urlscan.io logo urlscan.io
SecurityTrails logo

queitho.com Open in urlscan Pro
2606:4700:3032::ac43:a9ed  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/3GTxdrN
Effective URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b...
Submission: On December 22 via manual from VN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3032::ac43:a9ed, located in United States and belongs to CLOUDFLARENET, US. The main domain is queitho.com.
TLS certificate: Issued by E1 on November 15th 2023. Valid for: 3 months.
This is the only time queitho.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 3 192.232.223.37 46606 (UNIFIEDLA...)
4 5 172.255.248.125 7979 (SERVERS-COM)
11 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 7
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
3    192.232.223.37 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-232-223-37.unifiedlayer.com
2cu.link
5    172.255.248.125 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)
go.gkrtmc.com
11    2606:4700:3032::ac43:a9ed (United States)

ASN13335 (CLOUDFLARENET, US)
queitho.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
oacenom.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
11 queitho.com
queitho.com
485 KB
5 gkrtmc.com
go.gkrtmc.com — Cisco Umbrella Rank: 583405
7 KB
3 2cu.link
2cu.link
1 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
fonts.googleapis.com — Cisco Umbrella Rank: 29
31 KB
1 gstatic.com
fonts.gstatic.com
24 KB
1 oacenom.com
oacenom.com
1 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 5695
456 B
18 7
Domain Requested by
11 queitho.com go.gkrtmc.com
queitho.com
5 go.gkrtmc.com 4 redirects 2cu.link
3 2cu.link 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com queitho.com
1 ajax.googleapis.com queitho.com
1 oacenom.com queitho.com
1 bit.ly 1 redirects
18 8

This site contains no links.

Subject Issuer Validity Valid
autodiscover.mmz.nex.temporary.site
R3		 2023-12-08 -
2024-03-07		 3 months crt.sh
track.cpamatica.com
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
queitho.com
E1		 2023-11-15 -
2024-02-13		 3 months crt.sh
oacenom.com
E1		 2023-11-04 -
2024-02-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Frame ID: 7FF3D0F368CE0B30D9DA3B3B311B5874
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Are you looking for hot dates in your neighborhood?

Page URL History Show full URLs

  1. http://bit.ly/3GTxdrN HTTP 301
    https://2cu.link/d/tracking202/redirect/dl.php?t202id=13091&t202kw=D14 HTTP 302
    https://2cu.link/d/tracking202/redirect/cl.php?pci=878257 Page URL
  2. https://2cu.link/d/tracking202/redirect/cl2.php?q=https%3A%2F%2Fgo.gkrtmc.com%2Faff_c%3Foffer... Page URL
  3. https://go.gkrtmc.com/aff_c?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_... HTTP 302
    https://go.gkrtmc.com/cl?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_sub... Page URL
  4. https://go.gkrtmc.com/aff_c?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_... HTTP 302
    https://go.gkrtmc.com/aff_c?offer_id=7107&aff_id=52032&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-soc... HTTP 302
    https://go.gkrtmc.com/aff_c?offer_id=9949&aff_id=52032&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-soc... HTTP 302
    https://queitho.com/client?camp=s3&aff_id=2&aff_sub=52032&source=&aff_sub2=paid-social&click_id=... Page URL
  5. https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

