urlscan.io logo urlscan.io
SecurityTrails logo

justlarge.com Open in urlscan Pro
2606:4700:3030::6815:28a7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cutt.us/WXJzc
Effective URL: https://justlarge.com/dc?s1=vw_cprk&oid=62887_62886&s3=12190&s2=6410cf3e1c3a13000116bcf2&s4=&lb=1
Submission: On March 14 via manual from GB — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 12 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3030::6815:28a7, located in United States and belongs to CLOUDFLARENET, US. The main domain is justlarge.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2022. Valid for: a year.
This is the only time justlarge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    69.61.26.122 (Atlanta, United States)

ASN22653 (GLOBALCOMPASS, US)
cutt.us
1    2607:f8b0:4006:824::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2607:f8b0:4006:822::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2607:f8b0:4006:80b::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2    2607:f8b0:4006:821::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:817::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2607:f8b0:4006:809::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
9df0734fdf3314bd194ed21ba9a34526.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    80.89.238.69 (Netherlands)

ASN24875 (NOVOSERVE-AS, NL)
PTR: hottopnow.com
hottopnow.com
1    2606:4700:3032::ac43:c788 (United States)

ASN13335 (CLOUDFLARENET, US)
go.cod10.xyz
1    35.204.59.16 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.59.204.35.bc.googleusercontent.com
click.genesistracker.xyz
4    2606:4700:3030::6815:28a7 (United States)

ASN13335 (CLOUDFLARENET, US)
justlarge.com
1    2607:f8b0:4006:823::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700:3036::6815:523e (None, )

ASN- ()
svntrk.com
Apex Domain
Subdomains		 Transfer
8 googlesyndication.com
9df0734fdf3314bd194ed21ba9a34526.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 134
40 KB
4 justlarge.com
justlarge.com
19 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
135 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
20 KB
1 svntrk.com
svntrk.com
3 KB
1 genesistracker.xyz
click.genesistracker.xyz
329 B
1 cod10.xyz
go.cod10.xyz
669 B
1 hottopnow.com
hottopnow.com
946 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
44 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
27 KB
1 cutt.us
cutt.us — Cisco Umbrella Rank: 807690
2 KB
23 12
Domain Requested by
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 justlarge.com cutt.us
justlarge.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 svntrk.com justlarge.com
1 www.google.com tpc.googlesyndication.com
1 click.genesistracker.xyz 1 redirects
1 go.cod10.xyz 1 redirects
1 hottopnow.com 1 redirects
1 9df0734fdf3314bd194ed21ba9a34526.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 www.googletagmanager.com cutt.us
1 www.googletagservices.com cutt.us
1 cutt.us
23 15

This site contains no links.

Subject Issuer Validity Valid
www.cutt.us
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
justlarge.com
Cloudflare Inc ECC CA-3		 2022-05-08 -
2023-05-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-28 -
2024-01-27		 a year crt.sh

This page contains 5 frames:

Primary Page: https://justlarge.com/dc?s1=vw_cprk&oid=62887_62886&s3=12190&s2=6410cf3e1c3a13000116bcf2&s4=&lb=1
Frame ID: 6D8687E478F0D6ED6C966AA3BD2F0DD7
Requests: 14 HTTP requests in this frame

Frame: https://9df0734fdf3314bd194ed21ba9a34526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B2AC47B9032EB445D23C1B3DBF80AEE5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1EAA0C3BEA2553862A59321DA48E0AA8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6F214449D73E84139ED2888D1696DEB2
Requests: 2 HTTP requests in this frame

Frame: https://justlarge.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678809600
Frame ID: 75C34E75D8039E9059288E918B8497FE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cutt.us/WXJzc Page URL
  2. http://hottopnow.com/yWnHPbJR?sub_id_2=datingmail HTTP 302
    https://go.cod10.xyz/click?pid=6893&offer_id=3296&sub1=3g28qkl3cvrc&sub2=datingmail&sub3=&sub4=&s... HTTP 302
    https://click.genesistracker.xyz/click?pid=12190&offer_id=7193&clickid=6410cf3ea48206000113fc52 HTTP 302
    https://justlarge.com/dc?s1=vw_cprk&oid=62887_62886&s3=12190&s2=6410cf3e1c3a13000116bcf2&s4=&lb=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

