Submitted URL: https://arabellah1k.encyrs.ru.com/Arabella-selfie-53
Effective URL: https://w4mhotdates2024.click/?s1=ser7
Submission: On November 20 via api from BE — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3034::ac43:aa1c, located in United States and belongs to CLOUDFLARENET, US. The main domain is w4mhotdates2024.click.
TLS certificate: Issued by WE1 on September 23rd 2024. Valid for: 3 months.
This is the only time w4mhotdates2024.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
11 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 6
Domain Requested by
11 w4mhotdates2024.click arabellah1k.encyrs.ru.com
w4mhotdates2024.click
2 arabellah1k.encyrs.ru.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com w4mhotdates2024.click
1 svntrk.com w4mhotdates2024.click
0 www.facebook.com Failed w4mhotdates2024.click
0 lh3.google.com Failed w4mhotdates2024.click
19 7

This site contains no links.

Subject Issuer Validity Valid
encyrs.ru.com
WE1
2024-10-15 -
2025-01-13
3 months crt.sh
w4mhotdates2024.click
WE1
2024-09-23 -
2024-12-22
3 months crt.sh
svntrk.com
Cloudflare Inc ECC CA-3
2023-12-28 -
2024-12-27
a year crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://w4mhotdates2024.click/?s1=ser7
Frame ID: FD81F56BAFF14051642AA1ECBB079395
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

(2) neue Nachrichten

Page URL History Show full URLs

  1. https://arabellah1k.encyrs.ru.com/Arabella-selfie-53 Page URL
  2. https://w4mhotdates2024.click/?s1=ser7 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

84 %
HTTPS

100 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

1187 kB
Transfer

1284 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://arabellah1k.encyrs.ru.com/Arabella-selfie-53 Page URL
  2. https://w4mhotdates2024.click/?s1=ser7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Arabella-selfie-53
arabellah1k.encyrs.ru.com/
292 B
925 B
Document
General
Full URL
https://arabellah1k.encyrs.ru.com/Arabella-selfie-53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
2ff5016b57502759877dba58c6af451c46ad2e7277ec997a330317aa32f1a311

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e5be29289ab1761-SJC
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 22:30:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Th95NL%2FA0y%2FU2GNQ3jeipKRRSYrTq6QH6KeFPtiGVjfUITtHNguO0FUIbZj0%2FCG6cnaJPDiBRpgbq0VmuMN8i%2FDspBljVv0AFcDoLIjob6SHVQO061%2FAasrDuioyfjRJ1UV3bkqNHbp5nMtkpMmpvLhz5crZvXfD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=153562&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4213&recv_bytes=4496&delivery_rate=156&cwnd=12000&unsent_bytes=0&cid=7e52654177c592fe&ts=901&x=1" cfExtPri cfHdrFlush;dur=0
x-powered-by
PHP/5.4.16
favicon.ico
arabellah1k.encyrs.ru.com/
292 B
936 B
Other
General
Full URL
https://arabellah1k.encyrs.ru.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
2ff5016b57502759877dba58c6af451c46ad2e7277ec997a330317aa32f1a311

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://arabellah1k.encyrs.ru.com/Arabella-selfie-53

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UZ0vlytcUUEzIgDEad1s1hf5zlkbtyh7%2BIhW6vZm8owBs%2BsbqEmk9xjZk%2BL5rcycvQ3rku8Tr6Ud8ZehTnZQbB8SjP3cot4Os7lJCB17XB1U5r3515b0DmTjAxvxZ9lGOCk8qIUtONnz5jVdDFQ%2FUghOEj8lz%2BJ5"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be297af951761-SJC
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=156606&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5185&recv_bytes=4910&delivery_rate=5328&cwnd=12000&unsent_bytes=0&cid=7e52654177c592fe&ts=1644&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 22:30:33 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.4.16
vary
Accept-Encoding
last-modified
Wed, 20 Nov 2024 22:30:33 GMT
priority
u=1,i
Primary Request /
w4mhotdates2024.click/
10 KB
4 KB
Document
General
Full URL
https://w4mhotdates2024.click/?s1=ser7
Requested by
Host: arabellah1k.encyrs.ru.com
URL: https://arabellah1k.encyrs.ru.com/Arabella-selfie-53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:aa1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f7060bc9f89afe41c3a0d9e0fbb9b629f2ae296ce1012545af3310be669a58

