urlscan.io logo urlscan.io
SecurityTrails logo

flirtymeetz.com Open in urlscan Pro
2606:4700:3032::6812:2c0d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/2RGG2Mz
Effective URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Submission: On April 18 via manual from VE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 13 domains to perform 45 HTTP transactions. The main IP is 2606:4700:3032::6812:2c0d, located in United States and belongs to CLOUDFLARENET, US. The main domain is flirtymeetz.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 25th 2020. Valid for: 7 months.
This is the only time flirtymeetz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
3    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tl-ws.blogspot.com
1    2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
12    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:81d::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
1    51.15.22.18 (Haarlem, Netherlands)

ASN12876 (Online SAS, FR)
PTR: i.ibb.co
i.ibb.co
1    2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
themes.googleusercontent.com
10    184.171.242.5 (Orlando, United States)

ASN33182 (DIMENOC, US)
PTR: single-4730.banahosting.com
dk3.us
tracking-all-traffic.offerdirecto.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
13    2606:4700:3032::6812:2c0d (United States)

ASN13335 (CLOUDFLARENET, US)
flirtymeetz.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Domain Requested by
13 flirtymeetz.com tracking-all-traffic.offerdirecto.com
flirtymeetz.com
12 www.google-analytics.com 2 redirects tl-ws.blogspot.com
dk3.us
tracking-all-traffic.offerdirecto.com
8 tracking-all-traffic.offerdirecto.com 6 redirects dk3.us
tracking-all-traffic.offerdirecto.com
3 fonts.gstatic.com tl-ws.blogspot.com
flirtymeetz.com
3 tl-ws.blogspot.com tl-ws.blogspot.com
2 stats.g.doubleclick.net
2 dk3.us 1 redirects tl-ws.blogspot.com
2 www.blogger.com tl-ws.blogspot.com
1 fonts.googleapis.com flirtymeetz.com
1 themes.googleusercontent.com tl-ws.blogspot.com
1 resources.blogblog.com tl-ws.blogspot.com
1 lh3.googleusercontent.com tl-ws.blogspot.com
1 i.ibb.co tl-ws.blogspot.com
1 www.gstatic.com tl-ws.blogspot.com
1 ajax.googleapis.com tl-ws.blogspot.com
1 bit.ly 1 redirects
45 16

This site contains no links.

Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.blogger.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
ibb.co
Let's Encrypt Authority X3		 2020-03-29 -
2020-06-27		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
dk3.us
Let's Encrypt Authority X3		 2020-04-08 -
2020-07-07		 3 months crt.sh
tracking-all-traffic.offerdirecto.com
Let's Encrypt Authority X3		 2020-03-06 -
2020-06-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-25 -
2020-10-09		 7 months crt.sh

This page contains 1 frames:

Primary Page: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Frame ID: 2F4D24E2BC821381F5B498AA6357F1AB
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/2RGG2Mz HTTP 301
    https://tl-ws.blogspot.com/2020/04/blog-post_39.html Page URL
  2. https://dk3.us/7Wxq Page URL
  3. https://dk3.us/load.php?code=7Wxq HTTP 302
    https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3} Page URL
  4. https://tracking-all-traffic.offerdirecto.com/control-user.php?id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&sub1={sub... HTTP 302
    https://tracking-all-traffic.offerdirecto.com/control-click_id.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&sub1... HTTP 302
    https://tracking-all-traffic.offerdirecto.com/control-bloq-ofertas.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&... HTTP 302
    https://tracking-all-traffic.offerdirecto.com/pais.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&sub1={sub1}&sub2... HTTP 302
    https://tracking-all-traffic.offerdirecto.com/control-ip.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&sub1={sub1... HTTP 302
    https://tracking-all-traffic.offerdirecto.com/1/click24.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&sub1={sub1}&sub2={... HTTP 302
    https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