23
Requests

100 %
HTTPS

77 %
IPv6

12
Domains

15
Subdomains

10
IPs

2
Countries

292 kB
Transfer

773 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutt.us/WXJzc Page URL
  2. http://hottopnow.com/yWnHPbJR?sub_id_2=datingmail HTTP 302
    https://go.cod10.xyz/click?pid=6893&offer_id=3296&sub1=3g28qkl3cvrc&sub2=datingmail&sub3=&sub4=&sub5= HTTP 302
    https://click.genesistracker.xyz/click?pid=12190&offer_id=7193&clickid=6410cf3ea48206000113fc52 HTTP 302
    https://justlarge.com/dc?s1=vw_cprk&oid=62887_62886&s3=12190&s2=6410cf3e1c3a13000116bcf2&s4=&lb=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
WXJzc
cutt.us/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cutt.us/WXJzc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.122 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US),
Reverse DNS
Software
Hotcores.com /
Resource Hash
092eb3002ace5bb8e679992a5e7ad0c51979be209e26e04db7b5f3f635b97a12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Date
Tue, 14 Mar 2023 19:42:02 GMT
I-AM
Beta
Pragma
no-cache
Server
Hotcores.com
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex, nofollow
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cutt.us
URL: https://cutt.us/WXJzc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e9b3396a8ee0c1070b71e0db2ff31e5a84efa31c187eecc6ae92eb74a9c0b0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27319
x-xss-protection
0
server
sffe
etag
"1511 / 878 of 1000 / last-modified: 1678821937"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 14 Mar 2023 19:47:08 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Requested by
Host: cutt.us
URL: https://cutt.us/WXJzc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
10286cef920ffaac4a9124c1fcd904e6a1df55abe417c41a28d1f9106c954af7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:47:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44662
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:14:23 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Mar 2023 19:47:08 GMT
pubads_impl_2023030901.js
securepubads.g.doubleclick.net/gpt/ 		395 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2940fc3e4be1c44c42429926fd8144235bee8fde8e590386bc0b8900482b82d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 18:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4072
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136293
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 09:39:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Mar 2024 18:39:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		29 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9485e103a1f890385ba2aeab76aa5b1c5adcb872527ea4ad64492edc137a4814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:47:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
expires
Tue, 14 Mar 2023 19:47:08 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Mar 2023 18:47:24 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3584
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 14 Mar 2023 20:47:24 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cutt.us
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		651 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839633282962097&correlator=1492981651519688&eid=31072854&output=ldjh&gdfp_req=1&vrg=2023030901&ptt=17&impl=fif&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&ifi=1&adks=1933368604&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1678823228618&lmt=1678823228&dlt=1678823228442&idt=138&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcutt.us%2FWXJzc&frm=20&vis=1&psz=300x63&msz=0x0&fws=128&ohw=0&ga_vid=1619411594.1678823229&ga_sid=1678823229&ga_hid=452080190&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b59f56a85bac942d47ebc6ac3cb4cd2e6523907140e33b33818fcb1d00731e4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:47:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutt.us
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9df0734fdf3314bd194ed21ba9a34526.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B2AC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9df0734fdf3314bd194ed21ba9a34526.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Mar 2023 19:47:08 GMT
expires
Wed, 13 Mar 2024 19:47:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=452080190&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2FWXJzc&ul=en-us&de=UTF-8&dt=WXJzc&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=256869338&gjid=1060629137&cid=1619411594.1678823229&tid=UA-31510493-1&_gid=1927316558.1678823229&_r=1&gtm=457e33d0&z=153360020
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cutt.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 19:47:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cutt.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request dc
justlarge.com/
Redirect Chain
  • http://hottopnow.com/yWnHPbJR?sub_id_2=datingmail
  • https://go.cod10.xyz/click?pid=6893&offer_id=3296&sub1=3g28qkl3cvrc&sub2=datingmail&sub3=&sub4=&sub5=
  • https://click.genesistracker.xyz/click?pid=12190&offer_id=7193&clickid=6410cf3ea48206000113fc52
  • https://justlarge.com/dc?s1=vw_cprk&oid=62887_62886&s3=12190&s2=6410cf3e1c3a13000116bcf2&s4=&lb=1
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://justlarge.com/dc?s1=vw_cprk&oid=62887_62886&s3=12190&s2=6410cf3e1c3a13000116bcf2&s4=&lb=1
Requested by
Host: cutt.us
URL: https://cutt.us/WXJzc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:28a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ddde9c3249fb9e4c32881fa1752eae65faaa6b607a531aff9b84d04fabe748d