Request headers

Referer
https://arabellah1k.encyrs.ru.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8e5be29d894c2325-ZRH
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 22:30:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zdNY1VnVOyGpWHEAmFa3gcD2PjAPHDBgTgW2VLvKX0P7gf83H4dHkASVfnxYfIQlvEdt1rLucWEZajC%2FpoxWgAsvjZPjJsJfPij5fapMKytw1Y7EUx%2FsFJU5te3bqAWM04Q8NlMyyozI%2FEs4%2FDSqsh7Nttg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15314&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4183&recv_bytes=4453&delivery_rate=679&cwnd=12000&unsent_bytes=0&cid=c7ce30d9bfd7a57b&ts=406&x=1" cfHdrFlush;dur=0
ser7_673e630a1f67a.js
svntrk.com/assets/
0
740 B
Script
General
Full URL
https://svntrk.com/assets/ser7_673e630a1f67a.js
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/

Response headers

cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ysOCcvsCU6oR84ARUv7fFv%2BG7pop9uSbaP%2FoNOiibUXz5tuVP%2B3RMleRDwQTBt5E1vmzMDL8YypOJ4kUbK4OL86uKv%2FUsBkKSsJB1Te7js5eDun8izTCyq9ESaT2hw97fW3KuAn%2FH62"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be2a03ebbd390-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12020&sent=12&recv=11&lost=0&retrans=0&sent_bytes=3997&recv_bytes=4388&delivery_rate=850&cwnd=12000&unsent_bytes=0&cid=7e63af5d236f8c14&ts=170&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 22:30:34 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i=?0
fp.v3.646d4b3deea4287def3fdfc18906bcc7.js
w4mhotdates2024.click/scripts/
39 KB
17 KB
Script
General
Full URL
https://w4mhotdates2024.click/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:aa1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/?s1=ser7

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"673ccc03-9ca8"
age
21
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OF694S%2BuYgLmXT3SAGF2SyQK5fgCAiLnPDLsXQOO%2BScueM01TXmMAj6s0c1ZbLJFA8fxg6AGFMKLqnGA7sY7sm8GniUsSX%2FAsxbQhOVvJIoorWqkEcgnWAnRbUf6sghherEWs92ko8EA4p9f32STwRndG4g%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be29ffc102325-ZRH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14662&sent=19&recv=17&lost=0&retrans=0&sent_bytes=8742&recv_bytes=8510&delivery_rate=357233&cwnd=12000&unsent_bytes=0&cid=c7ce30d9bfd7a57b&ts=447&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 22:30:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 19 Nov 2024 17:33:55 GMT
vary
Accept-Encoding
server
cloudflare
css2
fonts.googleapis.com/
12 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dcb72a8d2478bc448bab6712de33a8370c2b3027d9ae9a079d1f4de5a6600634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 22:30:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 22:30:34 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Nov 2024 21:53:35 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
vendor.7cf3d0480cf1fce724b5ac270d4a3101.css
w4mhotdates2024.click/landings/3de/fonts/
9 KB
4 KB
Stylesheet
General
Full URL
https://w4mhotdates2024.click/landings/3de/fonts/vendor.7cf3d0480cf1fce724b5ac270d4a3101.css
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:aa1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3992ab489e123d0362083e8109ba07800d3c537e9281ef44f2079365fc0b820

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/?s1=ser7

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"673ccbb2-251a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3rG8q7phQojMNT0FVs3SKT%2BEpED3nobtQg38Q9akRd0Fk49nAPuWzEJNFgc5GoON%2Fduvz%2FKM7Ymhfsx%2FYSN4fEzi8DZ5RV%2FyZdL5kEtFirYgpCcVBz2EEPjw01jOZZ04M4qpLwxvHbHOGdJgV70cDa5EnmQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be29ffc132325-ZRH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14457&sent=37&recv=25&lost=0&retrans=0&sent_bytes=27607&recv_bytes=8854&delivery_rate=198952&cwnd=22800&unsent_bytes=0&cid=c7ce30d9bfd7a57b&ts=768&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 22:30:34 GMT
content-type
text/css
last-modified
Tue, 19 Nov 2024 17:32:34 GMT
vary
Accept-Encoding
server
cloudflare
vendor.e0403827fa0925451e88c3b57c3e9f41.js
w4mhotdates2024.click/landings/3de/js/
96 KB
35 KB
Script
General
Full URL
https://w4mhotdates2024.click/landings/3de/js/vendor.e0403827fa0925451e88c3b57c3e9f41.js
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:aa1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6020be1876e6ead7dbe2a3d8ae83a6833e873d3648fb52a34c7448f42d6b2853

