thedateflirtings.life Open in urlscan Pro
185.155.184.6 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec
Effective URL:
https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
Submission: On July 09 via api (July 9th 2024, 10:46:05 pm UTC) from US — Scanned from NL

Summary HTTP 59 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 21 domains to perform 59 HTTP transactions. The main IP is 185.155.184.6, located in Switzerland and belongs to AS-6898 C41.CH SAGL - LUGANO Data Center, CH. The main domain is thedateflirtings.life.
TLS certificate: Issued by R11 on July 5th 2024. Valid for: 3 months.

This is the only time thedateflirtings.life was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 12	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6811:f9cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	31.220.24.142 31.220.24.142	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	34.141.137.168 34.141.137.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	185.162.87.41 185.162.87.41	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	172.67.169.237 172.67.169.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	99.80.160.149 99.80.160.149	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:9000:225... 2600:9000:225b:5c00:1:3a28:62c0:93a1	16509 (AMAZON-02) (AMAZON-02)
16	185.155.184.6 185.155.184.6	6898 (AS-6898 C...) (AS-6898 C41.CH SAGL - LUGANO Data Center)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
59	18

12 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lookthewomen.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sp.lookthewomen.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f9cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.24.142 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: mailer.lookadatemail.com

pwrgrowthapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.141.137.168 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.137.141.34.bc.googleusercontent.com

r.go2offer-1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.goaffmy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.162.87.41 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

omgtds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.169.237 (United States)

ASN13335 (CLOUDFLARENET, US)

queitho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

oacenom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.160.149 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-160-149.eu-west-1.compute.amazonaws.com

trk.wdacashtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225b:5c00:1:3a28:62c0:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

vtrack.wdavtrk2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.155.184.6 (Switzerland)

ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH)

thedateflirtings.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	thedateflirtings.life thedateflirtings.life	605 KB
12	lookthewomen.online 1 redirects lookthewomen.online sp.lookthewomen.online	78 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1094 c.clarity.ms — Cisco Umbrella Rank: 1823 x.clarity.ms — Cisco Umbrella Rank: 9138	28 KB
5	queitho.com queitho.com	9 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	415 KB
3	gstatic.com fonts.gstatic.com	79 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 102 region1.google-analytics.com — Cisco Umbrella Rank: 2949	21 KB
2	wdavtrk2.com 2 redirects vtrack.wdavtrk2.com	1 KB
2	go2offer-1.com 2 redirects r.go2offer-1.com — Cisco Umbrella Rank: 336348	531 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 208	405 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1271	16 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	2 KB
1	wdacashtrk.com 1 redirects trk.wdacashtrk.com	2 KB
1	oacenom.com oacenom.com — Cisco Umbrella Rank: 557650	1 KB
1	goaffmy.com 1 redirects r.goaffmy.com	351 B
1	omgtds.com 1 redirects omgtds.com — Cisco Umbrella Rank: 977135	380 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 379	774 B
1	google.de www.google.de — Cisco Umbrella Rank: 6500	63 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3576
1	pwrgrowthapi.com pwrgrowthapi.com — Cisco Umbrella Rank: 408763	31 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 423	22 KB
59	21

	Domain	Requested by
16	thedateflirtings.life	queitho.com thedateflirtings.life
9	lookthewomen.online	1 redirects lookthewomen.online
5	queitho.com	lookthewomen.online queitho.com
5	www.googletagmanager.com	lookthewomen.online www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
3	sp.lookthewomen.online	lookthewomen.online
2	vtrack.wdavtrk2.com	2 redirects
2	r.go2offer-1.com	2 redirects
2	x.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.clarity.ms	lookthewomen.online www.clarity.ms
2	unpkg.com	1 redirects lookthewomen.online
2	fonts.googleapis.com	lookthewomen.online thedateflirtings.life
1	trk.wdacashtrk.com	1 redirects
1	oacenom.com	queitho.com
1	r.goaffmy.com	1 redirects
1	omgtds.com	1 redirects
1	c.bing.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	lookthewomen.online
1	region1.analytics.google.com	www.googletagmanager.com
1	pwrgrowthapi.com	unpkg.com lookthewomen.online
1	cdn.jsdelivr.net	lookthewomen.online
59	25

This site contains no links.