Request headers

Referer
https://cutt.us/WXJzc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7a7f06e79ab741ef-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 14 Mar 2023 19:47:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAxccHfZVSOopl3mqWjOiwEUvy8RGPwvhd%2Frm6PElHh4NwOw3tN2%2BfAr7yVGyK8GvmOXX%2BGnbhkk04UgwCorN6t4D7K2NMWLR9y70OVppcaR6OZLE8Sgkq7QyK%2F%2FdpeNsP7RevBiuEhQmn0H"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-origin
*
content-length
0
date
Tue, 14 Mar 2023 19:47:10 GMT
location
https://justlarge.com/dc?s1=vw_cprk&oid=62887_62886&s3=12190&s2=6410cf3e1c3a13000116bcf2&s4=&lb=1
server
nginx
x-adjust-use-original-forwarded-for
1
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:47:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11262
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 19:47:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1EAA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
12601
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Mar 2023 16:17:07 GMT
expires
Wed, 13 Mar 2024 16:17:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6F21 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jqTBcL4lft_KrZgbTMrbGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cutt.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-jqTBcL4lft_KrZgbTMrbGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Mar 2023 19:47:08 GMT
expires
Tue, 14 Mar 2023 19:47:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js
pagead2.googlesyndication.com/bg/ Frame 1EAA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 01:51:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
64524
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14129
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Mar 2024 01:51:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6F21 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030901&jk=1839633282962097&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 1EAA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?H48BGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:47:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023030901&jk=1839633282962097&bg=!jY6ljtrNAAZKh9k7aoc7ADkAdvg8WqHENRuwq_Ia84_S9ZTjTe25Fd8eUkaH2lip3S8KUJFisk2oKscffGlM1nrOVSDWQJn3EXwCAAAAdlIAAAACaAEHCgDJs8Foj_VqmjdoYurURgGuufS_qHcEHBkYuL6W6mU9yWpPjgmESrzSg2mPjtL6aprRr6Qs4w8kcpuErnWQ-QcDqkdu4Xz8RoVl0Nz4MLcyvipGYpXMxtpZjOVUk3YN1-2EsdO0tcteOR1KsgzvQMzRKI3LPfKURJRwvd6L_H_WRDYG6pKsglk7JWgCBaL2XRfP2SjIa0qDMJF9EjDsPawhvawxs_sohe5IUlOker4tRzrzL1tuPs6IOF4uxOwc5bwahDbTehfDkFrImQKi33u7MxbsD7tAkn_RIAYNnYAHCXo8XsiAKaGLSycQvQZzjMnrsEMshXYdGC7x4sTjgLssAXgUrKI4uSHW95__8WUOM3pbDHpGlP7rrwF8bwJkm--1YfUEzzWLek53gNfuTqW-Tv-6g0AegIHWpASRw2Hd7XlH_cZCfpIXym6LSWAL7-1N7r2gJhvBwh5C_gOoNGkR43Rtpgk9z8TCL8Ji1ErlJnprMvRl8gFP4zHxR1rARCY-Cjt6Gqy6JEOVEKwk18vp7prRvh3wUmmmfggsQIUrKr9B3z7sAhpXbrjhB5ytWHd0ZvYkvjNfqkwQ5p8t47YcGaaHIG1pLrQEdPgodrXGOgvJaaJ8pMyJ0zJL7E84pCydDVabVQsqY7nNNuLkvaA6ErcvdVVhgUO7t2ERvTaSIC7dk7BYLkix93VJozYksWczyaKZ6R3oXuNK-GDCNkJ2E3-JcKihnC12i-_Q0SOCPEsvZIWbhsoxgYeEirIOPlkp2I8DPU9H9AMDIow15ASaabpl0Qq_Mlkt7eSzjw1RPDF7XhQm1ZRlSPxpdEJmLrRwLybiAURbUs4ZMZUlBMbRBeK5Dm3v_00TR7XZoq72ZXf_-NqjuPuiIsxSq5_U9YSr-awtSB1i3D5At5lS1oxwX2KnnZAyr_bT_Rgp24qSIgr5KwqWxW0WQ_fhfo5nhTHv9deCGl2bcloZ0wy3cZ1FPwjlVMX7xwLMad4qt7jKnyLHh1yEqUNTSVfUS8hvpaDPYF_7IpUVe5a5wft_ptdZjqZvx_3TXGivl_ubyOy3g0Q-IUlkqbRBziU2m_eoV7DXQxGDDKIUXVC0TUjl6XUstAt9hPUQIo-aWM1yxsUi5hQHASMqqfsCGaJvea98zAot0g--O8KbWJQr2dDDdV4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
analytics_d2e_pp.js
svntrk.com/assets/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://svntrk.com/assets/analytics_d2e_pp.js?r=e0e826b5-f79b-4e5d-9055-5050fb1d1928-8-0323&c=vw_cprk&p=12190&s=&s2=6410cf3e1c3a13000116bcf2&s5=&lbid=&lb=1&lbcid=&dmn=justlarge.com&rot=&bt=&fwbid=99515
Requested by
Host: justlarge.com
URL: https://justlarge.com/dc?s1=vw_cprk&oid=62887_62886&s3=12190&s2=6410cf3e1c3a13000116bcf2&s4=&lb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:523e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:47:12 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FI%2FLyvId9pIRgr36w%2BV5hrEbYFwwvmvvFXTx%2FAf0qc18rPS19O7a9jDoElJ0J4i7ifHoS5B402YX3EMwy%2FTGJ4awSaP458draFTd0xjZXiC6HrF0seK5l1bMuuSobVKn9l%2BmM7NJdQA"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, private
cf-ray
7a7f06ef9e484205-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
invisible.js
justlarge.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 75C3 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://justlarge.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678809600
Requested by
Host: cutt.us
URL: https://cutt.us/WXJzc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:28a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f963e2331158e92a970061019f6f7c2e6a4d752220aaca9f7317da786e349b48