45
Requests

96 %
HTTPS

77 %
IPv6

13
Domains

16
Subdomains

13
IPs

4
Countries

1947 kB
Transfer

2634 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/2RGG2Mz HTTP 301
    https://tl-ws.blogspot.com/2020/04/blog-post_39.html Page URL
  2. https://dk3.us/7Wxq Page URL
  3. https://dk3.us/load.php?code=7Wxq HTTP 302
    https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3} Page URL
  4. https://tracking-all-traffic.offerdirecto.com/control-user.php?id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200 HTTP 302
    https://tracking-all-traffic.offerdirecto.com/control-click_id.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200 HTTP 302
    https://tracking-all-traffic.offerdirecto.com/control-bloq-ofertas.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200 HTTP 302
    https://tracking-all-traffic.offerdirecto.com/pais.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200 HTTP 302
    https://tracking-all-traffic.offerdirecto.com/control-ip.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200&pais=BE&b=M247%20Ltd&c=SI HTTP 302
    https://tracking-all-traffic.offerdirecto.com/1/click24.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200&b=M247%20Ltd&c=SI&pais=BE HTTP 302
    https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/2RGG2Mz HTTP 301
  • https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Request Chain 18
  • https://dk3.us/load.php?code=7Wxq HTTP 302
  • https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
Request Chain 20
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1863022450&t=pageview&_s=1&dl=https%3A%2F%2Fdk3.us%2F7Wxq&dr=https%3A%2F%2Ftl-ws.blogspot.com%2F2020%2F04%2Fblog-post_39.html&ul=en-us&de=UTF-8&dt=DK3.US%20-%20Redirect%20-%207Wxq&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEAB~&jid=1606289440&gjid=355552075&cid=1926978503.1587252793&tid=UA-97406603-1&_gid=615078371.1587252793&_r=1&z=1714333325 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97406603-1&cid=1926978503.1587252793&jid=1606289440&_gid=615078371.1587252793&gjid=355552075&_v=j81&z=1714333325
Request Chain 24
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1870295564&t=pageview&_s=1&dl=https%3A%2F%2Ftracking-all-traffic.offerdirecto.com%2F%3Fid%3DWIl1twZU2B%26type%3D1%26click_id%3D%7Bclick_id%7D%26sub1%3D%7Bsub1%7D%26sub2%3D%7Bsub2%7D%26sub3%3D%7Bsub3%7D&dr=https%3A%2F%2Fdk3.us%2F7Wxq&ul=en-us&de=UTF-8&dt=Redirected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEHAAEAB~&jid=1766247787&gjid=1056772465&cid=1413580388.1587252794&tid=UA-97406603-1&_gid=1024336327.1587252794&_r=1&z=275704347 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97406603-1&cid=1413580388.1587252794&jid=1766247787&_gid=1024336327.1587252794&gjid=1056772465&_v=j81&z=275704347

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
blog-post_39.html
tl-ws.blogspot.com/2020/04/
Redirect Chain
  • https://bit.ly/2RGG2Mz
  • https://tl-ws.blogspot.com/2020/04/blog-post_39.html
88 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ecc6ad3dc9a9f9b6b1cfd379cf9edea1f5f587763cbc177854938d5d48a6c3f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tl-ws.blogspot.com
:scheme
https
:path
/2020/04/blog-post_39.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html; charset=UTF-8
expires
Sat, 18 Apr 2020 23:33:12 GMT
date
Sat, 18 Apr 2020 23:33:12 GMT
cache-control
private, max-age=0
last-modified
Fri, 17 Apr 2020 19:32:09 GMT
etag
W/"c507c63cec19d390ddc849604eeaa4fbc2a74269cd850ae0606afddbd6d83966"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
18352
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Redirect headers

status
301
server
nginx
date
Sat, 18 Apr 2020 23:33:12 GMT
content-type
text/html; charset=utf-8
content-length
139
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
referrer-policy
unsafe-url
set-cookie
_bit=k3inxc-5cfafd2054829e9d3d-00U; Domain=bit.ly; Expires=Thu, 15 Oct 2020 23:33:12 GMT
via
1.1 google
alt-svc
clear
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 04 Apr 2020 07:48:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1266290
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Apr 2021 07:48:22 GMT
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
4096
x-xss-protection
0
expires
Sat, 18 Apr 2020 23:33:12 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
6878
date
Sat, 18 Apr 2020 21:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Sat, 18 Apr 2020 23:38:34 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6152009843739200072&zx=aa908466-5226-49c6-bbb6-50d5c1676bef
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 18 Apr 2020 23:33:12 GMT
server
GSE
date
Sat, 18 Apr 2020 23:33:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Origin
https://tl-ws.blogspot.com

Response headers

date
Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
345973
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11016
x-xss-protection
0
expires
Wed, 14 Apr 2021 23:26:59 GMT
collect
www.google-analytics.com/r/ 		35 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2013536364&t=pageview&_s=1&dl=https%3A%2F%2Ftl-ws.blogspot.com%2F2020%2F04%2Fblog-post_39.html&ul=en-us&de=UTF-8&dt=Sexy%20Girls&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1917527594&gjid=1734255833&cid=1607874700.1587252793&tid=UA-163844429-1&_gid=290449638.1587252793&_r=1&z=1291163147
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Apr 2020 23:33:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
9171882-022-697acopia-HD.jpg
i.ibb.co/n0psbQn/ 		87 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/n0psbQn/9171882-022-697acopia-HD.jpg
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.15.22.18 Haarlem, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash