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/?s1=ser7

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"673ccbb2-17e24"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7qLLEAC%2FKb%2BTl6GHRAWLPkwLWVUKRY%2B3qo3CLoZeipjjYFD8GXQDVnt8dCVWRtZDb7Ckf8N5eIuEnSWR9ffZLTCzoRmCUUbh%2FQiXiGpXeuxwh1fA%2BttB15tFSEtxdqFkWaMP5b2uvfITjCpLrlt214XkIvs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be29ffc152325-ZRH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13140&sent=58&recv=37&lost=0&retrans=0&sent_bytes=49333&recv_bytes=10910&delivery_rate=165940&cwnd=22800&unsent_bytes=0&cid=c7ce30d9bfd7a57b&ts=1006&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 22:30:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 19 Nov 2024 17:32:34 GMT
vary
Accept-Encoding
server
cloudflare
18.png
w4mhotdates2024.click/landings/3de/img/
687 B
1 KB
Image
General
Full URL
https://w4mhotdates2024.click/landings/3de/img/18.png
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:aa1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
818a47981bfc946ca84dc0dc574e164baaaed2d88d54be76381be58e98d8d1fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/?s1=ser7

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"673ccbb2-2af"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NlbjgAl9CkZhbalXBxnpJDhtx59WF9y%2FLdjbtz3c6R%2FP2%2F6c%2Fc%2BqrkPCeXcr8aRs8w8FjaAQ3aJA5lHfKXH3OA5WBHDOp26bPB%2BaoEQ1tqMmRDyvOeve7dPhciyi3tncE%2FX7skJVTliDCF2xkyOED8LYqPw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be29ffc172325-ZRH
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14457&sent=35&recv=25&lost=0&retrans=0&sent_bytes=26231&recv_bytes=8854&delivery_rate=198952&cwnd=22800&unsent_bytes=0&cid=c7ce30d9bfd7a57b&ts=764&x=1", cfHdrFlush;dur=0
content-length
687
date
Wed, 20 Nov 2024 22:30:34 GMT
content-type
image/png
last-modified
Tue, 19 Nov 2024 17:32:34 GMT
vary
Accept-Encoding
server
cloudflare
p1.jpg
w4mhotdates2024.click/landings/3de/img/
16 KB
17 KB
Image
General
Full URL
https://w4mhotdates2024.click/landings/3de/img/p1.jpg
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:aa1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f39c90507a09fbb725c22a25d7c9183711112401bf914ff1b34f53de22e0902c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/?s1=ser7

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"673ccbb2-401c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s77RV6rirhu84kU5nj5gjVy4Ibvy6dle%2B0pBWbehvYyyJB8z7DNC1osfdYQTrbQS9%2F%2FSSC2V40tbPqyJZCauVsWVldoprrNiCRwsyzA1%2FHjVhPLUyRBeLXrA%2Fl6YBNRI6wrKGT2mshO1CrYxtb%2F8UPLTn0E%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be29ffc192325-ZRH
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14807&sent=42&recv=29&lost=0&retrans=0&sent_bytes=31891&recv_bytes=9793&delivery_rate=450036&cwnd=22800&unsent_bytes=0&cid=c7ce30d9bfd7a57b&ts=874&x=1", cfHdrFlush;dur=0
content-length
16412
date
Wed, 20 Nov 2024 22:30:34 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 17:32:34 GMT
vary
Accept-Encoding
server
cloudflare
p2.jpg
w4mhotdates2024.click/landings/3de/img/
11 KB
12 KB
Image
General
Full URL
https://w4mhotdates2024.click/landings/3de/img/p2.jpg
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:aa1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71f2330cb4b51d368c99345cc8599192073a95924d191009076ec1284c6d760b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/?s1=ser7

