727f5cf55d15a6
d79d6825eadfbdf5404878a04df5a4ecbf5daa912c501b38ed06c8411e375620
d9653a4f425d889eca1e96ccaf7dacf14ae2ff4730aca83db874e5ff117ada93
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f817bd806c9979dbe7c019096c353b01e70ef88f62f8cb98418cef8218239860
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355