Submitted URL: https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=...
Effective URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b9...
Submission: On November 09 via manual from NO

Summary

This website contacted 12 IPs in 4 countries across 13 domains to perform 57 HTTP transactions. The main IP is 52.58.149.40, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is hottieswantu.com.
TLS certificate: Issued by Amazon on May 7th 2020. Valid for: a year.
This is the only time hottieswantu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 185.124.241.2 49645 (SOFT-EXPE...)
1 2606:2800:234... 15133 (EDGECAST)
1 148.251.236.138 24940 (HETZNER-AS)
1 136.243.130.121 24940 (HETZNER-AS)
3 95.211.229.245 60781 (LEASEWEB-...)
1 6 52.58.149.40 16509 (AMAZON-02)
21 2600:9000:21c... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 18.197.130.184 16509 (AMAZON-02)
14 35.157.55.18 16509 (AMAZON-02)
57 12
Domain Requested by
21 www.cdnreference.com hottieswantu.com
www.cdnreference.com
14 uf.noclef.com retargetcore.com
uf.noclef.com
6 hottieswantu.com 1 redirects mail.soperfectmails.com
retargetcore.com
hottieswantu.com
3 www.googletagmanager.com hottieswantu.com
2 retargetcore.com www.cdnreference.com
hottieswantu.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.cdnreference.com
2 mail.soperfectmails.com mail.soperfectmails.com
1 main.realsrv.com mail.soperfectmails.com
1 main.exoclick.com mail.soperfectmails.com
1 main.exdynsrv.com mail.soperfectmails.com
1 tsyndicate.com mail.soperfectmails.com
1 runative-syndicate.com mail.soperfectmails.com
1 a.exoclick.com mail.soperfectmails.com
57 14

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
mail.soperfectmails.com
Let's Encrypt Authority X3
2020-09-22 -
2020-12-21
3 months crt.sh
*.ackcdn.net
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2020-08-07 -
2021-08-01
a year crt.sh
runative-syndicate.com
Let's Encrypt Authority X3
2020-08-17 -
2020-11-15
3 months crt.sh
tsyndicate.com
Let's Encrypt Authority X3
2020-08-17 -
2020-11-15
3 months crt.sh
exdynsrv.com
Let's Encrypt Authority X3
2020-10-26 -
2021-01-24
3 months crt.sh
*.exoclick.com
Go Daddy Secure Certificate Authority - G2
2020-08-03 -
2021-10-02
a year crt.sh
realsrv.com
Let's Encrypt Authority X3
2020-10-26 -
2021-01-24
3 months crt.sh
hottieswantu.com
Amazon
2020-05-07 -
2021-06-07
a year crt.sh
cdnreference.com
Amazon
2020-05-08 -
2021-06-08
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-10-20 -
2021-01-12
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-10-20 -
2021-01-12
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-10-20 -
2021-01-12
3 months crt.sh
retargetcore.com
Amazon
2020-05-07 -
2021-06-07
a year crt.sh
uf.noclef.com
Amazon
2020-10-12 -
2021-11-11
a year crt.sh

This page contains 3 frames:

Primary Page: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Frame ID: FFFB46401E5ADE7EFAD35A82CCC791FF
Requests: 53 HTTP requests in this frame

Frame: https://uf.noclef.com/c_js/rtSlot/init?event=jumpVisit0Sec
Frame ID: FFE6EFB2BC6C8305CF54DE34A6FD89DE
Requests: 1 HTTP requests in this frame

Frame: https://uf.noclef.com/c_js/rtSlot/init?event=complVisit0Sec
Frame ID: 9D5C1E321BEFEED4EBAF24288AE2396E
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a... Page URL
  2. https://hottieswantu.com/tds?tdsId=s9124shm_r&tds_campaign=s9124shm&utm_source=ddm&utm_campaign=a74fd... HTTP 302
    https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

57
Requests

100 %
HTTPS

42 %
IPv6

13
Domains

14
Subdomains

12
IPs

4
Countries

1065 kB
Transfer

1330 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI Page URL
  2. https://hottieswantu.com/tds?tdsId=s9124shm_r&tds_campaign=s9124shm&utm_source=ddm&utm_campaign=a74fda2a&s1=dd&data2=204H5C8I7HZE6JY7E1HXFUG HTTP 302
    https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set 38af04105afc3366d0390a0f89ac1349
mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/
4 KB
5 KB
Document
General
Full URL
https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.124.241.2 , Rwanda, ASN49645 (SOFT-EXPERT-AS, RO),
Reverse DNS
mta2.mail.gotmail4u.com
Software
Apache/2.2.15 (CentOS) / PHP/7.0.33
Resource Hash
92058557d70af06e30b72b707ca6cb10b6003b9a328ea0ee54be4d5eb13348d5

Request headers

Host
mail.soperfectmails.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 09 Nov 2020 12:34:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/7.0.33
Set-Cookie
landing-coordinates=%7B%22host%22%3A%22mail.soperfectmails.com%22%2C%22cid%22%3A%223656%22%2C%22shortname%22%3A%22pre1%22%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D; expires=Thu, 07-Nov-2030 12:34:12 GMT; Max-Age=315360000; path=/
Cache-Control
no-cache
Content-Length
4521
Connection
close
Content-Type
text/html; charset=UTF-8
tag_gen.js
a.exoclick.com/
874 B
655 B
Script
General
Full URL
https://a.exoclick.com/tag_gen.js
Requested by
Host: mail.soperfectmails.com
URL: https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4190) /
Resource Hash
7b58a94951c72705fa18e3aca84f1f9b4473d9a7b1556ba9bd02d0ef619d5897