Request headers

Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:13 GMT
last-modified
Thu, 16 Apr 2020 16:19:10 GMT
server
nginx
status
200
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
267948
expires
Thu, 31 Dec 2037 23:55:55 GMT
1769009776-comment_from_post_iframe.js
www.blogger.com/static/v1/jsbin/ 		0
0
2PUd_fotebGqEOm7PRyGVPKlkkHbNEyptbN7cdxKOlTjuM1kqIoRinKJQmcoN7Y1abGxqZLbfXBjW8UsmjWh_s-L3w=w72-h72-p-k-no-nu
lh3.googleusercontent.com/proxy/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/proxy/2PUd_fotebGqEOm7PRyGVPKlkkHbNEyptbN7cdxKOlTjuM1kqIoRinKJQmcoN7Y1abGxqZLbfXBjW8UsmjWh_s-L3w=w72-h72-p-k-no-nu
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:13 GMT
x-content-type-options
nosniff
server
fife
status
200
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
2849
x-xss-protection
0
expires
Sun, 19 Apr 2020 23:33:13 GMT
3410439338-indie_compiled.js
resources.blogblog.com/blogblog/data/res/ 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.blogblog.com/blogblog/data/res/3410439338-indie_compiled.js
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 00:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Apr 2020 14:22:44 GMT
server
sffe
age
255432
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
47484
x-xss-protection
0
expires
Thu, 23 Apr 2020 00:36:00 GMT
cookienotice.js
tl-ws.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tl-ws.blogspot.com/js/cookienotice.js
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 17:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Apr 2020 16:28:30 GMT
server
sffe
age
193186
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
2026
x-xss-protection
0
expires
Thu, 23 Apr 2020 17:53:26 GMT
2053445127-widgets.js
www.blogger.com/static/v1/widgets/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2053445127-widgets.js
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 12:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Apr 2020 23:21:05 GMT
server
sffe
age
212851
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
53105
x-xss-protection
0
expires
Fri, 16 Apr 2021 12:25:41 GMT
sprite_v1_6.css.svg
tl-ws.blogspot.com/responsive/ 		7 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tl-ws.blogspot.com/responsive/sprite_v1_6.css.svg
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 17:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Apr 2020 11:17:44 GMT
server
sffe
age
193186
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
2244
x-xss-protection
0
expires
Thu, 23 Apr 2020 17:53:26 GMT
image
themes.googleusercontent.com/ 		223 KB
223 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:13 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
228521
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 19 Apr 2020 23:33:13 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Origin
https://tl-ws.blogspot.com

Response headers

date
Wed, 15 Apr 2020 00:22:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
342658
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11020
x-xss-protection
0
expires
Thu, 15 Apr 2021 00:22:14 GMT
7Wxq
dk3.us/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dk3.us/7Wxq
Requested by
Host: tl-ws.blogspot.com
URL: https://tl-ws.blogspot.com/2020/04/blog-post_39.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.171.242.5 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS
single-4730.banahosting.com
Software
/
Resource Hash
863dcb47d4ed049d036df0da94d2a54d9e7c710fb79e24c2c8a1e3a0a10fa10b

Request headers

:method
GET
:authority
dk3.us
:scheme
https
:path
/7Wxq
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tl-ws.blogspot.com/2020/04/blog-post_39.html

Response headers

status
200
content-type
text/html; charset=UTF-8
content-length
828
content-encoding
br
vary
Accept-Encoding
date
Sat, 18 Apr 2020 23:33:10 GMT
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
authorization.css
www.blogger.com/dyn-css/ 		0
0
/
tracking-all-traffic.offerdirecto.com/
Redirect Chain
  • https://dk3.us/load.php?code=7Wxq
  • https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
Requested by
Host: dk3.us
URL: https://dk3.us/7Wxq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.171.242.5 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS
single-4730.banahosting.com
Software
/
Resource Hash
3d68071fc7c907d32117ae922f559b77dd85dc097654dac42d7c2454de8a5b64

Request headers

:method
GET
:authority
tracking-all-traffic.offerdirecto.com
:scheme
https
:path
/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://dk3.us/7Wxq
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://dk3.us/7Wxq