543 kB
Transfer

709 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/3GTxdrN HTTP 301
    https://2cu.link/d/tracking202/redirect/dl.php?t202id=13091&t202kw=D14 HTTP 302
    https://2cu.link/d/tracking202/redirect/cl.php?pci=878257 Page URL
  2. https://2cu.link/d/tracking202/redirect/cl2.php?q=https%3A%2F%2Fgo.gkrtmc.com%2Faff_c%3Foffer_id%3D9587%26aff_id%3D52032%26url_id%3D17074%26aff_sub%3D7825%26aff_sub2%3DD14%26aff_sub5%3Dpaid-social%26click_id%3D0&r=origin Page URL
  3. https://go.gkrtmc.com/aff_c?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0 HTTP 302
    https://go.gkrtmc.com/cl?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c Page URL
  4. https://go.gkrtmc.com/aff_c?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c HTTP 302
    https://go.gkrtmc.com/aff_c?offer_id=7107&aff_id=52032&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c&last=2 HTTP 302
    https://go.gkrtmc.com/aff_c?offer_id=9949&aff_id=52032&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c&last=3 HTTP 302
    https://queitho.com/client?camp=s3&aff_id=2&aff_sub=52032&source=&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014 Page URL
  5. https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bit.ly/3GTxdrN HTTP 301
  • https://2cu.link/d/tracking202/redirect/dl.php?t202id=13091&t202kw=D14 HTTP 302
  • https://2cu.link/d/tracking202/redirect/cl.php?pci=878257
Request Chain 2
  • https://go.gkrtmc.com/aff_c?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0 HTTP 302
  • https://go.gkrtmc.com/cl?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c
Request Chain 3
  • https://go.gkrtmc.com/aff_c?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c HTTP 302
  • https://go.gkrtmc.com/aff_c?offer_id=7107&aff_id=52032&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c&last=2 HTTP 302
  • https://go.gkrtmc.com/aff_c?offer_id=9949&aff_id=52032&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c&last=3 HTTP 302
  • https://queitho.com/client?camp=s3&aff_id=2&aff_sub=52032&source=&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
cl.php
2cu.link/d/tracking202/redirect/
Redirect Chain
  • http://bit.ly/3GTxdrN
  • https://2cu.link/d/tracking202/redirect/dl.php?t202id=13091&t202kw=D14
  • https://2cu.link/d/tracking202/redirect/cl.php?pci=878257
1013 B
564 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2cu.link/d/tracking202/redirect/cl.php?pci=878257
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.232.223.37 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-232-223-37.unifiedlayer.com
Software
Apache /
Resource Hash
8186eb5cde2cf1726a2f56fb1a4a87107fbdadb7010162a9fcb0f3af566638f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=7200
content-encoding
gzip
content-length
469
content-type
text/html; charset=UTF-8
date
Fri, 22 Dec 2023 08:45:08 GMT
expires
Fri, 22 Dec 2023 10:45:08 GMT
server
Apache
vary
Accept-Encoding
x-newfold-cache-level
2

Redirect headers

cache-control
max-age=7200
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 22 Dec 2023 08:45:07 GMT
expires
Fri, 22 Dec 2023 10:45:07 GMT
location
https://2cu.link/d/tracking202/redirect/cl.php?pci=878257
server
Apache
x-newfold-cache-level
2
cl2.php
2cu.link/d/tracking202/redirect/ 		707 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2cu.link/d/tracking202/redirect/cl2.php?q=https%3A%2F%2Fgo.gkrtmc.com%2Faff_c%3Foffer_id%3D9587%26aff_id%3D52032%26url_id%3D17074%26aff_sub%3D7825%26aff_sub2%3DD14%26aff_sub5%3Dpaid-social%26click_id%3D0&r=origin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.232.223.37 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-232-223-37.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

Referer
https://2cu.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=7200
content-encoding
gzip
content-length
329
content-type
text/html; charset=UTF-8
date
Fri, 22 Dec 2023 08:45:08 GMT
expires
Fri, 22 Dec 2023 10:45:08 GMT
server
Apache
vary
Accept-Encoding
x-newfold-cache-level
2
cl
go.gkrtmc.com/
Redirect Chain
  • https://go.gkrtmc.com/aff_c?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0
  • https://go.gkrtmc.com/cl?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.gkrtmc.com/cl?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c
Requested by
Host: 2cu.link
URL: https://2cu.link/d/tracking202/redirect/cl2.php?q=https%3A%2F%2Fgo.gkrtmc.com%2Faff_c%3Foffer_id%3D9587%26aff_id%3D52032%26url_id%3D17074%26aff_sub%3D7825%26aff_sub2%3DD14%26aff_sub5%3Dpaid-social%26click_id%3D0&r=origin
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.255.248.125 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://2cu.link/d/tracking202/redirect/cl2.php?q=https%3A%2F%2Fgo.gkrtmc.com%2Faff_c%3Foffer_id%3D9587%26aff_id%3D52032%26url_id%3D17074%26aff_sub%3D7825%26aff_sub2%3DD14%26aff_sub5%3Dpaid-social%26click_id%3D0&r=origin
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store no-store, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Fri, 22 Dec 2023 08:45:08 GMT
ETag
W/"5c9-oFjIXwfMQeMn7DH3baejRaj7XQY"
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0