Request headers

Referer
https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:13 GMT
content-encoding
gzip
last-modified
Mon, 09 Nov 2020 11:26:49 GMT
server
ECS (fcn/4190)
age
4044
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=10800
accept-ranges
bytes
content-length
471
expires
Mon, 09 Nov 2020 15:34:13 GMT
ea4d4998-af95-4354-8d24-2a39ab8d6bdf
runative-syndicate.com/api/v1/retargeting/set/
35 B
468 B
Image
General
Full URL
https://runative-syndicate.com/api/v1/retargeting/set/ea4d4998-af95-4354-8d24-2a39ab8d6bdf
Requested by
Host: mail.soperfectmails.com
URL: https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.236.138 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.138.236.251.148.clients.your-server.de
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Nov 2020 12:34:13 GMT
server
nginx
x-api-version
1
vary
*
report-to
{ "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type
image/gif; charset=utf-8
status
200
cache-control
no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag
none, noindex, nofollow
content-length
35
x-request-id
215c61096610d937
expires
0
0d3a6a43-cdfd-4535-89b2-19b28a6d317d
tsyndicate.com/api/v1/retargeting/set/
35 B
463 B
Image
General
Full URL
https://tsyndicate.com/api/v1/retargeting/set/0d3a6a43-cdfd-4535-89b2-19b28a6d317d
Requested by
Host: mail.soperfectmails.com
URL: https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.130.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.130.243.136.clients.your-server.de
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Nov 2020 12:34:13 GMT
server
nginx
x-api-version
1
vary
*
report-to
{ "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type
image/gif; charset=utf-8
status
200
cache-control
no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag
none, noindex, nofollow
content-length
35
x-request-id
8be79ecc38eb8e4e
expires
0
tag.php
main.exdynsrv.com/
0
419 B
Image
General
Full URL
https://main.exdynsrv.com/tag.php?goal=6523cc2653ef3a0fed83fb40b32d16f3
Requested by
Host: mail.soperfectmails.com
URL: https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 09 Nov 2020 12:34:13 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tag.php
main.exoclick.com/
0
419 B
Image
General
Full URL
https://main.exoclick.com/tag.php?goal=6523cc2653ef3a0fed83fb40b32d16f3
Requested by
Host: mail.soperfectmails.com
URL: https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 09 Nov 2020 12:34:13 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tag.php
main.realsrv.com/
0
418 B
Image
General
Full URL
https://main.realsrv.com/tag.php?goal=6523cc2653ef3a0fed83fb40b32d16f3
Requested by
Host: mail.soperfectmails.com
URL: https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 09 Nov 2020 12:34:13 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
38af04105afc3366d0390a0f89ac1349
mail.soperfectmails.com/owl/mailpxjs/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/
176 B
633 B
Fetch
General
Full URL
https://mail.soperfectmails.com/owl/mailpxjs/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&amp;template=prelinker-mail-affaire-txt-6&amp;cid=3656&amp;utm_source=pub-36-list-57&amp;utm_medium=AlexanderSeV&amp;clickId=V0BtVqHMVtI
Requested by
Host: mail.soperfectmails.com
URL: https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.124.241.2 , Rwanda, ASN49645 (SOFT-EXPERT-AS, RO),
Reverse DNS
mta2.mail.gotmail4u.com
Software
Apache/2.2.15 (CentOS) / PHP/7.0.33
Resource Hash

Request headers

Referer
https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 09 Nov 2020 12:34:13 GMT
Cache-Control
no-cache
Server
Apache/2.2.15 (CentOS)
Connection
close
X-Powered-By
PHP/7.0.33
Content-Length
176
Content-Type
application/json
Primary Request jump
hottieswantu.com/
Redirect Chain
  • https://hottieswantu.com/tds?tdsId=s9124shm_r&tds_campaign=s9124shm&utm_source=ddm&utm_campaign=a74fda2a&s1=dd&data2=204H5C8I7HZE6JY7E1HXFUG
  • https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&d...
32 KB
32 KB
Document
General
Full URL
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Requested by
Host: mail.soperfectmails.com
URL: https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.149.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-149-40.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9552519c24b105cc1e7aa05d92764a8fea8e82eaba4c4b5ec1348dffa1a96351

Request headers

:method
GET
:authority
hottieswantu.com
:scheme
https
:path
/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
AWSALB=nW5PNE83J4SzlkD8kuZlUt5CtvdpOihbzrNXqxAddyvTeQvGJTd6tjVkrQHm5SV16OV8CxSO04qlfLW+ZbrYQi+4WLEIqLxQb0FpGIt70SVARpkeuMKu2P07GDeR; AWSALBCORS=nW5PNE83J4SzlkD8kuZlUt5CtvdpOihbzrNXqxAddyvTeQvGJTd6tjVkrQHm5SV16OV8CxSO04qlfLW+ZbrYQi+4WLEIqLxQb0FpGIt70SVARpkeuMKu2P07GDeR; dci=b62cfe49737f4eba1e94bad5c65200df434f851b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&template=prelinker-mail-affaire-txt-6&cid=3656&utm_source=pub-36-list-57&utm_medium=AlexanderSeV&clickId=V0BtVqHMVtI

Response headers

status
200
date
Mon, 09 Nov 2020 12:34:16 GMT
content-type
text/html; charset=UTF-8
content-length
32890
server
nginx

Redirect headers

status
302
date
Mon, 09 Nov 2020 12:34:16 GMT
location
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
server
nginx
set-cookie
AWSALB=nW5PNE83J4SzlkD8kuZlUt5CtvdpOihbzrNXqxAddyvTeQvGJTd6tjVkrQHm5SV16OV8CxSO04qlfLW+ZbrYQi+4WLEIqLxQb0FpGIt70SVARpkeuMKu2P07GDeR; Expires=Mon, 16 Nov 2020 12:34:16 GMT; Path=/ AWSALBCORS=nW5PNE83J4SzlkD8kuZlUt5CtvdpOihbzrNXqxAddyvTeQvGJTd6tjVkrQHm5SV16OV8CxSO04qlfLW+ZbrYQi+4WLEIqLxQb0FpGIt70SVARpkeuMKu2P07GDeR; Expires=Mon, 16 Nov 2020 12:34:16 GMT; Path=/; SameSite=None; Secure dci=b62cfe49737f4eba1e94bad5c65200df434f851b; Max-Age=31536000; Domain=.hottieswantu.com; Path=/; Expires=Tue, 09 Nov 2021 12:34:16 GMT; Secure; SameSite=None
accept-ch
UA, Platform, Model, Mobile, Arch
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
access-control-allow-origin
*
webPushMotivationPopupSmall.css
www.cdnreference.com/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.cdnreference.com/css/webPushMotivationPopupSmall.css?v=2
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 08:18:06 GMT
content-encoding
gzip
last-modified
Wed, 31 Oct 2018 08:29:51 GMT
server
nginx
age
15371
etag
W/"1340-579821b240313"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
UNMMyOKSL2W8lnaMvnWNMSlAZP8aYmhWnDijyPxKpJI8w66b9xr3Mw==
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
585dda40d8d17cd08567ebe0d6abe8e5.css
www.cdnreference.com/landings/23637/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f8b93cbef77d85827768ad2493aa09be149b11c0e0977862cce2e8740ce7c66e

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 08:37:34 GMT
content-encoding
gzip
last-modified
Fri, 24 May 2019 15:13:04 GMT
server
nginx
age
14203
etag
W/"1fb2-589a3a2968000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
KCOp_-EvpsdaZagqjuFXeI2qNGGk6vSACZT_vWSdVpXna_T98kWX8A==
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
c21e8f2084dc75caa07f9bbd8dc5275f.js
www.cdnreference.com/landings/23637/js/
95 KB
34 KB
Script
General
Full URL
https://www.cdnreference.com/landings/23637/js/c21e8f2084dc75caa07f9bbd8dc5275f.js
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
970bc9050f98df271e1a90baf19e3ffac616b26f471ed7b086eab2f5c85edb91

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 20:25:06 GMT
content-encoding
gzip
last-modified
Fri, 24 May 2019 15:13:04 GMT
server
nginx
age
58151
etag
W/"17d28-589a3a2968000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
5kUJq56y02B3uZGHUAOzmEme4p2A4CQ9yoAzW-2s35WGiamrIO4X8g==
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
bg1.jpg
www.cdnreference.com/landings/23637/images/
54 KB
55 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/bg1.jpg
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9042daa5361c48f13935e407e0301d525ae6b0962ce43ce2c282e477ed4292c9

