urlscan.io logo urlscan.io
SecurityTrails logo

w4mhotdates2024.click Open in urlscan Pro
172.67.170.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tegan.inkjansitivelyearn.ru.com/Tegan-selfie-55
Effective URL: https://w4mhotdates2024.click/?s1=ser7
Submission: On November 20 via api from BE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 13 HTTP transactions. The main IP is 172.67.170.28, located in United States and belongs to CLOUDFLARENET, US. The main domain is w4mhotdates2024.click.
TLS certificate: Issued by WE1 on September 23rd 2024. Valid for: 3 months.
This is the only time w4mhotdates2024.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
6 172.67.170.28 13335 (CLOUDFLAR...)
1 172.67.197.110 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 64.233.180.94 15169 (GOOGLE)
13 6
2    2606:4700:3032::ac43:8524 (United States)

ASN13335 (CLOUDFLARENET, US)
tegan.inkjansitivelyearn.ru.com
6    172.67.170.28 (United States)

ASN13335 (CLOUDFLARENET, US)
w4mhotdates2024.click
1    172.67.197.110 (United States)

ASN13335 (CLOUDFLARENET, US)
svntrk.com
1    2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    64.233.180.94 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f94.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 w4mhotdates2024.click
w4mhotdates2024.click
347 KB
2 ru.com
tegan.inkjansitivelyearn.ru.com
2 KB
1 gstatic.com
fonts.gstatic.com
47 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 svntrk.com
svntrk.com
729 B
0 facebook.com Failed
www.facebook.com Failed
0 google.com Failed
accounts.google.com — Cisco Umbrella Rank: 17 Failed
13 7
Domain Requested by
6 w4mhotdates2024.click tegan.inkjansitivelyearn.ru.com
w4mhotdates2024.click
2 tegan.inkjansitivelyearn.ru.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com w4mhotdates2024.click
1 svntrk.com w4mhotdates2024.click
0 www.facebook.com Failed w4mhotdates2024.click
0 accounts.google.com Failed
13 7

This site contains no links.

Subject Issuer Validity Valid
inkjansitivelyearn.ru.com
WE1		 2024-10-04 -
2025-01-02		 3 months crt.sh
w4mhotdates2024.click
WE1		 2024-09-23 -
2024-12-22		 3 months crt.sh
svntrk.com
Cloudflare Inc ECC CA-3		 2023-12-28 -
2024-12-27		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://w4mhotdates2024.click/?s1=ser7
Frame ID: 6DCC42066EE749E9E13780294D4AB1FA
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Find Your Perfect Match

Page URL History Show full URLs

  1. https://tegan.inkjansitivelyearn.ru.com/Tegan-selfie-55 Page URL
  2. https://w4mhotdates2024.click/?s1=ser7 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

85 %
HTTPS

40 %
IPv6

7
Domains

7
Subdomains

6
IPs

1
Countries

398 kB
Transfer

500 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tegan.inkjansitivelyearn.ru.com/Tegan-selfie-55 Page URL
  2. https://w4mhotdates2024.click/?s1=ser7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP 302
  • https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AcMMx-cJdaXhb1jAIfUQL3G7R9v8OGImceb3VZgwPYZW--AM_mOBGH1zGovWKLlm1CDYCFLuQ7S4Lg HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AcMMx-cscniEqWXegsweE10H8brsdnWxhr9r1CxF8T_5JSs9h2H9ZBtyvk5lqRDWmHh59WCYZWXrLw&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1959259778%3A1732142079345456&ddm=1

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Tegan-selfie-55
tegan.inkjansitivelyearn.ru.com/ 		292 B
862 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tegan.inkjansitivelyearn.ru.com/Tegan-selfie-55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8524 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
2ff5016b57502759877dba58c6af451c46ad2e7277ec997a330317aa32f1a311