Response headers

status
200
content-type
text/html; charset=UTF-8
content-length
963
content-encoding
br
vary
Accept-Encoding
date
Sat, 18 Apr 2020 23:33:10 GMT
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

Redirect headers

status
302
location
https://Tracking-all-traffic.offerdirecto.com?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
content-type
text/html; charset=UTF-8
content-length
6
content-encoding
br
vary
Accept-Encoding
date
Sat, 18 Apr 2020 23:33:10 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dk3.us
URL: https://dk3.us/7Wxq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dk3.us/7Wxq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
6879
date
Sat, 18 Apr 2020 21:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Sat, 18 Apr 2020 23:38:34 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1863022450&t=pageview&_s=1&dl=https%3A%2F%2Fdk3.us%2F7Wxq&dr=https%3A%2F%2Ftl-ws.blogspot.com%2F2020%2F04%2Fblog-post_39.html&ul=en-us&de=UTF...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97406603-1&cid=1926978503.1587252793&jid=1606289440&_gid=615078371.1587252793&gjid=355552075&_v=j81&z=1714333325
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97406603-1&cid=1926978503.1587252793&jid=1606289440&_gid=615078371.1587252793&gjid=355552075&_v=j81&z=1714333325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dk3.us/7Wxq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 18 Apr 2020 23:33:13 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Apr 2020 23:33:13 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97406603-1&cid=1926978503.1587252793&jid=1606289440&_gid=615078371.1587252793&gjid=355552075&_v=j81&z=1714333325
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1863022450&t=pageview&_s=1&dl=https%3A%2F%2Fdk3.us%2F7Wxq&dr=https%3A%2F%2Ftl-ws.blogspot.com%2F2020%2F04%2Fblog-post_39.html&ul=en-us&de=UTF-8&dt=DK3.US%20-%20Redirect%20-%207Wxq&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEAB~&jid=287251895&gjid=627424066&cid=1926978503.1587252793&tid=UA-114317189-1&_gid=615078371.1587252793&_r=1&z=754945779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dk3.us/7Wxq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Apr 2020 23:33:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request erniozzyfrneefm
flirtymeetz.com/
Redirect Chain
  • https://tracking-all-traffic.offerdirecto.com/control-user.php?id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200
  • https://tracking-all-traffic.offerdirecto.com/control-click_id.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200
  • https://tracking-all-traffic.offerdirecto.com/control-bloq-ofertas.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200
  • https://tracking-all-traffic.offerdirecto.com/pais.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200
  • https://tracking-all-traffic.offerdirecto.com/control-ip.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&type=1&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200&pais=BE&b=M247%20Ltd&c=SI
  • https://tracking-all-traffic.offerdirecto.com/1/click24.php?&id=WIl1twZU2B&idoffer=&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200&b=M247%20Ltd&c=SI&pais=BE
  • https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Requested by
Host: tracking-all-traffic.offerdirecto.com
URL: https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
037bdcd3bcf3ecb3620fe61a5afb5758975b15b009aa952587d41215aac02989
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
flirtymeetz.com
:scheme
https
:path
/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}

Response headers

status
200
date
Sat, 18 Apr 2020 23:33:16 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d2756fb456c515b399e9bbd1c337652da1587252795; expires=Mon, 18-May-20 23:33:15 GMT; path=/; domain=.flirtymeetz.com; HttpOnly; SameSite=Lax k=SFMyNTY.g3QAAAAIbQAAAARhdW5xdAAAAAFtAAAABTQ2Njc5bQAAAApwbFpYWWRYWmR3bQAAAANoaWRtAAAAJW9WVU5zQnpwYkZ4a2dpTndaY3pwUWRhQm1XUE9NTWNxeE9mTndtAAAAAmhsZAADbmlsbQAAAAJyZHQAAAAEZAAKX19zdHJ1Y3RfX2QAGEVsaXhpci5UZGV4LlJvdGF0aW9uRGF0YWQADmNsaWNrZWRfb2ZmZXJzdAAAAABkAAhsYW5kaW5nc2wAAAABYgAABV5qZAALc2Vlbl9vZmZlcnNsAAAAAWIAADeeam0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAADxxdHpKelJFem9LSmx0TXlyNGpjeFR2UzFuZ3lXcUVEV3kzZm1JamJ3dWxYY3hLSnB0bGNDV3YzMFFwVTdtAAAAB3RyYWNrZXJtAAAACldJbDF0d1pVMkJtAAAAA3VucW0AAAAMbEpoR21BV21HV1N4.07tT8C3RX00yfbc3lToULTMu_TU5ot2g28lOmYIrLG0; path=/; expires=Sun, 18 Apr 2021 23:33:16 GMT; max-age=31536000 uord=daf5bf392482558c8f2fa155fd0519ce; path=/; expires=Mon, 18 Apr 2022 23:33:16 GMT; max-age=63072000; HttpOnly
vary
Accept-Encoding
cache-control
max-age=0, private, must-revalidate
cross-origin-window-policy
deny
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5862309668b7d6e5-FRA
content-encoding
br
cf-request-id
02313cb2040000d6e55d103200000001