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 10:31:13 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 06:44:10 GMT
server
nginx
age
7384
etag
"d9a2-5898868c74280"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
55714
x-amz-cf-id
B7ClfcUZWJlDhNjHYhLLjcG6I3tESeY6J3C1JjXMu8qr4jg4WCuTcw==
bg2.jpg
www.cdnreference.com/landings/23637/images/
66 KB
66 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/bg2.jpg
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
23c8677204e3f92679bae8d25b0a8bb519bcc88f8832503695634d5ff2a5339f

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 17:05:11 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 06:44:10 GMT
server
nginx
age
70146
etag
"106fd-5898868c74280"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
67325
x-amz-cf-id
Fkz6bZUbksbfijI7gzi1K93HbcXKgA2GsmhyzznwbIt2edlhtlLv6A==
bg3.jpg
www.cdnreference.com/landings/23637/images/
192 KB
193 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/bg3.jpg
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8ed31213173020017e8100fb3afe61833a83f0fbb1300eea5ccc4f675eaecbf1

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:13:36 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 06:44:10 GMT
server
nginx
age
1241
etag
"30113-5898868c74280"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
196883
x-amz-cf-id
QaEull5gR1udlbLsAKaoLBt0QVqE2JSsnRp1ILWKoxChGLGp3TlTSA==
i1.jpg
www.cdnreference.com/landings/23637/images/
28 KB
28 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/i1.jpg
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
308f6bab318caff7af58ba7ad558db73fc3026f0fb58658f297972285fb920e3

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 10:31:13 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 06:44:10 GMT
server
nginx
age
7384
etag
"6e3d-5898868c74280"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
28221
x-amz-cf-id
wtp2U1EfkkTrcutHCz391Vj9OeCCBV9v5b2v47MvWatrrBro44QdDg==
i2.jpg
www.cdnreference.com/landings/23637/images/
25 KB
25 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/i2.jpg
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
90da4a4be0bc66ac1f82b6544ca119c151d304a32e9c35f927c73f3e816bb4d9

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 13:54:00 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 06:44:10 GMT
server
nginx
age
81617
etag
"638e-5898868c74280"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
25486
x-amz-cf-id
ecrviDFa2zyCye0zG6V4luwOYdeEELzWqCAiEWnkRPA1CcFg9AHUTg==
i3.jpg
www.cdnreference.com/landings/23637/images/
53 KB
53 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/i3.jpg
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b8810b47d358dd8885ca63832bd86b6224f198159269550c7da2b5b65c17513a

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 11:00:12 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 06:44:10 GMT
server
nginx
age
5645
etag
"d233-5898868c74280"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
53811
x-amz-cf-id
ceyUpNoTCuNBCOsTrr_Iy5kz9c7bhoVs5rIc9pRPFyuMObAXpMUwBw==
i4.jpg
www.cdnreference.com/landings/23637/images/
42 KB
42 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/i4.jpg
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6f91ef3cba11897365646cb4aca3453834134cab10cd0ad0a90384de6f60c1e8

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:13:36 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 06:44:10 GMT
server
nginx
age
1241
etag
"a692-5898868c74280"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
42642
x-amz-cf-id
UXIXaIpTM5kx1C5sREj0jHUGCVRvIfnJy1i4P5VCesSRJKb1Tm1Erw==
i5.jpg
www.cdnreference.com/landings/23637/images/
14 KB
15 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/i5.jpg
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
90c611fc0c4e1df48724d900079b213a5ed786044e0fcd38728942a4bf4dcf1e

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 10:31:13 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 06:44:10 GMT
server
nginx
age
7384
etag
"3988-5898868c74280"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
14728
x-amz-cf-id
h8CJ929NYg_qeoGuxtmH5oQC53btWxyKlC_KgsDdVHkw1Hr_lY86MA==
i6.jpg
www.cdnreference.com/landings/23637/images/
16 KB
17 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/i6.jpg
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8ee92e8ea9837699eaa56e30cc6a04f627d9c576fd29eb191383617fe2ea1d68

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 13:54:00 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 06:44:10 GMT
server
nginx
age
81617
etag
"41de-5898868c74280"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
16862
x-amz-cf-id
JcWDOMmf6Zzb9dc0JMYkKCYiVwMtXNyqhlLygM8zF2Q_HmcorY8Gkw==
bg5.jpg
www.cdnreference.com/landings/23637/images/
77 KB
77 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/bg5.jpg
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d7b2cd74aae2c5c066f2e57e438ef009bac1a25adab949c837437897eda10216

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 10:31:13 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2019 10:35:23 GMT
server
nginx
age
7384
etag
"1341e-5899fc183d0c0"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
78878
x-amz-cf-id
olvDCcNM-cGxnJuun76Gnn5K9MCXRdN14_JAPMNIL-ZhH8YYnDNvvg==
webPushMotivationPopupSmall.js
www.cdnreference.com/js/
9 KB
4 KB
Script
General
Full URL
https://www.cdnreference.com/js/webPushMotivationPopupSmall.js?v=8
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
85f09c34c4b7fc07125b5a5c84f6bbd1dde7df7f1ee059701a3660264300342f

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 02:51:32 GMT
content-encoding
gzip
last-modified
Wed, 31 Oct 2018 08:29:51 GMT
server
nginx
age
34965
etag
W/"22c1-579821b2406fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
LesoLJgv4P1mvtWsKqaeEJ8NvR_lE2xjtaLx0q7Fs2LMVc1vrDHayg==
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
dc_img.js
www.cdnreference.com/js/
488 B
802 B
Script
General
Full URL
https://www.cdnreference.com/js/dc_img.js?v=8
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 08:01:28 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Thu, 29 Oct 2020 09:22:15 GMT
server
nginx
age
16369
etag
"1e8-5b2cbd0d9620d"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
488
x-amz-cf-id
KszbB9oN9DHRZPi79PVUNzB1DGHgOIhldIFfKzvaE603zX9PfFOxag==
css
fonts.googleapis.com/
1 KB
495 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Assistant
Requested by
Host: www.cdnreference.com
URL: https://www.cdnreference.com/css/webPushMotivationPopupSmall.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce12a646e971f911752f1faf64db973852c3a3d73170105d97a884ec49b51212
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cdnreference.com/css/webPushMotivationPopupSmall.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 09 Nov 2020 10:40:22 GMT
server
ESF
date
Mon, 09 Nov 2020 12:34:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 Nov 2020 12:34:17 GMT
css
fonts.googleapis.com/
5 KB
759 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: www.cdnreference.com
URL: https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d32996520262a9559a26eafe3413cf1a2fe53f448da989d0493e7851f887a1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 09 Nov 2020 11:40:43 GMT
server
ESF
date
Mon, 09 Nov 2020 12:34:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 Nov 2020 12:34:17 GMT
gtm.js
www.googletagmanager.com/
88 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d294896b56134da6891b38d2f6e0c13fefe2742e8c608fad0b9ab492f13ea15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:17 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33777
x-xss-protection
0
last-modified
Mon, 09 Nov 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 09 Nov 2020 12:34:17 GMT
dataa-bg1.jpg
www.cdnreference.com/landings/23637/images/
36 KB
37 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/dataa-bg1.jpg
Requested by
Host: www.cdnreference.com
URL: https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d9765d8cd8122190e8940d029157b74734ed9517d22edff2a554bef5d4b5122a

