dereferer.me Open in urlscan Pro
89.40.214.138  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://cutt.us/ChildTopVideo Page URL
2. https://dereferer.me/?ohldj556zv2NWRzNNbkmoqZLDZbWB23mAJ06PRdv7kn76vpyGWOql279kEB924B0pEm57-_q-qGey Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	ChildTopVideo Show response cutt.us/	3 KB 2 KB	512ms 24ms	Document text/html	69.61.26.121 GLOBALCOMPASS
General Check archive.org Show headers Download Go to Full URL https://cutt.us/ChildTopVideo Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.61.26.121 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US), Reverse DNS Software Hotcores.com / Resource Hash 2f9e036efbcdefef103314f5b4554d8b74540f9fbb735b2d9ac305a757a2ae40 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Cache-Control no-cache, must-revalidate, max-age=0 Connection keep-alive Content-Encoding gzip Content-Type text/html; Charset=UTF-8;charset=UTF-8 Date Mon, 29 Jul 2024 10:18:32 GMT I-AM Alpha Pragma no-cache Server Hotcores.com Strict-Transport-Security max-age=31536000; includeSubdomains; Transfer-Encoding chunked Vary Accept-Encoding X-Robots-Tag noindex, nofollow
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	98 KB 31 KB	109ms 79ms	Script text/javascript	142.251.179.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: cutt.us URL: https://cutt.us/ChildTopVideo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.179.155 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f155.1e100.net Software cafe / Resource Hash 0840c1c64e6b410aa1c26a4a4da6c16ad5ab8673feab1a1141faecbf12359f85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 10:07:39 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31574 x-xss-protection 0 server cafe etag 15 / 19933 / m202407230101 / config-hash: 12298755105918104723 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 29 Jul 2024 10:07:39 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	208 KB 75 KB	64ms 29ms	Script application/javascript	172.217.222.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-31510493-1 Requested by Host: cutt.us URL: https://cutt.us/ChildTopVideo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.222.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS qi-in-f97.1e100.net Software Google Tag Manager / Resource Hash bf363dbd9ac413d7b3ba66268f1f58060b78a44bdf63eab6eb27f8a54e511ffe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://cutt.us/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 10:07:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 76358 x-xss-protection 0 last-modified Mon, 29 Jul 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 29 Jul 2024 10:07:39 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	254 KB 90 KB	24ms 22ms	Script application/javascript	172.217.222.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ZBQ2JYBBZ5&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.222.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS qi-in-f97.1e100.net Software Google Tag Manager / Resource Hash 6701c5e2982a31ee5b74763a978a202910aec5d2e7de71e20141b474821ea87d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://cutt.us/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 10:07:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 91559 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 29 Jul 2024 10:07:39 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	60ms 13ms	Script text/javascript	173.194.204.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.194.204.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS qb-in-f101.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cutt.us/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 29 Jul 2024 08:22:32 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 6307 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 29 Jul 2024 10:22:32 GMT
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407230101/	473 KB 148 KB	42ms 14ms	Script text/javascript	142.251.167.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407230101/pubads_impl.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f155.1e100.net Software cafe / Resource Hash 78fed4302e496840aae7d8eb58eab3ee67d6a4094b656736637ab6cf35fa9633 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 23:08:35 GMT content-encoding br x-content-type-options nosniff age 39544 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 151086 x-xss-protection 0 server cafe etag 1418821275081004071 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 28 Jul 2025 23:08:35 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	61 B 73 B	87ms 63ms	XHR application/json	142.251.167.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f155.1e100.net Software cafe / Resource Hash e8223a82e046c8dcece85853d954bbfd33eb35b00583a43e16767dfde6e8f556 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 10:07:39 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49 x-xss-protection 0 expires Mon, 29 Jul 2024 10:07:39 GMT
POST H2	204	collect www.google-analytics.com/g/	0 0	19ms 16ms	Fetch text/plain	173.194.204.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-ZBQ2JYBBZ5&gtm=45je47o0v9124577564za200&_p=1722247659180&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=716425703.1722247659&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1722247659&sct=1&seg=0&dl=https%3A%2F%2Fcutt.us%2FChildTopVideo&dt=ChildTopVideo&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=787 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ZBQ2JYBBZ5&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.194.204.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS qb-in-f101.1e100.net Software Golfe2 / Resource Hash Request headers Referer https://cutt.us/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jul 2024 10:07:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cutt.us cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	12ms 11ms	XHR text/plain	173.194.204.