Subject Issuer	Validity	Valid
lookthewomen.online GTS CA 1P5	`2024-05-19` - `2024-08-17`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
pwrgrowthapi.com R11	`2024-06-23` - `2024-09-21`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.de WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
queitho.com WE1	`2024-07-09` - `2024-10-07`	3 months	crt.sh
oacenom.com WE1	`2024-06-28` - `2024-09-26`	3 months	crt.sh
thedateflirtings.life R11	`2024-07-05` - `2024-10-03`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
Frame ID: B47F8A1585B55925AB0C7C5FA2B08A5D
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loveme

Page URL History Show full URLs

http://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec HTTP 307
https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec Page URL
https://lookthewomen.online/ HTTP 302
https://r.go2offer-1.com/click?offer_id=2234&pid=1698 HTTP 302
https://r.go2offer-1.com/click?pid=1698&offer_id=3678&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&sub7=&sub8= HTTP 302
https://omgtds.com/c1/b30bdb65-5c08-49a9-8082-5c8ea9af818f?aff=1698&source=&externalId=668dbdaa... HTTP 302
https://r.goaffmy.com/click?pid=14148&offer_id=5024&sub1=cq6rrah371ks01n3mtl0&sub2=1698_&sub3=1698... HTTP 302
https://queitho.com/client?camp=s39&aff_id=10&source=1698&aff_sub=1698_&aff_sub2=trafficback&cli... Page URL
https://trk.wdacashtrk.com/aff_c?offer_id=1171&aff_id=15234&aff_click_id=8057f34b-36b6-4ba1-b662-212efd... HTTP 302
https://vtrack.wdavtrk2.com/a96179f3-7c30-4554-9e8c-872ef4a047de?affiliate_id=15234&offer_id=1171&transa... HTTP 307
https://vtrack.wdavtrk2.com/a96179f3-7c30-4554-9e8c-872ef4a047de/2?affiliate_id=15234&offer_id=1171&tran... HTTP 302
https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

59
Requests

95 %
HTTPS

50 %
IPv6

21
Domains

25
Subdomains

18
IPs

6
Countries

1307 kB
Transfer

2347 kB
Size

38
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec HTTP 307
https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec Page URL
https://lookthewomen.online/ HTTP 302
https://r.go2offer-1.com/click?offer_id=2234&pid=1698 HTTP 302
https://r.go2offer-1.com/click?pid=1698&offer_id=3678&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&sub7=&sub8= HTTP 302
https://omgtds.com/c1/b30bdb65-5c08-49a9-8082-5c8ea9af818f?aff=1698&source=&externalId=668dbdaacc08810001a810ba&sub2=&sub3=1698&pp=1 HTTP 302
https://r.goaffmy.com/click?pid=14148&offer_id=5024&sub1=cq6rrah371ks01n3mtl0&sub2=1698_&sub3=1698&sub5=668dbdaacc08810001a810ba&sub8=&sub4=|s_cq6rrah371ks01n3mtl0&sub7= HTTP 302
https://queitho.com/client?camp=s39&aff_id=10&source=1698&aff_sub=1698_&aff_sub2=trafficback&click_id=668dbdaafe9e970001c743b5 Page URL
https://trk.wdacashtrk.com/aff_c?offer_id=1171&aff_id=15234&aff_click_id=8057f34b-36b6-4ba1-b662-212efdd9dea3&source=px1010 HTTP 302
https://vtrack.wdavtrk2.com/a96179f3-7c30-4554-9e8c-872ef4a047de?affiliate_id=15234&offer_id=1171&transaction_id=1025c743937f0cbf11a1722e7301aa&email={email} HTTP 307
https://vtrack.wdavtrk2.com/a96179f3-7c30-4554-9e8c-872ef4a047de/2?affiliate_id=15234&offer_id=1171&transaction_id=1025c743937f0cbf11a1722e7301aa&email={email} HTTP 302
https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec HTTP 307
https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec

Request Chain 13

https://unpkg.com/@growthbook/growthbook/dist/bundles/esm.min.js HTTP 302
https://unpkg.com/@growthbook/growthbook@1.1.0/dist/bundles/esm.min.js

Request Chain 29

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5AF7CE46AD65428FB096C95969639255&RedC=c.clarity.ms&MXFR=0133219849036CCE3A6C352F4D036224 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5AF7CE46AD65428FB096C95969639255&MUID=1E0CE5524DD56B9102B2F1E54C826AEC