Request headers

Referer
https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 17:05:11 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2019 09:58:47 GMT
server
nginx
age
70146
etag
"90de-5899f3e9f83c0"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
37086
x-amz-cf-id
6rfc9CCPDSt_IpYsrM8KTf09GO4aobpjHqcUDmD8XiMcO-GAv47bsg==
logo.svg
www.cdnreference.com/landings/23637/images/
87 KB
46 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/logo.svg
Requested by
Host: www.cdnreference.com
URL: https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
757cb5ab4e0c38e098d63aa9859588466159f6af675b3116b9bd4869ddd90eae

Request headers

Referer
https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 10:39:02 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2019 06:44:10 GMT
server
nginx
age
6915
etag
W/"15abc-5898868c74280"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
PtV-ru9e4spOIcJA-WBkTsSDZRcIAGQTfSzIXyWJr93boHVY2FRvgA==
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
dataa-bg2.jpg
www.cdnreference.com/landings/23637/images/
68 KB
68 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/dataa-bg2.jpg
Requested by
Host: www.cdnreference.com
URL: https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fad5c1da54dec79b6d1aff5095a7b81c05d935910c046a0fb43224a60f39d5b0

Request headers

Referer
https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 10:31:13 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2019 09:58:47 GMT
server
nginx
age
7384
etag
"10f04-5899f3e9f83c0"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
69380
x-amz-cf-id
phuVGC1k_aBZSBECDZRslsmHM_oedez95XBzbTjxYC9ElflNLQib4A==
dataa-bg3.jpg
www.cdnreference.com/landings/23637/images/
51 KB
52 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/dataa-bg3.jpg
Requested by
Host: www.cdnreference.com
URL: https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1a92db522b8239ad2e1ec34ea4bd2f8a726dba4b6e0049f8437d8e17c6c7a12

Request headers

Referer
https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 10:31:13 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2019 09:58:47 GMT
server
nginx
age
7384
etag
"cc93-5899f3e9f83c0"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
52371
x-amz-cf-id
xh6D9t3GqdkR8BgnRRIW5QLouF6p54zCQqClvAbnRi9vw3RndS9qWw==
dataa-bg4.jpg
www.cdnreference.com/landings/23637/images/
57 KB
57 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/dataa-bg4.jpg
Requested by
Host: www.cdnreference.com
URL: https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
86405fc881a496e715a7c423900cd9aa75fbf7660869ce73df54ae72838abf2a

Request headers

Referer
https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 18:13:25 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2019 09:58:47 GMT
server
nginx
age
66052
etag
"e331-5899f3e9f83c0"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
58161
x-amz-cf-id
MLz8CzT9KHqXL35o7mQv69YMYEXqUIMEjphKdXEEQIJXCLlCIkMJIA==
dataa-bg5.jpg
www.cdnreference.com/landings/23637/images/
43 KB
44 KB
Image
General
Full URL
https://www.cdnreference.com/landings/23637/images/dataa-bg5.jpg
Requested by
Host: www.cdnreference.com
URL: https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:8200:a:cd44:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c480f60314ec7cc36b5681a0c7837a81dbd4a6b5e9daed04fab674f65ff029b6

Request headers

Referer
https://www.cdnreference.com/landings/23637/css/585dda40d8d17cd08567ebe0d6abe8e5.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 17:30:57 GMT
via
1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2019 09:58:47 GMT
server
nginx
age
68600
etag
"acc0-5899f3e9f83c0"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-length
44224
x-amz-cf-id
ODfKoQ_fOEGiPV7ZHdU-6wSmvzeyanv01euaHnbs0OZ87gk03yQ1WA==
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hottieswantu.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 23:06:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
134882
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Sun, 07 Nov 2021 23:06:15 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hottieswantu.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 23:34:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
133190
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sun, 07 Nov 2021 23:34:27 GMT
fp_ec.js
retargetcore.com/fp/
1 KB
1 KB
Script
General
Full URL
https://retargetcore.com/fp/fp_ec.js
Requested by
Host: www.cdnreference.com
URL: https://www.cdnreference.com/js/dc_img.js?v=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.130.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-130-184.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
693ab511dfb8146a75e05a4d2b28e52a49447814bb190a092e61eb2f1ded56a7

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:17 GMT
content-encoding
gzip
last-modified
Thu, 05 Nov 2020 07:55:07 GMT
server
nginx
etag
W/"581-1759766ef78"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=6
accept-ranges
bytes
a
www.googletagmanager.com/
0
339 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-KMSJRW&cv=35&v=3&t=t&pid=599413658&rv=as1&es=1&e=gtm.js&eid=1&tc=12&tr=1cl.1cl.1cl.1cl&ti=1cl.1cl.1cl.1cl&z=0
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Nov 2020 12:34:17 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/
0
21 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-KMSJRW&cv=35&v=3&t=t&pid=599413658&rv=as1&es=1&e=gtm.dom&eid=2&tc=12&z=0
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Nov 2020 12:34:17 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
uf.noclef.com/c_js/
8 KB
3 KB
Script
General
Full URL
https://uf.noclef.com/c_js/main.js?
Requested by
Host: retargetcore.com
URL: https://retargetcore.com/fp/fp_ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
689e59a45100d6dd1d849064a69d7bcaf3698c9c5160d1907715886899060f7c

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:17 GMT
content-encoding
gzip
etag
W/"2031-i+7r+OIDuGUgg6M88Hztlbchh1w"
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
secoffer.js
hottieswantu.com/
627 B
1 KB
Script
General
Full URL
https://hottieswantu.com/secoffer.js?
Requested by
Host: retargetcore.com
URL: https://retargetcore.com/fp/fp_ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.149.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-149-40.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4ec3e0ef43d699d7bd1276fbe3bb1d5d72becca9967fe24590e775567beab2dd

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:17 GMT
last-modified
Thu, 05 Nov 2020 07:55:07 GMT
server
nginx
etag
W/"273-1759766ef78"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=6
accept-ranges
bytes
content-length
627
mtu-integration-bridge.js
hottieswantu.com/
2 KB
1 KB
Script
General
Full URL
https://hottieswantu.com/mtu-integration-bridge.js?
Requested by
Host: retargetcore.com
URL: https://retargetcore.com/fp/fp_ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.149.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-149-40.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d0c0205ce1816b0ee75c06d49da86116ff18657f2ae7f01b3e16b84c963de26a

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:17 GMT
content-encoding
gzip
last-modified
Thu, 05 Nov 2020 07:55:07 GMT
server
nginx
etag
W/"772-1759766ef78"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=6
accept-ranges
bytes
ac3fc68831981c704535980c826941a5
retargetcore.com/43fbb6270523e1760fa5f0d2579dea07/
35 B
730 B
Image
General
Full URL
https://retargetcore.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&j_type=open&jump=23637&jump_name=
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.130.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-130-184.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:17 GMT
server
nginx
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ch
UA, Platform, Model, Mobile, Arch
content-type
image/gif
sui-integration.js
hottieswantu.com/
25 KB
9 KB
Script
General
Full URL
https://hottieswantu.com/sui-integration.js
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/mtu-integration-bridge.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.149.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-149-40.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
943210c95bb4ccfaba5cd8729cb873afbad5cb126fe03ff5305049cd639ccfad