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=507235961&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2FChildTopVideo&ul=en-us&de=UTF-8&dt=ChildTopVideo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1412072581&gjid=1919856752&cid=716425703.1722247659&tid=UA-31510493-1&_gid=41650772.1722247659&_r=1&gtm=457e47o0za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&jsscut=1&z=464785986 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.204.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS qb-in-f101.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://cutt.us/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 29 Jul 2024 10:07:39 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cutt.us cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	topics_frame.html securepubads.g.doubleclick.net/static/topics/ Frame 6DFC	0 0	47ms 6ms	Document text/html	142.251.167.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/static/topics/topics_frame.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407230101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f157.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 207 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000, stale-while-revalidate=3600 content-encoding br content-length 28853 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 29 Jul 2024 10:04:12 GMT expires Mon, 29 Jul 2024 10:54:12 GMT last-modified Mon, 22 Jul 2024 19:47:15 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	820 B 423 B	49ms 48ms	Fetch text/plain	142.251.167.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=526626710433193&correlator=4353564321238726&eid=31085623%2C31085627%2C31084130%2C95335155%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407230101&ptt=17&impl=fif&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1722247659528&lmt=1722247659&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutt.us%2FChildTopVideo&vis=1&psz=300x63&msz=0x0&fws=128&ohw=0&ga_vid=716425703.1722247659&ga_sid=1722247660&ga_hid=507235961&ga_fc=true&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722247659110&idt=349&adks=1933368604&frm=20&eoidce=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407230101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f155.1e100.net Software cafe / Resource Hash 624ddf5cfc0582e75e043bc2cdfab94a9978098dec1a26a72fe7cf3ce6be002f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 10:07:39 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 393 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutt.us cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html b6716859df951b3e46793d95c619ba48.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 86D0	0 0	81ms 12ms	Document text/html	209.85.144.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b6716859df951b3e46793d95c619ba48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407230101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.85.144.132 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS qv-in-f132.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 29 Jul 2024 10:07:39 GMT expires Mon, 29 Jul 2024 10:07:39 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	Primary Request / Show response dereferer.me/	4 KB 2 KB	1314ms 232ms	Document text/html	89.40.214.138 CHROOT Bucharest ...
General Check archive.org Show headers Download Go to Full URL https://dereferer.me/?ohldj556zv2NWRzNNbkmoqZLDZbWB23mAJ06PRdv7kn76vpyGWOql279kEB924B0pEm57-_q-qGey Requested by Host: cutt.us URL: https://cutt.us/ChildTopVideo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.40.214.138 Bucharest, Romania, ASN56430 (CHROOT Bucharest ROMANIA, EU, RO), Reverse DNS edge1.ext.ro2.eu.l7cache.net Software Dereferer.me / Layer7 Cache Resource Hash 7f668900903977b6fff09b1c1e4fe2ae8560b12b673f5a047e4505760aa73c0a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 29 Jul 2024 10:07:40 GMT server Dereferer.me strict-transport-security max-age=31536000 vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-location http://www.binbucks.com/site/paste?code=qsO2RTHUwU x-powered-by Layer7 Cache x-xss-protection 1; mode=block
GET H3	200	sodar pagead2.googlesyndication.com/getconfig/	17 KB 13 KB	151ms 75ms	XHR application/json	173.194.205.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407230101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407230101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.205.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS qm-in-f154.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 10:07:39 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13084 x-xss-protection 0
GET H2	200	sodar2.js tpc.googlesyndication.com/sodar/	17 KB 7 KB	59ms 18ms	Script text/javascript	173.194.204.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407230101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.194.204.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS qb-in-f132.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 10:07:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 29 Jul 2024 10:07:39 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7110	0 0	42ms 13ms	Document text/html	173.194.204.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.194.204.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS qb-in-f132.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 400288 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 24 Jul 2024 18:56:11 GMT expires Thu, 24 Jul 2025 18:56:11 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe www.google.com/recaptcha/api2/ Frame 38C2	0 0	50ms 21ms	Document text/html	173.194.204.103 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.204.103 , United States, ASN15169 (GOOGLE, US), Reverse DNS qb-in-f103.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-s6OCWKQndD_xZAla2tfhXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-s6OCWKQndD_xZAla2tfhXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 29 Jul 2024 10:07:39 GMT expires Mon, 29 Jul 2024 10:07:39 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	bg29.jpg dereferer.me/static/images/backgrounds/	157 KB 157 KB	158ms 146ms	Image image/jpeg	89.40.214.138 CHROOT Bucharest ...