Redirect headers

status
302
location
https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
content-type
text/html; charset=UTF-8
content-length
8
content-encoding
br
vary
Accept-Encoding
date
Sat, 18 Apr 2020 23:33:12 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
1.gif
tracking-all-traffic.offerdirecto.com/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-all-traffic.offerdirecto.com/1.gif
Requested by
Host: tracking-all-traffic.offerdirecto.com
URL: https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.171.242.5 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS
single-4730.banahosting.com
Software
/
Resource Hash

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:11 GMT
last-modified
Thu, 07 Feb 2019 07:06:46 GMT
content-type
image/gif
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
76610
expires
Sat, 25 Apr 2020 23:33:11 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tracking-all-traffic.offerdirecto.com
URL: https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
6880
date
Sat, 18 Apr 2020 21:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Sat, 18 Apr 2020 23:38:34 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1870295564&t=pageview&_s=1&dl=https%3A%2F%2Ftracking-all-traffic.offerdirecto.com%2F%3Fid%3DWIl1twZU2B%26type%3D1%26click_id%3D%7Bclick_id%7D...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97406603-1&cid=1413580388.1587252794&jid=1766247787&_gid=1024336327.1587252794&gjid=1056772465&_v=j81&z=275704347
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97406603-1&cid=1413580388.1587252794&jid=1766247787&_gid=1024336327.1587252794&gjid=1056772465&_v=j81&z=275704347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 18 Apr 2020 23:33:14 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Apr 2020 23:33:14 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97406603-1&cid=1413580388.1587252794&jid=1766247787&_gid=1024336327.1587252794&gjid=1056772465&_v=j81&z=275704347
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
419
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1870295564&t=pageview&_s=1&dl=https%3A%2F%2Ftracking-all-traffic.offerdirecto.com%2F%3Fid%3DWIl1twZU2B%26type%3D1%26click_id%3D%7Bclick_id%7D%26sub1%3D%7Bsub1%7D%26sub2%3D%7Bsub2%7D%26sub3%3D%7Bsub3%7D&dr=https%3A%2F%2Fdk3.us%2F7Wxq&ul=en-us&de=UTF-8&dt=Redirected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEHAAEAB~&jid=93276068&gjid=2102232460&cid=1413580388.1587252794&tid=163687561&_gid=1024336327.1587252794&_r=1&z=2103552150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Apr 2020 23:33:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1870295564&t=pageview&_s=1&dl=https%3A%2F%2Ftracking-all-traffic.offerdirecto.com%2F%3Fid%3DWIl1twZU2B%26type%3D1%26click_id%3D%7Bclick_id%7D%26sub1%3D%7Bsub1%7D%26sub2%3D%7Bsub2%7D%26sub3%3D%7Bsub3%7D&dr=https%3A%2F%2Fdk3.us%2F7Wxq&ul=en-us&de=UTF-8&dt=Redirected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEHAAEAB~&jid=181167588&gjid=313051338&cid=1413580388.1587252794&tid=UA-114317189-1&_gid=1024336327.1587252794&_r=1&z=1124871329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Apr 2020 23:33:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1870295564&t=pageview&_s=1&dl=https%3A%2F%2Ftracking-all-traffic.offerdirecto.com%2F%3Fid%3DWIl1twZU2B%26type%3D1%26click_id%3D%7Bclick_id%7D%26sub1%3D%7Bsub1%7D%26sub2%3D%7Bsub2%7D%26sub3%3D%7Bsub3%7D&dr=https%3A%2F%2Fdk3.us%2F7Wxq&ul=en-us&de=UTF-8&dt=Redirected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEHAAEAB~&jid=1728730878&gjid=614970786&cid=1413580388.1587252794&tid=0&_gid=1024336327.1587252794&_r=1&z=1179055387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Apr 2020 23:33:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1870295564&t=pageview&_s=1&dl=https%3A%2F%2Ftracking-all-traffic.offerdirecto.com%2F%3Fid%3DWIl1twZU2B%26type%3D1%26click_id%3D%7Bclick_id%7D%26sub1%3D%7Bsub1%7D%26sub2%3D%7Bsub2%7D%26sub3%3D%7Bsub3%7D&dr=https%3A%2F%2Fdk3.us%2F7Wxq&ul=en-us&de=UTF-8&dt=Redirected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEHAAEAB~&jid=1741705800&gjid=364232621&cid=1413580388.1587252794&tid=0&_gid=1024336327.1587252794&_r=1&z=1362989136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Apr 2020 23:33:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1870295564&t=pageview&_s=1&dl=https%3A%2F%2Ftracking-all-traffic.offerdirecto.com%2F%3Fid%3DWIl1twZU2B%26type%3D1%26click_id%3D%7Bclick_id%7D%26sub1%3D%7Bsub1%7D%26sub2%3D%7Bsub2%7D%26sub3%3D%7Bsub3%7D&dr=https%3A%2F%2Fdk3.us%2F7Wxq&ul=en-us&de=UTF-8&dt=Redirected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEHAAEAB~&jid=697843384&gjid=1323100901&cid=1413580388.1587252794&tid=0&_gid=1024336327.1587252794&_r=1&z=1503839589
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=WIl1twZU2B&type=1&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Apr 2020 23:33:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		767 B
478 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: flirtymeetz.com
URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 18 Apr 2020 23:33:16 GMT
server
ESF
date
Sat, 18 Apr 2020 23:33:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Apr 2020 23:33:16 GMT
allclear.png
flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/allclear.png
Requested by
Host: flirtymeetz.com
URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e7d0f48de667376e4ef2ef8f4f3a3fbe8f0a612594cc0c3c6f934ede6f997ac