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:17 GMT
content-encoding
gzip
last-modified
Thu, 05 Nov 2020 07:55:07 GMT
server
nginx
etag
W/"6477-1759766ef78"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=6
accept-ranges
bytes
mtu-integration.js
hottieswantu.com/
4 KB
2 KB
Script
General
Full URL
https://hottieswantu.com/mtu-integration.js
Requested by
Host: hottieswantu.com
URL: https://hottieswantu.com/mtu-integration-bridge.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.149.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-149-40.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
53cecb6be58650103848b99f7baf48d1fbbf4491100536852d521f80328a66a5

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:17 GMT
content-encoding
gzip
last-modified
Thu, 05 Nov 2020 07:55:07 GMT
server
nginx
etag
W/"e00-1759766ef78"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=6
accept-ranges
bytes
rtr.js
uf.noclef.com/c_js/
1 KB
878 B
Script
General
Full URL
https://uf.noclef.com/c_js/rtr.js?placement=default&referer=https%3A%2F%2Fmail.soperfectmails.com%2Fowl%2Fmail%2FV0BtVqHMVtI%2Fe938b33ab0f5ef21cf9151f2384dbc52%2F38af04105afc3366d0390a0f89ac1349%3Fvertical%3D1%26template%3Dprelinker-mail-affaire-txt-6%26cid%3D3656%26utm_source%3Dpub-36-list-57%26utm_medium%3DAlexanderSeV%26clickId%3DV0BtVqHMVtI&doc_location=https%253A%252F%252Fhottieswantu.com%252Fjump%253Ftds_campaign%253Db7029shm%2526tds_id%253Db7029shm_jump_a_574076808335%2526tds_oid%253D23637%2526tds_cid%253D93135fe83b913e3d5115768249d8014cf6b723f9%2526tds_host%253Dhottieswantu.com%2526tds_ac_id%253Ds9124shm%2526dci%253Db62cfe49737f4eba1e94bad5c65200df434f851b%2526id%253D23637%2526utm_campaign%253Da74fda2a%2526utm_source%253Dddm%2526utm_content%253D%25257Butm_content%25257D%2526utm_term%253Dweb_mare_fra_b7029shm%2526data2%253D204H5C8I7HZE6JY7E1HXFUG%2526s1%253Ddd%2526_tgUrl%253DaHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={}
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
cb044019cea01ef195ce591e8f91060d4a19428adecd5dc844d862d12497d33e

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:17 GMT
content-encoding
gzip
etag
W/"4b3-HNM0Z+FzfBdBjg9K3oEYhigonrg"
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
rtl.js
uf.noclef.com/c_js/
2 KB
1 KB
Script
General
Full URL
https://uf.noclef.com/c_js/rtl.js?placement=default&referer=https%3A%2F%2Fmail.soperfectmails.com%2Fowl%2Fmail%2FV0BtVqHMVtI%2Fe938b33ab0f5ef21cf9151f2384dbc52%2F38af04105afc3366d0390a0f89ac1349%3Fvertical%3D1%26template%3Dprelinker-mail-affaire-txt-6%26cid%3D3656%26utm_source%3Dpub-36-list-57%26utm_medium%3DAlexanderSeV%26clickId%3DV0BtVqHMVtI&doc_location=https%253A%252F%252Fhottieswantu.com%252Fjump%253Ftds_campaign%253Db7029shm%2526tds_id%253Db7029shm_jump_a_574076808335%2526tds_oid%253D23637%2526tds_cid%253D93135fe83b913e3d5115768249d8014cf6b723f9%2526tds_host%253Dhottieswantu.com%2526tds_ac_id%253Ds9124shm%2526dci%253Db62cfe49737f4eba1e94bad5c65200df434f851b%2526id%253D23637%2526utm_campaign%253Da74fda2a%2526utm_source%253Dddm%2526utm_content%253D%25257Butm_content%25257D%2526utm_term%253Dweb_mare_fra_b7029shm%2526data2%253D204H5C8I7HZE6JY7E1HXFUG%2526s1%253Ddd%2526_tgUrl%253DaHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={}
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
61861e4b5aa98c3f817bafc4bd0cdd6b65e0930bf131515b7e101bbee6bc3447

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:17 GMT
content-encoding
gzip
etag
W/"739-GEEnt3UBqZtSoFeIM5ZChOOxKEQ"
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
webpush.js
uf.noclef.com/c_js/
105 KB
29 KB
Script
General
Full URL
https://uf.noclef.com/c_js/webpush.js?placement=default&referer=https%3A%2F%2Fmail.soperfectmails.com%2Fowl%2Fmail%2FV0BtVqHMVtI%2Fe938b33ab0f5ef21cf9151f2384dbc52%2F38af04105afc3366d0390a0f89ac1349%3Fvertical%3D1%26template%3Dprelinker-mail-affaire-txt-6%26cid%3D3656%26utm_source%3Dpub-36-list-57%26utm_medium%3DAlexanderSeV%26clickId%3DV0BtVqHMVtI&doc_location=https%253A%252F%252Fhottieswantu.com%252Fjump%253Ftds_campaign%253Db7029shm%2526tds_id%253Db7029shm_jump_a_574076808335%2526tds_oid%253D23637%2526tds_cid%253D93135fe83b913e3d5115768249d8014cf6b723f9%2526tds_host%253Dhottieswantu.com%2526tds_ac_id%253Ds9124shm%2526dci%253Db62cfe49737f4eba1e94bad5c65200df434f851b%2526id%253D23637%2526utm_campaign%253Da74fda2a%2526utm_source%253Dddm%2526utm_content%253D%25257Butm_content%25257D%2526utm_term%253Dweb_mare_fra_b7029shm%2526data2%253D204H5C8I7HZE6JY7E1HXFUG%2526s1%253Ddd%2526_tgUrl%253DaHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={}
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
71196fab70e5e8257abdf34834473f5e296adfd5ffd03ec3223d3b8ddcdc3e2d

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:17 GMT
content-encoding
gzip
etag
W/"1a4ce-0JRgOxwRjgEJY1btHU3BZgH3L/8"
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
recaptcha.js
uf.noclef.com/c_js/
2 KB
1 KB
Script
General
Full URL
https://uf.noclef.com/c_js/recaptcha.js?placement=default&referer=https%3A%2F%2Fmail.soperfectmails.com%2Fowl%2Fmail%2FV0BtVqHMVtI%2Fe938b33ab0f5ef21cf9151f2384dbc52%2F38af04105afc3366d0390a0f89ac1349%3Fvertical%3D1%26template%3Dprelinker-mail-affaire-txt-6%26cid%3D3656%26utm_source%3Dpub-36-list-57%26utm_medium%3DAlexanderSeV%26clickId%3DV0BtVqHMVtI&doc_location=https%253A%252F%252Fhottieswantu.com%252Fjump%253Ftds_campaign%253Db7029shm%2526tds_id%253Db7029shm_jump_a_574076808335%2526tds_oid%253D23637%2526tds_cid%253D93135fe83b913e3d5115768249d8014cf6b723f9%2526tds_host%253Dhottieswantu.com%2526tds_ac_id%253Ds9124shm%2526dci%253Db62cfe49737f4eba1e94bad5c65200df434f851b%2526id%253D23637%2526utm_campaign%253Da74fda2a%2526utm_source%253Dddm%2526utm_content%253D%25257Butm_content%25257D%2526utm_term%253Dweb_mare_fra_b7029shm%2526data2%253D204H5C8I7HZE6JY7E1HXFUG%2526s1%253Ddd%2526_tgUrl%253DaHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={}
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
30794dd9612847e82aaff223c4988f6dc918908c824edfdf0da442ac29ff633e