Redirect headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Length
366
Content-Security-Policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Fri, 22 Dec 2023 08:45:08 GMT
Location
https://go.gkrtmc.com/cl?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0
client
queitho.com/
Redirect Chain
  • https://go.gkrtmc.com/aff_c?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c
  • https://go.gkrtmc.com/aff_c?offer_id=7107&aff_id=52032&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c&last=2
  • https://go.gkrtmc.com/aff_c?offer_id=9949&aff_id=52032&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c&last=3
  • https://queitho.com/client?camp=s3&aff_id=2&aff_sub=52032&source=&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://queitho.com/client?camp=s3&aff_id=2&aff_sub=52032&source=&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014
Requested by
Host: go.gkrtmc.com
URL: https://go.gkrtmc.com/cl?offer_id=9587&aff_id=52032&url_id=17074&aff_sub=7825&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10ebae451437a686fb5e432fe1754c3852bfd37c2781d9d89cd92740ec0903b6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://oacenom.com https://openfpcdn.io/fingerprintjs/v4; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://oacenom.com https://openfpcdn.io/fingerprintjs/v4
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://go.gkrtmc.com/cl?offer_id=10170&aff_id=47487&url_id=17074&aff_sub=52032&aff_sub2=D14&aff_sub5=paid-social&click_id=0&bofc=aff_c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=86400
cache-control
no-store no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
83971644196d3c83-CDG
content-encoding
br
content-security-policy
default-src 'self' https://oacenom.com https://openfpcdn.io/fingerprintjs/v4; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://oacenom.com https://openfpcdn.io/fingerprintjs/v4
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 22 Dec 2023 08:45:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnI%2FXk65SRjjj0jWg7zQ44i5sU0yHfYtDR77g4OvFIOidGGsHolOfvxbr3SsL%2Fjb11faSXHYwdeFEpRDey3AkF8n4bUYV6IeNu8rjg7oR2OMBg8WQ5sSh0f4JEXUbtyKFG0OnTqM16NGjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0

Redirect headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Length
368
Content-Security-Policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Fri, 22 Dec 2023 08:45:08 GMT
Location
https://queitho.com/client?camp=s3&aff_id=2&aff_sub=52032&source=&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0
ckset
oacenom.com/ 		117 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oacenom.com/ckset
Requested by
Host: queitho.com
URL: https://queitho.com/client?camp=s3&aff_id=2&aff_sub=52032&source=&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fd161d8fef622e2216552a2432e0f5842c34fd80384e3a440d55adead4f9ded
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 08:45:09 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
content-length
117
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"75-F91ZPTV1zwEWlXbF/UORiKybOx4"
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sd7t4PcW48R%2Bj6EYSLY4T1uiL2eMdT%2FEwNlaSc3aX%2FE8MGL59OGNpCFZCUEACzoL%2BxjRGJMj2tfY%2F86lNzCp2p6M%2B%2FR4lTlApFCQZrFsu833LhgC1JZGRXGwtJwlXUHU1NswfwEuUqMGAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://queitho.com
origin-agent-cluster
?1
access-control-allow-credentials
true
cf-ray
839716479c873c99-CDG
visit
queitho.com/ 		737 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://queitho.com/visit?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=s3&p_camp=&bstep=&sid=&efcn=custom-unknown&cntp=custom-unknown&sch=&scw=&vph=&vpw=&lt=
Requested by
Host: queitho.com
URL: https://queitho.com/client?camp=s3&aff_id=2&aff_sub=52032&source=&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e76fcf1e4a13f2321b60bc987bbaae6a533cc2d6f27eefc3016bed8d68d9efb
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Dec 2023 08:45:09 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
content-length
737
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"2e1-p6Rb00DoBMIXYFmduVXjIx4H4p8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul7w1riKBjWAe0U%2FHKn2zQSE8DQKJu2GKOrIUwWH1BtAkDg55CQYSOzel%2Bb0spnMp73vXUQhCdQqXGtowvl9L9OuA93oOCLvVSLTQEf0aySdNOLf1YNyr8txg0pd9MOIzsaX%2FUplZNzzqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
cache-control
no-store, no-store, no-cache
cf-ray
839716482dab3c83-CDG
fl
queitho.com/ 		375 B
700 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://queitho.com/fl?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=&sid=s3&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=
Requested by
Host: queitho.com
URL: https://queitho.com/client?camp=s3&aff_id=2&aff_sub=52032&source=&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Dec 2023 08:45:09 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
content-length
375
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"177-tC3TTO29Z24jqY5V4FEWvHk7j/U"
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0veJ8lnD4CNtXP3OPfIHjB6mo85H%2FUgMr0tBmqpWCRzAFEZcD79jBOg4dcXn9aLPjbMBsNsdr1DVq7PU7cJi4BWL1d86Is5%2FMrzHBLt1l5j2XlfUM4JKXKKTwvSfdXrhbggfXrltskENAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
cache-control
no-store, no-store, no-cache
cf-ray
83971648ae973c83-CDG
Primary Request /
queitho.com/lands/adult/3/ 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Requested by
Host: queitho.com
URL: https://queitho.com/client?camp=s3&aff_id=2&aff_sub=52032&source=&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
692c5ec43a9da07576846f521ee6b07cf0877643bf472c685d4b860cc4994e2b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
8397164a1a8e0be9-AMS
content-encoding
br
content-type
text/html
date
Fri, 22 Dec 2023 08:45:10 GMT
last-modified
Thu, 12 Oct 2023 11:02:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0pRe15Ysj9StShEfB44I3UlGoruuAiOT1keweE9W8GXXsiekCRVwSJxggAiXfyNAooiFcGx5KX4toj7wlW0Fuaoh5hV3pTRkX4mygqmuxnT13s6RbpL8c7VSrVGNgS6WbFqEo7ygWvZSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
main.css
queitho.com/lands/adult/3/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://queitho.com/lands/adult/3/main.css
Requested by
Host: queitho.com
URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa9900b9bf020eede06bb0fdeb24986923b453bf8deaa23798ce7197c10d372b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 08:45:10 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 31 Jul 2023 14:41:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64c7c82d-4594"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGlBWtVvSDTDbFB2CE8na5sk83hxV%2BW8UjMVawU0NO5CPkbetf2yOM8v0UWWMjtMB0J%2FyC47Z6xh2z7PCGqsoUEbbOxc49v9Yc5jGWCy3nZcajFj7ig5w6XL2SXK47DE5ez%2FCHsy%2F7sm4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-store, no-cache
cf-ray
8397164acb1b0be9-AMS
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: queitho.com
URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queitho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30211
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 17:28:05 GMT
default-eight.js
queitho.com/lands/js/ 		106 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://queitho.com/lands/js/default-eight.js
Requested by
Host: queitho.com
URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82960acde1990cb5fe04eb5a54c1f0b7b62d499950f1f5d5406f6191d4bf5362