General Check archive.org Show headers Download Go to Show image Full URL https://dereferer.me/static/images/backgrounds/bg29.jpg Requested by Host: dereferer.me URL: https://dereferer.me/?ohldj556zv2NWRzNNbkmoqZLDZbWB23mAJ06PRdv7kn76vpyGWOql279kEB924B0pEm57-_q-qGey Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.40.214.138 Bucharest, Romania, ASN56430 (CHROOT Bucharest ROMANIA, EU, RO), Reverse DNS edge1.ext.ro2.eu.l7cache.net Software Dereferer.me / Layer7 Cache Resource Hash 8aaa06b79bf1538c0f35314fd6dd6a96ce49b9729e7d0e91e6a22b5b0ee8459e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://dereferer.me/?ohldj556zv2NWRzNNbkmoqZLDZbWB23mAJ06PRdv7kn76vpyGWOql279kEB924B0pEm57-_q-qGey User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 10:07:41 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Thu, 06 May 2021 22:16:10 GMT server Dereferer.me x-powered-by Layer7 Cache x-frame-options SAMEORIGIN content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 160327 x-xss-protection 1; mode=block expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	favicon.ico dereferer.me/static/images/	1 KB 1 KB	118ms 117ms	Other image/x-icon	89.40.214.138 CHROOT Bucharest ...
General Check archive.org Show headers Download Go to Full URL https://dereferer.me/static/images/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.40.214.138 Bucharest, Romania, ASN56430 (CHROOT Bucharest ROMANIA, EU, RO), Reverse DNS edge1.ext.ro2.eu.l7cache.net Software Dereferer.me / Layer7 Cache Resource Hash 21d4982d7da0b157eb6386127e5ecccf5aa21b8b3590eeee666678820868f1b2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 10:07:41 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Thu, 06 May 2021 22:16:10 GMT server Dereferer.me x-powered-by Layer7 Cache x-frame-options SAMEORIGIN content-type image/x-icon cache-control max-age=315360000 accept-ranges bytes content-length 1150 x-xss-protection 1; mode=block expires Thu, 31 Dec 2037 23:55:55 GMT

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cutt.us/	1970-01-21 08:00:07	Name: _ga Value: GA1.2.716425703.1722247659
			.cutt.us/	1970-01-20 22:25:34	Name: _gid Value: GA1.2.41650772.1722247659
			.cutt.us/	1970-01-20 22:24:07	Name: _gat_gtag_UA_31510493_1 Value: 1
			.doubleclick.net/	1970-01-20 22:24:08	Name: test_cookie Value: CheckForPermission
			.cutt.us/	1970-01-21 07:45:43	Name: __gads Value: ID=34235ce0353fa625:T=1722247659:RT=1722247659:S=ALNI_Mb9G6kt51AyQLJqgdpjeDFl3an3HA
			.cutt.us/	1970-01-21 07:45:43	Name: __gpi Value: UID=00000eba0a780a82:T=1722247659:RT=1722247659:S=ALNI_MZEE6bo-ezyS-f45f6ytBaKCyGf9Q
			.cutt.us/	1970-01-21 02:43:19	Name: __eoi Value: ID=18483fc4f22f2c20:T=1722247659:RT=1722247659:S=AA-AfjZzBr2eq8v6CSvdJ5o7PEH2
			.cutt.us/	1970-01-21 08:00:07	Name: _ga_ZBQ2JYBBZ5 Value: GS1.1.1722247659.1.0.1722247661.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b6716859df951b3e46793d95c619ba48.safeframe.googlesyndication.com
cutt.us
dereferer.me
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
142.251.167.155
142.251.167.157
142.251.179.155
172.217.222.97
173.194.204.101
173.194.204.103
173.194.204.132
173.194.205.154
209.85.144.132
69.61.26.121
89.40.214.138
0840c1c64e6b410aa1c26a4a4da6c16ad5ab8673feab1a1141faecbf12359f85
21d4982d7da0b157eb6386127e5ecccf5aa21b8b3590eeee666678820868f1b2
2f9e036efbcdefef103314f5b4554d8b74540f9fbb735b2d9ac305a757a2ae40
624ddf5cfc0582e75e043bc2cdfab94a9978098dec1a26a72fe7cf3ce6be002f
6701c5e2982a31ee5b74763a978a202910aec5d2e7de71e20141b474821ea87d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78fed4302e496840aae7d8eb58eab3ee67d6a4094b656736637ab6cf35fa9633
7f668900903977b6fff09b1c1e4fe2ae8560b12b673f5a047e4505760aa73c0a
8aaa06b79bf1538c0f35314fd6dd6a96ce49b9729e7d0e91e6a22b5b0ee8459e
bf363dbd9ac413d7b3ba66268f1f58060b78a44bdf63eab6eb27f8a54e511ffe
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e8223a82e046c8dcece85853d954bbfd33eb35b00583a43e16767dfde6e8f556