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:17 GMT
content-encoding
gzip
etag
W/"6e3-Gs1j5CHdcklNbGOwEFdzA1pV8W8"
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
codes
uf.noclef.com/v1/rtl/
317 B
549 B
XHR
General
Full URL
https://uf.noclef.com/v1/rtl/codes?referer=https%3A%2F%2Fmail.soperfectmails.com%2Fowl%2Fmail%2FV0BtVqHMVtI%2Fe938b33ab0f5ef21cf9151f2384dbc52%2F38af04105afc3366d0390a0f89ac1349%3Fvertical%3D1%26amp%3Btemplate%3Dprelinker-mail-affaire-txt-6%26amp%3Bcid%3D3656%26amp%3Butm_source%3Dpub-36-list-57%26amp%3Butm_medium%3DAlexanderSeV%26amp%3BclickId%3DV0BtVqHMVtI&doc_location=https%3A%2F%2Fhottieswantu.com%2Fjump%3Ftds_campaign%3Db7029shm%26tds_id%3Db7029shm_jump_a_574076808335%26tds_oid%3D23637%26tds_cid%3D93135fe83b913e3d5115768249d8014cf6b723f9%26tds_host%3Dhottieswantu.com%26tds_ac_id%3Ds9124shm%26dci%3Db62cfe49737f4eba1e94bad5c65200df434f851b%26id%3D23637%26utm_campaign%3Da74fda2a%26utm_source%3Dddm%26utm_content%3D%257Butm_content%257D%26utm_term%3Dweb_mare_fra_b7029shm%26data2%3D204H5C8I7HZE6JY7E1HXFUG%26s1%3Ddd%26_tgUrl%3DaHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw%26tds_rt%3D%26tds_ao%3D1
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
9a78bc8f5a945195574e58b87eb0601b66358bd83d816601fd5230cf4256d2a1

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:17 GMT
etag
W/"13d-4egR4tk07cQ/AptNpdiyA0XXVeY"
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
317
hottieswantu.com
uf.noclef.com/v1/recaptcha/inject/
101 B
335 B
XHR
General
Full URL
https://uf.noclef.com/v1/recaptcha/inject/hottieswantu.com?placement=default&referer=https%3A%2F%2Fmail.soperfectmails.com%2Fowl%2Fmail%2FV0BtVqHMVtI%2Fe938b33ab0f5ef21cf9151f2384dbc52%2F38af04105afc3366d0390a0f89ac1349%3Fvertical%3D1%26amp%3Btemplate%3Dprelinker-mail-affaire-txt-6%26amp%3Bcid%3D3656%26amp%3Butm_source%3Dpub-36-list-57%26amp%3Butm_medium%3DAlexanderSeV%26amp%3BclickId%3DV0BtVqHMVtI&doc_location=https%3A%2F%2Fhottieswantu.com%2Fjump%3Ftds_campaign%3Db7029shm%26tds_id%3Db7029shm_jump_a_574076808335%26tds_oid%3D23637%26tds_cid%3D93135fe83b913e3d5115768249d8014cf6b723f9%26tds_host%3Dhottieswantu.com%26tds_ac_id%3Ds9124shm%26dci%3Db62cfe49737f4eba1e94bad5c65200df434f851b%26id%3D23637%26utm_campaign%3Da74fda2a%26utm_source%3Dddm%26utm_content%3D%257Butm_content%257D%26utm_term%3Dweb_mare_fra_b7029shm%26data2%3D204H5C8I7HZE6JY7E1HXFUG%26s1%3Ddd%26_tgUrl%3DaHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw%26tds_rt%3D%26tds_ao%3D1
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
775bfc44868c04ff21d73b8237f9d426f5e86cee32e9ce800ee4f99bd0c6bb97

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:17 GMT
etag
W/"65-KWBTeogZ/iALEpP8w54rYjF2RIM"
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
101
hottieswantu.com
uf.noclef.com/v1/rtr/check/
24 B
255 B
XHR
General
Full URL
https://uf.noclef.com/v1/rtr/check/hottieswantu.com?referer=https://mail.soperfectmails.com/owl/mail/V0BtVqHMVtI/e938b33ab0f5ef21cf9151f2384dbc52/38af04105afc3366d0390a0f89ac1349?vertical=1&amp;template=prelinker-mail-affaire-txt-6&amp;cid=3656&amp;utm_source=pub-36-list-57&amp;utm_medium=AlexanderSeV&amp;clickId=V0BtVqHMVtI&doc_location=https%3A%2F%2Fhottieswantu.com%2Fjump%3Ftds_campaign%3Db7029shm%26tds_id%3Db7029shm_jump_a_574076808335%26tds_oid%3D23637%26tds_cid%3D93135fe83b913e3d5115768249d8014cf6b723f9%26tds_host%3Dhottieswantu.com%26tds_ac_id%3Ds9124shm%26dci%3Db62cfe49737f4eba1e94bad5c65200df434f851b%26id%3D23637%26utm_campaign%3Da74fda2a%26utm_source%3Dddm%26utm_content%3D%257Butm_content%257D%26utm_term%3Dweb_mare_fra_b7029shm%26data2%3D204H5C8I7HZE6JY7E1HXFUG%26s1%3Ddd%26_tgUrl%3DaHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw%26tds_rt%3D%26tds_ao%3D1
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
5e4f2ff5631af1f28c050f82b71604ccbcc3661c9969fae7f085341c5a00b86f

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 12:34:18 GMT
etag
W/"18-JzcvvHrReMVcAMARB6bmb4HrEQ0"
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
24
track
uf.noclef.com/v1/webpush/
11 B
262 B
XHR
General
Full URL
https://uf.noclef.com/v1/webpush/track?uaDataValues={}
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/webpush.js?placement=default&referer=https%3A%2F%2Fmail.soperfectmails.com%2Fowl%2Fmail%2FV0BtVqHMVtI%2Fe938b33ab0f5ef21cf9151f2384dbc52%2F38af04105afc3366d0390a0f89ac1349%3Fvertical%3D1%26template%3Dprelinker-mail-affaire-txt-6%26cid%3D3656%26utm_source%3Dpub-36-list-57%26utm_medium%3DAlexanderSeV%26clickId%3DV0BtVqHMVtI&doc_location=https%253A%252F%252Fhottieswantu.com%252Fjump%253Ftds_campaign%253Db7029shm%2526tds_id%253Db7029shm_jump_a_574076808335%2526tds_oid%253D23637%2526tds_cid%253D93135fe83b913e3d5115768249d8014cf6b723f9%2526tds_host%253Dhottieswantu.com%2526tds_ac_id%253Ds9124shm%2526dci%253Db62cfe49737f4eba1e94bad5c65200df434f851b%2526id%253D23637%2526utm_campaign%253Da74fda2a%2526utm_source%253Dddm%2526utm_content%253D%25257Butm_content%25257D%2526utm_term%253Dweb_mare_fra_b7029shm%2526data2%253D204H5C8I7HZE6JY7E1HXFUG%2526s1%253Ddd%2526_tgUrl%253DaHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
185486091df0b98cd0497e39891912209209c94df89bd989a0ab397cde61f1d4