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e5be889bba7a2ab-YUL
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 22:34:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ound%2FElr90%2BIpy56oXQi1geJrWaphimbvwEmbiLrGUDlVSakIfcJQtouXV8nB26IRwUu26xZFFZx%2FkQgr2ulpIjATPlLAgYrZtkc58vOPzULvnSjdI1l9T%2Bw38Iyc57V%2FLmmEO0dmJje9%2B6YaGPtQeLoYFz8vLH%2BgFHniymO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=18355&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4045&recv_bytes=2325&delivery_rate=211651&cwnd=254&unsent_bytes=0&cid=99644bd70ed8260d&ts=286&x=0"
x-powered-by
PHP/5.4.16
favicon.ico
tegan.inkjansitivelyearn.ru.com/ 		292 B
739 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tegan.inkjansitivelyearn.ru.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8524 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
8d5e51fec26897ae4ce60c0abff8e58c97ece31c4854c49befe15db6351e1353

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tegan.inkjansitivelyearn.ru.com/Tegan-selfie-55

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTtyh9BSZC30QGIFZQbdZkVYeYH2gjbsFNzJZpPVjl5l8RxPFvV2NkWA6iF84YfrEverSr4KY3F9%2Bec6g1VH4rCqodsFqn21Yfu2wnAlYEIrRpJmNXwtJkjabOeLPHHxA7dIc1T%2Fzi4vrfOp3SYdEpRCy9NpbsCzdSdYEqkS"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be88bae10a2ab-YUL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18361&sent=12&recv=14&lost=0&retrans=0&sent_bytes=4973&recv_bytes=2505&delivery_rate=211651&cwnd=257&unsent_bytes=0&cid=99644bd70ed8260d&ts=637&x=0"
date
Wed, 20 Nov 2024 22:34:37 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.4.16
vary
Accept-Encoding
last-modified
Wed, 20 Nov 2024 22:34:37 GMT
Primary Request /
w4mhotdates2024.click/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w4mhotdates2024.click/?s1=ser7
Requested by
Host: tegan.inkjansitivelyearn.ru.com
URL: https://tegan.inkjansitivelyearn.ru.com/Tegan-selfie-55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300b04144a86531737f978c845f904b8972800b72cb7cf504c6ab967cb23b853

Request headers

Referer
https://tegan.inkjansitivelyearn.ru.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8e5be8922d84ac1e-YYZ
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 22:34:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2LwRWYsM6BuaEX8q3xqPDxpyzKlfDQ3TUreH7xSENuAhiT%2BhhF0RcHJjQmBJzNvPUjivPQJj1RnsjTc09EnvoyygcreRMJnzy9bU78waEtoH2kcpt2R01urt9uXu1l8eYwhXtfGWurE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=24862&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4165&recv_bytes=4517&delivery_rate=559&cwnd=12000&unsent_bytes=0&cid=f0823abb801d5155&ts=559&x=1" cfHdrFlush;dur=0
ser7_673e63fe2c882.js
svntrk.com/assets/ 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://svntrk.com/assets/ser7_673e63fe2c882.js
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/

Response headers

cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Un0aTbhy1b6iSkLK6cExydWOYMWnifAKUx%2B1rlt%2BQNjAa2MFclAtBaDRgB%2BHTQCMqHBMvHzxamWuzS%2FSGKCsSM5R7HymFb4xj4DgZVdh6AWpPXbQIDw9j27m3NwG"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be895dee5ac40-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24813&sent=12&recv=9&lost=0&retrans=0&sent_bytes=3969&recv_bytes=4357&delivery_rate=23606&cwnd=12000&unsent_bytes=0&cid=6b4a77695bb11338&ts=69&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 22:34:38 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i=?0
fp.v3.646d4b3deea4287def3fdfc18906bcc7.js
w4mhotdates2024.click/scripts/ 		39 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w4mhotdates2024.click/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/?s1=ser7