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"673ccbb2-2c37"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dwa6%2FyqY1FNWXRe3YGGtnXcq9aojclidyv0NuHGUso1I6eG0%2Bv5%2B31Mpb6AC7ToG7k4qSPPtr1D84qO2iicP4wZBiDF7jelbrBNGzUWVkrqMCOIy%2FXd5ZcjBP%2F9Nuhc6bD2DrG5NVKWmYXU9wAFWNSwZhL4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be2a22eeb2325-ZRH
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15685&sent=92&recv=56&lost=0&retrans=0&sent_bytes=86499&recv_bytes=14049&delivery_rate=158707&cwnd=39600&unsent_bytes=0&cid=c7ce30d9bfd7a57b&ts=1126&x=1", cfHdrFlush;dur=0
content-length
11319
date
Wed, 20 Nov 2024 22:30:34 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 17:32:34 GMT
vary
Accept-Encoding
server
cloudflare
p3.jpg
w4mhotdates2024.click/landings/3de/img/
19 KB
20 KB
Image
General
Full URL
https://w4mhotdates2024.click/landings/3de/img/p3.jpg
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:aa1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfda64c94888fd2875a641561df5210d0ee3d318b15c1b2e51c4e80fe0550078

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/?s1=ser7

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"673ccbb2-4c78"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B9duN8kVjAqUOyldU39q1RJLuTJeenM49XHb6TXlBFvxV%2BqaBVQtMMhPhCiNPE70PX%2BmEEwS2C49cKKXaDbmIp0HXMOQO4oHR9MJ03o4bTe6hwyjy7fFipg3ZZ7Th7mc11HzfvSjIC62FZs%2BF83IQ0XkX64%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be2a2dfc52325-ZRH
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14284&sent=103&recv=62&lost=0&retrans=0&sent_bytes=98726&recv_bytes=14314&delivery_rate=140199&cwnd=39600&unsent_bytes=0&cid=c7ce30d9bfd7a57b&ts=1529&x=1", cfHdrFlush;dur=0
content-length
19576
date
Wed, 20 Nov 2024 22:30:35 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 17:32:34 GMT
vary
Accept-Encoding
server
cloudflare
p4.jpg
w4mhotdates2024.click/landings/3de/img/
20 KB
21 KB
Image
General
Full URL
https://w4mhotdates2024.click/landings/3de/img/p4.jpg
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:aa1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fb82ff1c9e2b67fd671791b9b8606753989d59d4926fc00db62957bf81fed7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/?s1=ser7

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"673ccbb2-4faa"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Q1NJ4%2FiohE2pbv6c%2FPgoxYkPRzYRuG%2B3j50KfAXlqpYyMRKeqm5C8EgmtPy%2BAr9RJa2lvzEHLSZ1ah1SKPye7BxTwlOEMx96W2a7k8BroMU9K0fjXof%2BEmqjUSPeEkOpNHQLJlxUBnhTarP0vGxjDITdbM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be2a3d8f12325-ZRH
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14314&sent=121&recv=65&lost=0&retrans=0&sent_bytes=119386&recv_bytes=14447&delivery_rate=1431673&cwnd=39600&unsent_bytes=0&cid=c7ce30d9bfd7a57b&ts=1640&x=1", cfHdrFlush;dur=0
content-length
20394
date
Wed, 20 Nov 2024 22:30:35 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 17:32:34 GMT
vary
Accept-Encoding
server
cloudflare
p5.gif
w4mhotdates2024.click/landings/3de/img/
989 KB
990 KB
Image
General
Full URL
https://w4mhotdates2024.click/landings/3de/img/p5.gif
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/?s1=ser7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:aa1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466e43fc190ebe18e1c5cfd9a1503000883d2c56a27eae185e82bdf1c46a1985

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/?s1=ser7

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"673ccbb2-f7447"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xNXTwoLsdV4jlqBlmJhqRieZVG0TrKRlxvxl%2FiZX%2FTZwsk8J%2BGciIGqjjRkcSKOo6KqHA3rTrWchWBohHNyaTs6PM%2Fho7NOIs8vE3KYwnVbQxdziwwmaQDaW%2FdYFi8YrVqKl3DgiRfRUdue6udj0F2MV0qk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be2a3d8f42325-ZRH
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13834&sent=139&recv=67&lost=0&retrans=0&sent_bytes=140867&recv_bytes=14536&delivery_rate=1752028&cwnd=39600&unsent_bytes=0&cid=c7ce30d9bfd7a57b&ts=1768&x=1", cfHdrFlush;dur=0
content-length
1012807
date
Wed, 20 Nov 2024 22:30:35 GMT
content-type
image/gif
last-modified
Tue, 19 Nov 2024 17:32:34 GMT
vary
Accept-Encoding
server
cloudflare
bg.jpg
w4mhotdates2024.click/landings/3de/img/
14 KB
15 KB
Image
General
Full URL
https://w4mhotdates2024.click/landings/3de/img/bg.jpg
Requested by
Host: w4mhotdates2024.click
URL: https://w4mhotdates2024.click/landings/3de/fonts/vendor.7cf3d0480cf1fce724b5ac270d4a3101.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:aa1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3356d5f76899c9c829ca879052cffd539216431788a8bcd1e87c86223c1e7978