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 09 Nov 2020 12:34:18 GMT
status
200
x-powered-by
Express
etag
W/"b-yHl5CkQW7JVvNHB+r5i4h6FZPGk"
vary
X-HTTP-Method-Override, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
11
track
uf.noclef.com/v1/webpush/ Frame
0
0
Other
General
Full URL
https://uf.noclef.com/v1/webpush/track?uaDataValues={}
Protocol
H2
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://hottieswantu.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Mon, 09 Nov 2020 12:34:17 GMT
content-type
text/html; charset=utf-8
content-length
4
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
POST
etag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
vary
Accept-Encoding
init
uf.noclef.com/c_js/rtSlot/ Frame FFE6
0
0
Document
General
Full URL
https://uf.noclef.com/c_js/rtSlot/init?event=jumpVisit0Sec
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/rtl.js?placement=default&referer=https%3A%2F%2Fmail.soperfectmails.com%2Fowl%2Fmail%2FV0BtVqHMVtI%2Fe938b33ab0f5ef21cf9151f2384dbc52%2F38af04105afc3366d0390a0f89ac1349%3Fvertical%3D1%26template%3Dprelinker-mail-affaire-txt-6%26cid%3D3656%26utm_source%3Dpub-36-list-57%26utm_medium%3DAlexanderSeV%26clickId%3DV0BtVqHMVtI&doc_location=https%253A%252F%252Fhottieswantu.com%252Fjump%253Ftds_campaign%253Db7029shm%2526tds_id%253Db7029shm_jump_a_574076808335%2526tds_oid%253D23637%2526tds_cid%253D93135fe83b913e3d5115768249d8014cf6b723f9%2526tds_host%253Dhottieswantu.com%2526tds_ac_id%253Ds9124shm%2526dci%253Db62cfe49737f4eba1e94bad5c65200df434f851b%2526id%253D23637%2526utm_campaign%253Da74fda2a%2526utm_source%253Dddm%2526utm_content%253D%25257Butm_content%25257D%2526utm_term%253Dweb_mare_fra_b7029shm%2526data2%253D204H5C8I7HZE6JY7E1HXFUG%2526s1%253Ddd%2526_tgUrl%253DaHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

:method
GET
:authority
uf.noclef.com
:scheme
https
:path
/c_js/rtSlot/init?event=jumpVisit0Sec
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
visitor_id=5fa9374981f0b000333049cc; company_id=5e7394e17d80240076c64932
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1

Response headers

status
200
date
Mon, 09 Nov 2020 12:34:18 GMT
content-type
text/html; charset=utf-8
content-length
284
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
etag
W/"11c-X/X8d070c6a453w7cTt+4m+2sis"
vary
Accept-Encoding
init
uf.noclef.com/c_js/rtSlot/ Frame 9D5C
0
0
Document
General
Full URL
https://uf.noclef.com/c_js/rtSlot/init?event=complVisit0Sec
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/rtl.js?placement=default&referer=https%3A%2F%2Fmail.soperfectmails.com%2Fowl%2Fmail%2FV0BtVqHMVtI%2Fe938b33ab0f5ef21cf9151f2384dbc52%2F38af04105afc3366d0390a0f89ac1349%3Fvertical%3D1%26template%3Dprelinker-mail-affaire-txt-6%26cid%3D3656%26utm_source%3Dpub-36-list-57%26utm_medium%3DAlexanderSeV%26clickId%3DV0BtVqHMVtI&doc_location=https%253A%252F%252Fhottieswantu.com%252Fjump%253Ftds_campaign%253Db7029shm%2526tds_id%253Db7029shm_jump_a_574076808335%2526tds_oid%253D23637%2526tds_cid%253D93135fe83b913e3d5115768249d8014cf6b723f9%2526tds_host%253Dhottieswantu.com%2526tds_ac_id%253Ds9124shm%2526dci%253Db62cfe49737f4eba1e94bad5c65200df434f851b%2526id%253D23637%2526utm_campaign%253Da74fda2a%2526utm_source%253Dddm%2526utm_content%253D%25257Butm_content%25257D%2526utm_term%253Dweb_mare_fra_b7029shm%2526data2%253D204H5C8I7HZE6JY7E1HXFUG%2526s1%253Ddd%2526_tgUrl%253DaHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

:method
GET
:authority
uf.noclef.com
:scheme
https
:path
/c_js/rtSlot/init?event=complVisit0Sec
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
visitor_id=5fa9374981f0b000333049cc; company_id=5e7394e17d80240076c64932
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1

Response headers

status
200
date
Mon, 09 Nov 2020 12:34:18 GMT
content-type
text/html; charset=utf-8
content-length
9
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
etag
W/"9-R1yEhnOj95+nePAcK9WnIdTEFwc"
vary
Accept-Encoding
track
uf.noclef.com/v1/webpush/ Frame
0
0
Other
General
Full URL
https://uf.noclef.com/v1/webpush/track?uaDataValues={}
Protocol
H2
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://hottieswantu.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Mon, 09 Nov 2020 12:34:18 GMT
content-type
text/html; charset=utf-8
content-length
4
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
POST
etag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
vary
Accept-Encoding
track
uf.noclef.com/v1/webpush/
11 B
262 B
XHR
General
Full URL
https://uf.noclef.com/v1/webpush/track?uaDataValues={}
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/webpush.js?placement=default&referer=https%3A%2F%2Fmail.soperfectmails.com%2Fowl%2Fmail%2FV0BtVqHMVtI%2Fe938b33ab0f5ef21cf9151f2384dbc52%2F38af04105afc3366d0390a0f89ac1349%3Fvertical%3D1%26template%3Dprelinker-mail-affaire-txt-6%26cid%3D3656%26utm_source%3Dpub-36-list-57%26utm_medium%3DAlexanderSeV%26clickId%3DV0BtVqHMVtI&doc_location=https%253A%252F%252Fhottieswantu.com%252Fjump%253Ftds_campaign%253Db7029shm%2526tds_id%253Db7029shm_jump_a_574076808335%2526tds_oid%253D23637%2526tds_cid%253D93135fe83b913e3d5115768249d8014cf6b723f9%2526tds_host%253Dhottieswantu.com%2526tds_ac_id%253Ds9124shm%2526dci%253Db62cfe49737f4eba1e94bad5c65200df434f851b%2526id%253D23637%2526utm_campaign%253Da74fda2a%2526utm_source%253Dddm%2526utm_content%253D%25257Butm_content%25257D%2526utm_term%253Dweb_mare_fra_b7029shm%2526data2%253D204H5C8I7HZE6JY7E1HXFUG%2526s1%253Ddd%2526_tgUrl%253DaHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
185486091df0b98cd0497e39891912209209c94df89bd989a0ab397cde61f1d4