Request Chain 32

https://lookthewomen.online/ HTTP 302
https://r.go2offer-1.com/click?offer_id=2234&pid=1698 HTTP 302
https://r.go2offer-1.com/click?pid=1698&offer_id=3678&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&sub7=&sub8= HTTP 302
https://omgtds.com/c1/b30bdb65-5c08-49a9-8082-5c8ea9af818f?aff=1698&source=&externalId=668dbdaacc08810001a810ba&sub2=&sub3=1698&pp=1 HTTP 302
https://r.goaffmy.com/click?pid=14148&offer_id=5024&sub1=cq6rrah371ks01n3mtl0&sub2=1698_&sub3=1698&sub5=668dbdaacc08810001a810ba&sub8=&sub4=|s_cq6rrah371ks01n3mtl0&sub7= HTTP 302
https://queitho.com/client?camp=s39&aff_id=10&source=1698&aff_sub=1698_&aff_sub2=trafficback&click_id=668dbdaafe9e970001c743b5

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

45fc4322b5c7035d0144bda7e23c08ec Show response
lookthewomen.online/single/login/
Redirect Chain

http://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec
https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec

11 KB
5 KB

106ms
67ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

823cea2501d230b3fdbe8fc098704a552ab4beb767c48990a59b87beca667ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a0bd8fa0c0c5d91-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 09 Jul 2024 22:46:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HdO84TZyqlu3ewlGinTkFmbcQBpfAtvAgK4HFk07mAgkZROzXyR3aLgk9H5O8dYAvQJblUiLQ4tM9jb8RiSnDeR1z3RynOz5%2Fl0Kg6OSfG2jM%2FAaGaR5jWcj6%2BOJ6jY6gacVHEXD"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

Location: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 88ms
33ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: lookthewomen.online
URL: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 22:46:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jul 2024 22:46:00 GMT

GET
H3 200 style.css
lookthewomen.online/fav/lw/css/ 15 KB
5 KB 52ms
52ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lookthewomen.online/fav/lw/css/style.css
Requested by: Host: lookthewomen.online
URL: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c67876e8f1084758f1e18be9c2a06783986991a062ccf6e20ef5a00497bb6b57

Request headers

Referer: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 09 Apr 2024 10:07:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 240926
etag: W/"6615136d-3dbc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LRbg8n6Pcb42rt6fc13YMGaFY5ByRb2hL30aI56k0Fh0VRsZJ3rMx9r7S3%2FcwgOfimrM%2F%2FkqrOfAba6zPRTyz7wrwgyfw0ARQICaU3j7l7d0SYlEIdN4MZSvQMlF%2BRM6IvpHOR9G"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8a0bd8fa9c635d91-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 07 Jul 2025 03:50:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 162ms
91ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-166266073-1

Requested by

Host: lookthewomen.online
URL: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ad8b0d841442ed78801aee0bfc1d6479676456035eff4b2a088e9347c75455d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77053
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 21:32:42 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 22:46:00 GMT

GET
H3 200 jquery-3.3.1.min.js Show response
lookthewomen.online/fav/lw/js/ 85 KB
35 KB 33ms
33ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lookthewomen.online/fav/lw/js/jquery-3.3.1.min.js
Requested by: Host: lookthewomen.online
URL: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6

Request headers

Referer: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 09 Apr 2024 10:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4779726
etag: W/"6615136e-15339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BIu4n1%2FiHlvWl9vdHqLfJpMZmhWjg3GNcKJneR2JuSY1R%2F04V3qEvPkvLGfGFmPkdeEVmA0IqzVmzLlCRshgTuGwBSii5JRW3nabeUtmUTsoqmfGvUXEUwoenS5sAT2XkoeSEYX6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 8a0bd8fa9c675d91-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 15 May 2025 15:03:54 GMT

GET
H3 200 main.js Show response
lookthewomen.online/js/ 3 KB
2 KB 36ms
35ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lookthewomen.online/js/main.js?91
Requested by: Host: lookthewomen.online
URL: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aca565aa096787fac4edefdc1d09138cf3103652a4bb52e2f03e77daa84635d

Request headers

Referer: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 09 Apr 2024 10:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4779725
etag: W/"6615136e-ab5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Us1Z1wytoPpFxqiy98nzZd5jrtV1F5M6zPNIHg4%2BujO4Fzyw8RYmrsS4suAYZZGPTSu%2Fnc57eCj0VhGiPkrNvdvpKoRaOGHn8ZgFEUyQCtER1bMTTAJfxJ3GSM9vIAuPAKjpbJv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 8a0bd8fb2cdd5d91-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 15 May 2025 15:03:55 GMT