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"673ccbb5-9ca8"
age
2073
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IC6K0ove9cW5fWoINN0F0SLqAXbMpWAco6V6OSLjg2FPJr3TanHzXOtGaaYRUJ7MOqVl3b7C4hOrR5X%2FfsP9dmEHttHCbvth7Oc5UJmyb90X5tkWgN8tdhVYEtBwNZ8VF%2F0ichgSAWk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be895a8dbac1e-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25074&sent=19&recv=17&lost=0&retrans=0&sent_bytes=7870&recv_bytes=7034&delivery_rate=149477&cwnd=12000&unsent_bytes=0&cid=f0823abb801d5155&ts=609&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 22:34:38 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 19 Nov 2024 17:32:37 GMT
vary
Accept-Encoding
server
cloudflare
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100..900;1,100..900&display=swap
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a8093957f2c5b14333112d431c648a51b8977846d8f4b270d06518f4746e81e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 22:34:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 22:34:38 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Nov 2024 22:01:39 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
vendor.0dcfc2ef4343b4d2de936326bdd91780.css
w4mhotdates2024.click/landings/171en/fonts/ 		11 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w4mhotdates2024.click/landings/171en/fonts/vendor.0dcfc2ef4343b4d2de936326bdd91780.css
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ec314ad61f6add62a646ac4835c5b025d7be89bb3b735213c0e03af947404fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/?s1=ser7

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"673ccbb1-2cf8"
age
273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WTtpTfVTMIeF7%2FO0N5Sr2Yu0fWEnYPV7RkQ0LMINiCeHsC59zF%2FIJLhtD4dSBY1YuedwPGqp1x41uf4zezR85w06lqKgLi77PcWzh63H8dtzEtfFNK2SEnUUYpnW%2BoWvHWCNvlM7FEA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be895a8dcac1e-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25074&sent=30&recv=17&lost=0&retrans=0&sent_bytes=19870&recv_bytes=7034&delivery_rate=149477&cwnd=12000&unsent_bytes=0&cid=f0823abb801d5155&ts=610&x=1", cfHdrFlush;dur=24
date
Wed, 20 Nov 2024 22:34:38 GMT
content-type
text/css
last-modified
Tue, 19 Nov 2024 17:32:33 GMT
vary
Accept-Encoding
server
cloudflare
vendor.6504db5c830b4f78f92f90db196b8f32.js
w4mhotdates2024.click/landings/171en/js/ 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w4mhotdates2024.click/landings/171en/js/vendor.6504db5c830b4f78f92f90db196b8f32.js
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e58154e5a55f3924bd2c726b4d3e03b49b758d75ee8b2a56f5192333e6d592de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/?s1=ser7

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"673ccbb1-17cab"
age
273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cj3q1fDGMnf2L%2BoTCUWD6WS8Y1FyKBQ%2FgJQn8AzjlelmOqJz0XwJFhEGEVgc52VMIWTUqqV%2B6sZ9qLLnN3terZRr2CGZ5KO7LnIIuGeatF23a8QjFQXWMSpT2s2Enbz%2FUu0q4uOeHh0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be895a8e0ac1e-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25074&sent=30&recv=17&lost=0&retrans=0&sent_bytes=19870&recv_bytes=7034&delivery_rate=149477&cwnd=12000&unsent_bytes=0&cid=f0823abb801d5155&ts=611&x=1", cfHdrFlush;dur=23
date
Wed, 20 Nov 2024 22:34:38 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 19 Nov 2024 17:32:33 GMT
vary
Accept-Encoding
server
cloudflare
bg.jpg
w4mhotdates2024.click/landings/171en/img/ 		281 KB
282 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w4mhotdates2024.click/landings/171en/img/bg.jpg
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/landings/171en/fonts/vendor.0dcfc2ef4343b4d2de936326bdd91780.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ead48fe05f501729f5745d3b8f4c7fc1a542afec4b853cbcccd9c39bac1c9a56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/landings/171en/fonts/vendor.0dcfc2ef4343b4d2de936326bdd91780.css

Response headers

cf-cache-status
HIT
etag
"673ccbb1-463e9"
age
272
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ssFAv1YWb5fCceHn8C0Sm8qiZi%2BotQaEZ0HtFNlNYerLImwdHgd32nV6g0GErT51qQ9y5eGN5YaiuvONrh9GyvrwtFgAKIIB1HeWUiFVBWX0jYH4DU9C95Q%2BBhNhw%2BX%2F3GJPuEbHtRs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26546&sent=80&recv=60&lost=1&retrans=1&sent_bytes=68676&recv_bytes=9733&delivery_rate=581448&cwnd=15959&unsent_bytes=0&cid=f0823abb801d5155&ts=770&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 22:34:38 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 17:32:33 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5be896a9faac1e-YYZ
accept-ranges
bytes
content-length
287721
server
cloudflare
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100..900;1,100..900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f94.1e100.net
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://w4mhotdates2024.click
Referer
https://fonts.googleapis.com/