Request headers

Referer
https://hottieswantu.com/jump?tds_campaign=b7029shm&tds_id=b7029shm_jump_a_574076808335&tds_oid=23637&tds_cid=93135fe83b913e3d5115768249d8014cf6b723f9&tds_host=hottieswantu.com&tds_ac_id=s9124shm&dci=b62cfe49737f4eba1e94bad5c65200df434f851b&id=23637&utm_campaign=a74fda2a&utm_source=ddm&utm_content=%7Butm_content%7D&utm_term=web_mare_fra_b7029shm&data2=204H5C8I7HZE6JY7E1HXFUG&s1=dd&_tgUrl=aHR0cHM6Ly9ob3R0aWVzd2FudHUuY29tL3Rkcy9zL2YzMWFkOGM4MTU1ZjExM2Y5MDA5ODE4Yjg2OWU2ODNhP19fdD0xNjA0OTI1MjU2NjM1Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 09 Nov 2020 12:34:19 GMT
status
200
x-powered-by
Express
etag
W/"b-yHl5CkQW7JVvNHB+r5i4h6FZPGk"
vary
X-HTTP-Method-Override, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
11

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery object| _ins_opt string| _pixel_url string| _pixel_scr object| adsLayer object| DataCloudEC function| _dct object| WebPushMotivationPopup object| google_tag_manager string| MtuObject function| mi object| swfobject function| _evercookie_flash_var function| Evercookie function| evercookie function| onRecaptchaLoadCallback object| ufApp object| firebase

3 Cookies

Domain/Path Name / Value
hottieswantu.com/ Name: AWSALBCORS
Value: NhxPsMHeWH5ZaChIMYObmH79i1J8+F7O2bVq6xX3JwCd1Edp2H6xEM+3qfRkge/ZhHvrx79rk+P2cRn5wRdqlFN2BjOEaQUWgMF/vlM+IaW4XyPAYWjRRx5KXxc0
hottieswantu.com/ Name: AWSALB
Value: NhxPsMHeWH5ZaChIMYObmH79i1J8+F7O2bVq6xX3JwCd1Edp2H6xEM+3qfRkge/ZhHvrx79rk+P2cRn5wRdqlFN2BjOEaQUWgMF/vlM+IaW4XyPAYWjRRx5KXxc0
.hottieswantu.com/ Name: dci
Value: b62cfe49737f4eba1e94bad5c65200df434f851b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exoclick.com
fonts.googleapis.com
fonts.gstatic.com
hottieswantu.com
mail.soperfectmails.com
main.exdynsrv.com
main.exoclick.com
main.realsrv.com
retargetcore.com
runative-syndicate.com
tsyndicate.com
uf.noclef.com
www.cdnreference.com
www.googletagmanager.com
136.243.130.121
148.251.236.138
18.197.130.184
185.124.241.2
2600:9000:21c7:8200:a:cd44:7f80:93a1
2606:2800:234:4cc4:5670:35d5:1e00:b394
2a00:1450:4001:801::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:820::2008
35.157.55.18
52.58.149.40
95.211.229.245
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
185486091df0b98cd0497e39891912209209c94df89bd989a0ab397cde61f1d4
1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda
23c8677204e3f92679bae8d25b0a8bb519bcc88f8832503695634d5ff2a5339f
30794dd9612847e82aaff223c4988f6dc918908c824edfdf0da442ac29ff633e
308f6bab318caff7af58ba7ad558db73fc3026f0fb58658f297972285fb920e3
4ec3e0ef43d699d7bd1276fbe3bb1d5d72becca9967fe24590e775567beab2dd
53cecb6be58650103848b99f7baf48d1fbbf4491100536852d521f80328a66a5
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e4f2ff5631af1f28c050f82b71604ccbcc3661c9969fae7f085341c5a00b86f
61861e4b5aa98c3f817bafc4bd0cdd6b65e0930bf131515b7e101bbee6bc3447
689e59a45100d6dd1d849064a69d7bcaf3698c9c5160d1907715886899060f7c
693ab511dfb8146a75e05a4d2b28e52a49447814bb190a092e61eb2f1ded56a7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d294896b56134da6891b38d2f6e0c13fefe2742e8c608fad0b9ab492f13ea15
6f91ef3cba11897365646cb4aca3453834134cab10cd0ad0a90384de6f60c1e8
71196fab70e5e8257abdf34834473f5e296adfd5ffd03ec3223d3b8ddcdc3e2d
757cb5ab4e0c38e098d63aa9859588466159f6af675b3116b9bd4869ddd90eae
775bfc44868c04ff21d73b8237f9d426f5e86cee32e9ce800ee4f99bd0c6bb97
7b58a94951c72705fa18e3aca84f1f9b4473d9a7b1556ba9bd02d0ef619d5897
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f09c34c4b7fc07125b5a5c84f6bbd1dde7df7f1ee059701a3660264300342f
86405fc881a496e715a7c423900cd9aa75fbf7660869ce73df54ae72838abf2a
8ed31213173020017e8100fb3afe61833a83f0fbb1300eea5ccc4f675eaecbf1
8ee92e8ea9837699eaa56e30cc6a04f627d9c576fd29eb191383617fe2ea1d68
9042daa5361c48f13935e407e0301d525ae6b0962ce43ce2c282e477ed4292c9
90c611fc0c4e1df48724d900079b213a5ed786044e0fcd38728942a4bf4dcf1e
90da4a4be0bc66ac1f82b6544ca119c151d304a32e9c35f927c73f3e816bb4d9
92058557d70af06e30b72b707ca6cb10b6003b9a328ea0ee54be4d5eb13348d5
943210c95bb4ccfaba5cd8729cb873afbad5cb126fe03ff5305049cd639ccfad
9552519c24b105cc1e7aa05d92764a8fea8e82eaba4c4b5ec1348dffa1a96351
970bc9050f98df271e1a90baf19e3ffac616b26f471ed7b086eab2f5c85edb91
9a78bc8f5a945195574e58b87eb0601b66358bd83d816601fd5230cf4256d2a1
ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53
b1a92db522b8239ad2e1ec34ea4bd2f8a726dba4b6e0049f8437d8e17c6c7a12
b8810b47d358dd8885ca63832bd86b6224f198159269550c7da2b5b65c17513a
c480f60314ec7cc36b5681a0c7837a81dbd4a6b5e9daed04fab674f65ff029b6
cb044019cea01ef195ce591e8f91060d4a19428adecd5dc844d862d12497d33e
ce12a646e971f911752f1faf64db973852c3a3d73170105d97a884ec49b51212
d0c0205ce1816b0ee75c06d49da86116ff18657f2ae7f01b3e16b84c963de26a
d32996520262a9559a26eafe3413cf1a2fe53f448da989d0493e7851f887a1b0
d7b2cd74aae2c5c066f2e57e438ef009bac1a25adab949c837437897eda10216
d9765d8cd8122190e8940d029157b74734ed9517d22edff2a554bef5d4b5122a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8b93cbef77d85827768ad2493aa09be149b11c0e0977862cce2e8740ce7c66e
fad5c1da54dec79b6d1aff5095a7b81c05d935910c046a0fb43224a60f39d5b0