Request headers

Referer
https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:16 GMT
cf-cache-status
EXPIRED
status
200
content-length
10693
cf-request-id
02313cb2dd0000d6e55d10a200000001
last-modified
Wed, 01 Apr 2020 10:41:06 GMT
server
cloudflare
etag
"5e846fc2-29c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58623097cb1bd6e5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
mcafee.png
flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/mcafee.png
Requested by
Host: flirtymeetz.com
URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e26ec8652e317bc943d4a28991b916f549b7a500f5c84e5c66a02f8bbc33286f

Request headers

Referer
https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:16 GMT
cf-cache-status
EXPIRED
status
200
content-length
9670
cf-request-id
02313cb2de0000d6e55d10e200000001
last-modified
Wed, 01 Apr 2020 10:41:06 GMT
server
cloudflare
etag
"5e846fc2-25c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58623097cb28d6e5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
norton.png
flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/norton.png
Requested by
Host: flirtymeetz.com
URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b498835ae87ebb49c16c9d86bfae6a47dc44118027cbab011b6f1feb6f32e9

Request headers

Referer
https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:16 GMT
cf-cache-status
EXPIRED
status
200
content-length
8395
cf-request-id
02313cb2df0000d6e55d10f200000001
last-modified
Wed, 01 Apr 2020 10:41:06 GMT
server
cloudflare
etag
"5e846fc2-20cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58623097cb2ad6e5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
script.min.js
flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/ 		252 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/script.min.js
Requested by
Host: flirtymeetz.com
URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37e5087e498fc0b0d08de05637e8cfc7550ce34dc52e0efc95d68531b85702d8

Request headers

Referer
https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:16 GMT
content-encoding
br
cf-cache-status
EXPIRED
status
200
cf-request-id
02313cb2de0000d6e55d10b200000001
last-modified
Wed, 01 Apr 2020 10:41:00 GMT
server
cloudflare
etag
W/"5e846fbc-3eff6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
cf-ray
58623097cb20d6e5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
hammer.min.js
flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/hammer.min.js
Requested by
Host: flirtymeetz.com
URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9433bec25b5be77e5591554373016a288b35abd818f272982f5f1cfe6d8f12a7