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 08:45:10 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 31 Jul 2023 14:41:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64c7c82d-1a7c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtWICKVY2D6M9Xeeq46PjtLFsEzTxv1N6boxNZZQldhl42jMdwmgoo2SMIlq9zpWEhZJZHl322TOVD825muoCwWUHrB0U4xmW9oQIaKIZ8inaApuTup7L6Oa%2F%2BQUklHs6O5rSBl%2F56%2Bulw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache
cf-ray
8397164acb1d0be9-AMS
alt-svc
h3=":443"; ma=86400
question-gatherer.js
queitho.com/lands/js/ 		1 KB
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://queitho.com/lands/js/question-gatherer.js
Requested by
Host: queitho.com
URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f20034db9adbfa753533c632802b887dfcdccb6b4030a06dfa29f0780459216a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 08:45:10 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 12 Oct 2023 11:02:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6527d24d-4db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kXMZBiY%2Fl81nY9%2BV4ZLSWXIh2YMGXkkG0Nn4pN1tPmN%2Fg7it%2B5stzgdAqjV9C9kCO93AgrQOZSIjqITk%2Fsdd%2Fl0euid%2BqySsIRZ94EHY6JYFmCPBfB0Y3%2FN2gxGCX%2FG%2FYwZ0JC3S6j81A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache
cf-ray
8397164acb1e0be9-AMS
alt-svc
h3=":443"; ma=86400
track-logic.js
queitho.com/lands/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://queitho.com/lands/js/track-logic.js
Requested by
Host: queitho.com
URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c194db140b0696df837569822e9051084f9aeb99d1f0e65bf8feaaaee3b8f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 08:45:10 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Tue, 07 Nov 2023 11:08:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654a1acb-c14"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10IQv0G0Vm7QDf3qBQKCeIaZv8%2FSIhMhnkPXMIJ9RG0KH33bpt7bHUg30SyyogeFpZzMmgkHRkN9OJRUpmP%2FF2GmL3BG97bHrSMY%2FHPz45LLWWgreeQKLo3%2BhNEuHVTjtYvXxN2Eftnh5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache
cf-ray
8397164acb1f0be9-AMS
alt-svc
h3=":443"; ma=86400
js.js
queitho.com/lands/adult/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://queitho.com/lands/adult/3/js.js
Requested by
Host: queitho.com
URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc10a476dcc3ccfddfb06b82d411d96a069bb7b1df5d5a0e3d49133cada15021