Response headers

age
256195
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Mon, 17 Nov 2025 23:24:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 23:24:43 GMT
last-modified
Wed, 01 May 2024 20:31:48 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48336
x-xss-protection
0
server
sffe
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
  • https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
  • https://accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AcMMx-cJdaXhb1jAIfUQL3G7R9v8OGImceb3VZgwPYZW--AM_mO...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AcMMx-cscniEqWXegsweE10H8brsdnWxh...
0
0
like.php
www.facebook.com/v14.0/plugins/ 		0
0
favicon.ico
w4mhotdates2024.click/landings/171en/img/ 		15 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://w4mhotdates2024.click/landings/171en/img/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
add089c23b55f28108038cc419469b6119d829f0f7e3b3672bccdd7f3fd8897f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/?s1=ser7

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"673ccbb1-3c2e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CxhcS0JFz2z27dgt2MQ4c65LlNvA%2FR2L%2BmZybNJV%2FeRFwKxSRrtkuFk5tV3yiJsBujqe0r851B5FCw97Vr8oekvMwugeCAJKLlG0OrZviYQur8o%2BMzOrUjRdZ7Ve2eLNZw7Y8YUuNNk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be89a9de1ac1e-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27376&sent=338&recv=167&lost=1&retrans=1&sent_bytes=363901&recv_bytes=15347&delivery_rate=448701&cwnd=26759&unsent_bytes=0&cid=f0823abb801d5155&ts=2057&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 22:34:39 GMT
content-type
image/x-icon
last-modified
Tue, 19 Nov 2024 17:32:33 GMT
vary
Accept-Encoding
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
accounts.google.com
URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AcMMx-cscniEqWXegsweE10H8brsdnWxhr9r1CxF8T_5JSs9h2H9ZBtyvk5lqRDWmHh59WCYZWXrLw&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1959259778%3A1732142079345456&ddm=1
Domain
www.facebook.com
URL
https://www.facebook.com/v14.0/plugins/like.php

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FingerprintJS function| getScreenInfo function| getUserAgent function| getLanguages function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| picassoCanvas function| picasso function| getVideoCardInfo function| deviceOrientationHandler string| thirdParty object| fpPromise function| openPopup function| clickButton function| nextStep function| getTimezone function| $ function| jQuery boolean| sf

4 Cookies

Domain/Path Name / Value
w4mhotdates2024.click/ Name: XSRF-TOKEN
Value: eyJpdiI6ImpkQ1lHTkdhM3RRcFBTMFFIc21JWkE9PSIsInZhbHVlIjoiV210RXRhOHY2aWRLRG5UbW5QV2M5aWtDdEJ6Q3F6U0VMa2x5VDVaZGhYOWVBM2pzM01LbFkyQk5SV1ZNMm93WSIsIm1hYyI6ImY2MTQzODFiNTIyY2I4ZWQ1NjRmMThiYWU0OTM0Yjc2NWNlMDQwMzdiMzU3N2M3ZDEzYmMxMzdkOWQ5NDMwYWEifQ%3D%3D
w4mhotdates2024.click/ Name: laravel_session
Value: eyJpdiI6ImtlS2tNME95TytiZ21MUnJSUlRVbmc9PSIsInZhbHVlIjoiWEQ5dVM5KzRpcWtzY2NkdHBranpCdmZBWktkODhvb3pqdnVoNERyR3JIWjUzVlpvY1lRRm5xaTYwRTREaU80MCIsIm1hYyI6IjJhYjI0NzUzYjg3N2Q0N2VhZDkxODAwYTE4ODNiMDU4MjNjMWIyYTQzN2RhNmVkM2NhZGNjYmQ2NzQ5YTliY2MifQ%3D%3D
w4mhotdates2024.click/ Name: SRVNAME
Value: w1
svntrk.com/ Name: svnimp
Value: 673e63fe623e8

2 Console Messages

Source Level URL
Text
rendering warning URL: https://w4mhotdates2024.click/?s1=ser7
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0B0510124070000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://w4mhotdates2024.click/?s1=ser7
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A040520124070000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.