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:47:11 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fd2nyzhSEVa0wlqDnQvWS%2BshcclimY51m6jGcJgexIQioqzbePa5U5HIqG6irtw7divVpR2L0Sxfw82SLY3EowqL231SnuYyAePFUa0we%2B2bvYPrMpd%2F0X%2Bw7euhLyTIuQOcNqdGwbsBuuVM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a7f06ef6c9141ef-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
justlarge.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 75C3 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://justlarge.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: justlarge.com
URL: https://justlarge.com/dc?s1=vw_cprk&oid=62887_62886&s3=12190&s2=6410cf3e1c3a13000116bcf2&s4=&lb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:28a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a6afe8694cc1c1817938d8d55d2d40d3e90ded25640902d525f8823711590db

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:47:11 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwUxciWDRuGjtSo1mT5kkdjNlljFGtt53Z5Xh54Fmwqh%2F%2B06amuVfKbAU1BD1%2FDWwcQmt%2FTEHBvIjFTEyEl9VQY0GtoO1JLVxyL37TSk7vfTw0dvOmJDQ5FTWBei2r7%2FBLNSAvz4EFwwnsZ%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a7f06ef8cdec43b-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7a7f06e79ab741ef
justlarge.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 75C3 		2 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://justlarge.com/cdn-cgi/challenge-platform/h/b/cv/result/7a7f06e79ab741ef
Requested by
Host: justlarge.com
URL: https://justlarge.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678809600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:28a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Mar 2023 19:47:12 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pe19e%2Bjfq3EFG8s8P9R5FBw%2FM6nqiVwMqLYk5201brJWVsD4P%2FctcynxpOuSZSp%2BHx%2BSP%2BuHRv%2Fl0fVJ3I4Q%2FerKyCbtKCTN3impxFxvngasQGblj1JwIdi1vuB%2FdfAl58jDywq01B5PJD%2F5"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7a7f06f1cfafc43b-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| getLink function| loadScript