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 08:45:10 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 12 Oct 2023 11:02:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6527d24d-649"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M71VU7vpQw4%2FnIAUODf2sLvuEcoB9zHvRFY5%2FozCQt99fBAuXQFWMdZy8RjnM6aoso%2BEF0%2BY33jvma%2BL%2FoFPmEq2k00rJZTFcsuxYLL5z3fqpt1dgJirbkHAThhY4CMqOcclKx%2FRiAKPRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache
cf-ray
8397164acb200be9-AMS
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		717 B
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&subset=latin-ext
Requested by
Host: queitho.com
URL: https://queitho.com/lands/adult/3/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queitho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Dec 2023 08:45:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 08:37:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Dec 2023 08:45:10 GMT
1.jpg
queitho.com/lands/adult/3/ 		452 KB
452 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://queitho.com/lands/adult/3/1.jpg
Requested by
Host: queitho.com
URL: https://queitho.com/lands/adult/3/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1888b272b99043d11cdd13f23dc9311f0176222d695074b2cdb6349dd50cd4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queitho.com/lands/adult/3/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 08:45:10 GMT
cf-cache-status
BYPASS
last-modified
Mon, 31 Jul 2023 08:41:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64c773a0-70e13"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSi2HQR31cufhPcIQaOIvLqMngGHaVlxBOqVYOexTZoq9HKaCXdq9wKMj50dtBizkiaA%2BWjvdTDDhHZglTpmB2t1jWqh3iA2wRtNQvWq%2Bu2ynQeVrS%2FxOreMVqnYVF%2F8oT0hIevKo%2BsbOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-store, no-cache
accept-ranges
bytes
cf-ray
8397164c0cc20be9-AMS
alt-svc
h3=":443"; ma=86400
content-length
462355
pattern.png
queitho.com/lands/adult/3/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://queitho.com/lands/adult/3/pattern.png
Requested by
Host: queitho.com
URL: https://queitho.com/lands/adult/3/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queitho.com/lands/adult/3/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 08:45:10 GMT
cf-cache-status
BYPASS
last-modified
Mon, 31 Jul 2023 08:41:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64c773a0-af1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqA9B9UPKkLsZiZnpnyFdgQ%2BUbgnUBuwnzA3w1JOxisFej5oW9qTkEMSsvLcU7RyZq9zSx8N8pNApJZ1CoFrycZ%2BhHrp1IPjucDSh%2FIyAkOolBepZbyGXL9T6uZWiw1CJn0Prsh3a24n5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-store, no-cache
accept-ranges
bytes
cf-ray
8397164c0cc50be9-AMS
alt-svc
h3=":443"; ma=86400
content-length
2801
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://queitho.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:36:20 GMT
x-content-type-options
nosniff
age
320930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 15:36:20 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery string| lang function| setQuestionPopulateListeners function| getElementsWithDataset function| buttonReturn function| addLoadHistory function| getGackUrl function| getBackParams function| recursiveFetch function| postJson function| pushHistory function| getCurrentQueryParams function| fromEntries function| msSpentOnSite

12 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: nbm8J6-dcd9c09cf6b8cf5e4a-005
.2cu.link/ Name: tracking202subid-legacy
Value: 7825
.2cu.link/ Name: tracking202subid_a_328-legacy
Value: 7825
.2cu.link/ Name: tracking202subid
Value: 7825
.2cu.link/ Name: tracking202subid_a_328
Value: 7825
.go.gkrtmc.com/ Name: language
Value: de
.go.gkrtmc.com/ Name: 9949
Value: 37_52032_9949_2dc9354a1b072b86feb4c876bbbac014
.go.gkrtmc.com/ Name: op_9949
Value: 0
.go.gkrtmc.com/ Name: user_id
Value: 14126f0b-cc65-4233-8686-8a00efa95096_325e64f53bc4763f7977b47b4e3c9fec
.oacenom.com/ Name: mastidencook
Value: d32f67f5-8400-45d8-a0aa-04c3302b2d63_3d06c35d285cec67154be048ebb1d7f2
.queitho.com/ Name: browserLanguage
Value: de
.queitho.com/ Name: userId
Value: 95bbfa07-f4c3-4433-b756-e681deccac43_03bb1f73a39484adbd213aa59a8fe5a2

1 Console Messages

Source Level URL
Text
rendering warning URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=52032&aff_sub2=paid-social&click_id=37_52032_9949_2dc9354a1b072b86feb4c876bbbac014&source=&ttype=direct&camp=f104&sl_cid=f5eaffe8-655b-45d5-8d84-37f823429d99_2ae6935c57f56ad766dba3e9f101bc31&p_camp=&bstep=0&sid=s3&fnlid=2248&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0(Line 5)
Message:
The value "false" for key "user-scalable" is invalid, and has been ignored.