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://w4mhotdates2024.click/landings/3de/fonts/vendor.7cf3d0480cf1fce724b5ac270d4a3101.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"673ccbb2-38f1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8XQ1orNljjU21Ackn04NJla8gZrUfO%2B2e95eXSJ1gY1xvjskxmNUPTbSINeXIfkFeXCgEzNdaWU5Fkjee0Kg1h1e3SKVcLyWVfa1HL1VTatSD1L%2FvNipU3TzUCJa2Vv8W%2FR%2BKyWN1MYebuKdMEC8UlA2O0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5be2a3d8f72325-ZRH
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13822&sent=166&recv=70&lost=0&retrans=0&sent_bytes=172996&recv_bytes=14671&delivery_rate=2374912&cwnd=39600&unsent_bytes=0&cid=c7ce30d9bfd7a57b&ts=1787&x=1", cfHdrFlush;dur=0
content-length
14577
date
Wed, 20 Nov 2024 22:30:35 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 17:32:34 GMT
vary
Accept-Encoding
server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://w4mhotdates2024.click
Referer
https://fonts.googleapis.com/

Response headers

age
174671
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 18 Nov 2025 21:59:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 21:59:23 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
lh3.google.com/u/0/d/
0
0

like.php
www.facebook.com/v14.0/plugins/
0
0

favicon.png
w4mhotdates2024.click/landings/3de/img/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lh3.google.com
URL
https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
Domain
www.facebook.com
URL
https://www.facebook.com/v14.0/plugins/like.php
Domain
w4mhotdates2024.click
URL
https://w4mhotdates2024.click/landings/3de/img/favicon.png

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FingerprintJS function| getScreenInfo function| getUserAgent function| getLanguages function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| picassoCanvas function| picasso function| getVideoCardInfo function| deviceOrientationHandler string| thirdParty object| fpPromise function| changeFooterPosition function| openPopup function| clickButton function| nextStep function| getTimezone function| $ function| jQuery number| randomnumber boolean| sf

4 Cookies

Domain/Path Name / Value
w4mhotdates2024.click/ Name: XSRF-TOKEN
Value: eyJpdiI6IlRocDNsSGYreHlXM20rZzhoRGJRd1E9PSIsInZhbHVlIjoiTnhtcjRwWHJsb2V5QjN5b21mcUJoRUtlaTFKaklubmJBWEFFUFhqeFpuZEQxRDZkQ1BFMytXMUlVem1nTTRWdyIsIm1hYyI6IjU2NTBkZWQ3ZjU5MjhiNmY0YTMyZWE1MTJiMzg2NGIyMTIyMzI4MTFkMjg3YjM3NTRlZDUzMWY5ODkyZjNjYzcifQ%3D%3D
w4mhotdates2024.click/ Name: laravel_session
Value: eyJpdiI6ImdkRTVNcTB1MTRQUFRYT3AyZGRLS0E9PSIsInZhbHVlIjoiZG9leFpGeFdsUnhiOUptdnhyZG9VUzlqbmwzcW9Ea2R4VGxLUzFTdmFsUklTSytiWTk0MUthdUhKMlFIMnFZSyIsIm1hYyI6ImQ3YWM2MzM4YzY4ZDNhODAxZGJmYTFkMjgxYjM2NWMzNzRjMjRhM2YzNjUzNzk4YTQ5MmFmM2ViZDRjM2M1MmMifQ%3D%3D
w4mhotdates2024.click/ Name: SRVNAME
Value: w1
svntrk.com/ Name: svnimp
Value: 673e630a5585e

2 Console Messages

Source Level URL
Text
rendering warning URL: https://w4mhotdates2024.click/?s1=ser7
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A040D50DFC130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://w4mhotdates2024.click/?s1=ser7
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F01C00FC130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.