16 Cookies

Domain/Path Name / Value
.cutt.us/ Name: _ga
Value: GA1.2.1619411594.1678823229
.cutt.us/ Name: _gid
Value: GA1.2.1927316558.1678823229
.cutt.us/ Name: _gat_gtag_UA_31510493_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.cutt.us/ Name: __gads
Value: ID=423f6f9229e1e614:T=1678823228:S=ALNI_MaJFYYp0_h4jYf46nKPOxdNXunoBw
.cutt.us/ Name: __gpi
Value: UID=000009e8a153ccbb:T=1678823228:RT=1678823228:S=ALNI_MawAIo8I34d_9wJtxqdbPS5_o9LqQ
hottopnow.com/ Name: _subid
Value: 3g28qkl3cvrc
hottopnow.com/ Name: 6240c
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIxNTdcIjoxNjc4ODIzMjI5fSxcImNhbXBhaWduc1wiOntcIjY0M1wiOjE2Nzg4MjMyMjl9LFwidGltZVwiOjE2Nzg4MjMyMjl9In0.XIafFwbeJjhgVoliZ0KESRN1aYIAC7KYooCFoJgDJCU
hottopnow.com/ Name: _token
Value: uuid_3g28qkl3cvrc_3g28qkl3cvrc6410cf3dcc6725.63412572
go.cod10.xyz/ Name: afclick
Value: 6410cf3ea48206000113fc52
go.cod10.xyz/ Name: afoffers
Value: {"3296":1678823230}
click.genesistracker.xyz/ Name: afclick
Value: 6410cf3e1c3a13000116bcf2
click.genesistracker.xyz/ Name: afoffers
Value: {"7193":1678823230}
justlarge.com/ Name: sclick_uid
Value: e37107b6-a2ca-45d9-9573-ab8c00323609-8-0323
justlarge.com/ Name: SRVNAME
Value: s8
.justlarge.com/ Name: __cf_bm
Value: oj.bfdUgX2j3_aJ0ypMV7PKqt0vD2Wz5TVe5sqzjVk0-1678823232-0-Ad+7i8tEhctIHu6CohSVmc57S9kxuyzRcYHhrh2r3S0ImtpU8ChgVHYjYhKfz53IhCTmnMdvOv2LRtYrACUvWShIkb/tgMd9jwkfjxQtXx3liU04O5Syu8PJzPSeuOsZcQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9df0734fdf3314bd194ed21ba9a34526.safeframe.googlesyndication.com
adservice.google.com
click.genesistracker.xyz
cutt.us
go.cod10.xyz
hottopnow.com
justlarge.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
svntrk.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
2606:4700:3030::6815:28a7
2606:4700:3032::ac43:c788
2606:4700:3036::6815:523e
2607:f8b0:4006:809::2001
2607:f8b0:4006:80b::2002
2607:f8b0:4006:817::2002
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2008
2607:f8b0:4006:823::2004
2607:f8b0:4006:824::2002
35.204.59.16
69.61.26.122
80.89.238.69
092eb3002ace5bb8e679992a5e7ad0c51979be209e26e04db7b5f3f635b97a12
10286cef920ffaac4a9124c1fcd904e6a1df55abe417c41a28d1f9106c954af7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2940fc3e4be1c44c42429926fd8144235bee8fde8e590386bc0b8900482b82d2
2ddde9c3249fb9e4c32881fa1752eae65faaa6b607a531aff9b84d04fabe748d
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
9485e103a1f890385ba2aeab76aa5b1c5adcb872527ea4ad64492edc137a4814
9a6afe8694cc1c1817938d8d55d2d40d3e90ded25640902d525f8823711590db
9e9b3396a8ee0c1070b71e0db2ff31e5a84efa31c187eecc6ae92eb74a9c0b0c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b59f56a85bac942d47ebc6ac3cb4cd2e6523907140e33b33818fcb1d00731e4b
f963e2331158e92a970061019f6f7c2e6a4d752220aaca9f7317da786e349b48