Request headers

Referer
https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:16 GMT
content-encoding
br
cf-cache-status
EXPIRED
status
200
cf-request-id
02313cb2de0000d6e55d10c200000001
last-modified
Wed, 01 Apr 2020 10:41:00 GMT
server
cloudflare
etag
W/"5e846fbc-47ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
cf-ray
58623097cb22d6e5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
p.js
flirtymeetz.com/ 		472 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://flirtymeetz.com/p.js?a=615743&cr=12949&lid=13420&mh=b1ZVTnNCenBiRnhrZ2lOd1pjenBRZGFCbVdQT01NY3F4T2ZOdy04Njkw&p=0&t=WIl1twZU2B
Requested by
Host: flirtymeetz.com
URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e89bb06efe82e05a08f813b6e4d774cb2cc33fe55e85a1ac087f13d84d0dd6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
cross-origin-window-policy
deny
status
200
vary
Accept-Encoding
cf-request-id
02313cb2de0000d6e55d10d200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, max-age=14400, must-revalidate
cf-ray
58623097cb27d6e5-FRA
g1.jpg
flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/g1.jpg
Requested by
Host: flirtymeetz.com
URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58ac8f87fc29227002cdba1257ceba8f08b9401e65a58c3130650c114c9ea3f6

Request headers

Referer
https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:16 GMT
cf-cache-status
EXPIRED
status
200
content-length
39014
cf-request-id
02313cb2f10000d6e55d113200000001
last-modified
Wed, 01 Apr 2020 10:41:06 GMT
server
cloudflare
etag
"5e846fc2-9866"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58623097eb57d6e5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
g2.jpg
flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/ 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/g2.jpg
Requested by
Host: flirtymeetz.com
URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93938390337acdcf36b29feac30870dbd773adcbd2c0097d8f45fa70130dd469

Request headers

Referer
https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:16 GMT
cf-cache-status
MISS
status
200
content-length
226889
cf-request-id
02313cb2f10000d6e55d114200000001
last-modified
Wed, 01 Apr 2020 10:41:05 GMT
server
cloudflare
etag
"5e846fc1-37649"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58623097eb58d6e5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
g3.jpg
flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/ 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/g3.jpg
Requested by
Host: flirtymeetz.com
URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d25f703b11d62edc03c1ffbbb6dbd7a00859e96a647159adf350d0ef89f0984f

Request headers

Referer
https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:16 GMT
cf-cache-status
EXPIRED
status
200
content-length
197617
cf-request-id
02313cb2f20000d6e55d115200000001
last-modified
Wed, 01 Apr 2020 10:41:05 GMT
server
cloudflare
etag
"5e846fc1-303f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58623097eb5cd6e5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
g4.jpg
flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/ 		236 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/g4.jpg
Requested by
Host: flirtymeetz.com
URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b15dd413d2d41302f51615acd69882390c9e665832b69fd8bba5889a3ee32c6

Request headers

Referer
https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:16 GMT
cf-cache-status
EXPIRED
status
200
content-length
241747
cf-request-id
02313cb2f20000d6e55d116200000001
last-modified
Wed, 01 Apr 2020 10:41:04 GMT
server
cloudflare
etag
"5e846fc0-3b053"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58623097eb5dd6e5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
g5.jpg
flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/g5.jpg
Requested by
Host: flirtymeetz.com
URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d893463751e91abbef36c981cd40c138f31183b0012b8090278a0b9c80687867

Request headers

Referer
https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:16 GMT
cf-cache-status
EXPIRED
status
200
content-length
78854
cf-request-id
02313cb2f20000d6e55d117200000001
last-modified
Wed, 01 Apr 2020 10:41:05 GMT
server
cloudflare
etag
"5e846fc1-13406"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58623097eb5fd6e5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
bg.jpg
flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/ 		516 KB
517 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flirtymeetz.com/assets/fcc93e396c903a8a10b6c69bcf39af08/images/bg.jpg
Requested by
Host: flirtymeetz.com
URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
871db7cb6fca42017f3e3caccc856a257584efd4bb336e8758e4742a37b7804c

Request headers

Referer
https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 23:33:16 GMT
cf-cache-status
EXPIRED
status
200
content-length
528846
cf-request-id
02313cb2f20000d6e55d118200000001
last-modified
Wed, 01 Apr 2020 10:42:16 GMT
server
cloudflare
etag
"5e847008-811ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58623097eb60d6e5-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: flirtymeetz.com
URL: https://flirtymeetz.com/erniozzyfrneefm?t=WIl1twZU2B&s2=qtzJzREzoKJltMyr4jcxTvS1ngyWqEDWy3fmIjbwulXcxKJptlcCWv30QpU7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato
Origin
https://flirtymeetz.com

Response headers

date
Wed, 15 Apr 2020 01:32:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
338428
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14044
x-xss-protection
0
expires
Thu, 15 Apr 2021 01:32:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.blogger.com
URL
https://www.blogger.com/static/v1/jsbin/1769009776-comment_from_post_iframe.js
Domain
www.blogger.com
URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6152009843739200072&zx=aa908466-5226-49c6-bbb6-50d5c1676bef

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| Hammer string| u

3 Cookies

Domain/Path Name / Value
flirtymeetz.com/ Name: uord
Value: daf5bf392482558c8f2fa155fd0519ce
flirtymeetz.com/ Name: k
Value: SFMyNTY.g3QAAAAIbQAAAARhdW5xdAAAAAFtAAAABTQ2Njc5bQAAAApwbFpYWWRYWmR3bQAAAANoaWRtAAAAJW9WVU5zQnpwYkZ4a2dpTndaY3pwUWRhQm1XUE9NTWNxeE9mTndtAAAAAmhsZAADbmlsbQAAAAJyZHQAAAAEZAAKX19zdHJ1Y3RfX2QAGEVsaXhpci5UZGV4LlJvdGF0aW9uRGF0YWQADmNsaWNrZWRfb2ZmZXJzdAAAAABkAAhsYW5kaW5nc2wAAAABYgAABV5qZAALc2Vlbl9vZmZlcnNsAAAAAWIAADeeam0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAADxxdHpKelJFem9LSmx0TXlyNGpjeFR2UzFuZ3lXcUVEV3kzZm1JamJ3dWxYY3hLSnB0bGNDV3YzMFFwVTdtAAAAB3RyYWNrZXJtAAAACldJbDF0d1pVMkJtAAAAA3VucW0AAAAMbEpoR21BV21HV1N4.07tT8C3RX00yfbc3lToULTMu_TU5ot2g28lOmYIrLG0
.flirtymeetz.com/ Name: __cfduid
Value: d2756fb456c515b399e9bbd1c337652da1587252795

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bit.ly
dk3.us
flirtymeetz.com
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
lh3.googleusercontent.com
resources.blogblog.com
stats.g.doubleclick.net
themes.googleusercontent.com
tl-ws.blogspot.com
tracking-all-traffic.offerdirecto.com
www.blogger.com
www.google-analytics.com
www.gstatic.com
www.blogger.com
184.171.242.5
2606:4700:3032::6812:2c0d
2a00:1450:4001:800::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:819::200e
2a00:1450:4001:81a::2003
2a00:1450:4001:81d::2009
2a00:1450:4001:81e::2001
2a00:1450:4001:81e::200a
2a00:1450:4001:825::2001
2a00:1450:400c:c00::9d
51.15.22.18
67.199.248.10
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
037bdcd3bcf3ecb3620fe61a5afb5758975b15b009aa952587d41215aac02989
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
25b498835ae87ebb49c16c9d86bfae6a47dc44118027cbab011b6f1feb6f32e9
37e5087e498fc0b0d08de05637e8cfc7550ce34dc52e0efc95d68531b85702d8
3d68071fc7c907d32117ae922f559b77dd85dc097654dac42d7c2454de8a5b64
4e7d0f48de667376e4ef2ef8f4f3a3fbe8f0a612594cc0c3c6f934ede6f997ac
58ac8f87fc29227002cdba1257ceba8f08b9401e65a58c3130650c114c9ea3f6
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6b15dd413d2d41302f51615acd69882390c9e665832b69fd8bba5889a3ee32c6
863dcb47d4ed049d036df0da94d2a54d9e7c710fb79e24c2c8a1e3a0a10fa10b
871db7cb6fca42017f3e3caccc856a257584efd4bb336e8758e4742a37b7804c
93938390337acdcf36b29feac30870dbd773adcbd2c0097d8f45fa70130dd469
9433bec25b5be77e5591554373016a288b35abd818f272982f5f1cfe6d8f12a7
a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
d25f703b11d62edc03c1ffbbb6dbd7a00859e96a647159adf350d0ef89f0984f
d893463751e91abbef36c981cd40c138f31183b0012b8090278a0b9c80687867
e26ec8652e317bc943d4a28991b916f549b7a500f5c84e5c66a02f8bbc33286f
e89bb06efe82e05a08f813b6e4d774cb2cc33fe55e85a1ac087f13d84d0dd6fc
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecc6ad3dc9a9f9b6b1cfd379cf9edea1f5f587763cbc177854938d5d48a6c3f4