GET
H3 404 main.js
lookthewomen.online/fav/lw/js/ 0
0 57ms
57ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lookthewomen.online/fav/lw/js/main.js?91
Requested by: Host: lookthewomen.online
URL: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Rf%2FeI1onqpw8sEQfUA2PAR1WjcAPEyTmYL5%2Btp3WiVQ5YzCwPDCmDU7cr9RzW8LSwUxzyJyn6mCsbmXeGBqkrdvMppmHj%2BejQmWWkFE45FbZBQsDoQAX%2BF5bjaZOH4o%2BM40geYT"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8a0bd8fb2cdf5d91-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 script.js Show response
lookthewomen.online/fav/lw/js/ 4 KB
2 KB 33ms
33ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lookthewomen.online/fav/lw/js/script.js?91
Requested by: Host: lookthewomen.online
URL: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 694d64d6d19470940bbe858f8184d4a3a95cb9826cb6227ebeaf5ae67436f9cc

Request headers

Referer: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 09 Apr 2024 10:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 240926
etag: W/"6615136e-f1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wELMsLmObcTGkm2Fi1c0szYg0CZrvROtuWGSl5LWKIhlpIm2bwTVvhOgrYKgnXA44VfP0Tb%2BqFdjwqsiq067Xtqm1R9PrTRdQk39Pn28FEOZ%2Bnlwq5CO5RmEt%2Fdb0XrxIFlmrXOk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 8a0bd8fb2ce35d91-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 07 Jul 2025 03:50:34 GMT

GET
H2 200 index.js Show response
cdn.jsdelivr.net/npm/@growthbook/growthbook/dist/bundles/ 100 KB
22 KB 146ms
48ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@growthbook/growthbook/dist/bundles/index.js

Requested by

Host: lookthewomen.online
URL: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

744f481d39032dc24f2ab76f19ad66afeb06e14e09d4d2200d9104a98bb0903b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jul 2024 22:46:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 31305
x-jsd-version: 1.1.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22030
x-served-by: cache-fra-eddf8230076-FRA, cache-mad2200136-MAD
x-jsd-version-type: version
etag: W/"18f14-hAUyrA13Haeyt9a289uF29CXUfk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 sp.js Show response
lookthewomen.online/js/ 73 KB
27 KB 34ms
34ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lookthewomen.online/js/sp.js
Requested by: Host: lookthewomen.online
URL: https://lookthewomen.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d3d84e73da67922341950d1542a5a5da2420ea18026e314a9aec22f631e4246

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 09 Apr 2024 10:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4779725
etag: W/"6615136e-12240"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LkcY5SaT20p8Uq9SbrpXbpb%2FxCHyDI2F7Z%2BiWBL8Vx8NLp5X3zNfxw94mdhWLl423HGT2sDlemG4rLax5fBatqKkdJeSFh0O4xbMvaYYpIlRmBHUijgdwyibpJW5z%2BoEgbru%2FeTY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 8a0bd8fb2ce45d91-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 15 May 2025 15:03:55 GMT

OPTIONS
H3 200 tp2
sp.lookthewomen.online/com.snowplowanalytics.snowplow/ 0
0 116ms
53ms Preflight 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.lookthewomen.online/com.snowplowanalytics.snowplow/tp2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://lookthewomen.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://lookthewomen.online
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a0bd8fbfd853a43-FRA
content-length: 0
date: Tue, 09 Jul 2024 22:46:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MwhGi%2B451liO9AXPxVMVUTiz2NHezdGlQEL%2B%2F6YU0d%2BmdO%2FnN9%2BbW6%2BM%2BOsMfRnqgETazBfkXwHzZK5B%2Fg7ValsAlRernJCLHIScYDb4pgePR1t2uMkrXnZygWxtbyhUoIraITge%2Byrc"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H3 200 tp2 Show response
sp.lookthewomen.online/com.snowplowanalytics.snowplow/ 2 B
633 B 63ms
37ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.lookthewomen.online/com.snowplowanalytics.snowplow/tp2
Requested by: Host: lookthewomen.online
URL: https://lookthewomen.online/js/sp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jj4Tfi%2FRi%2BRnYgAhmLMWFfXlwvYj1BbY%2FnMpGD5E9SDktyk4v0ddepbvRLF89R8w8TVKCnLJPsv1XYHN6Wb02KzY1hXn9nvjMovp7y3qVRxkA0fVy1LdSmHVMY8WTN76m6v%2F%2F3B5wxlO"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookthewomen.online
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 8a0bd8fc68172bce-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 212 KB
75 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX

Requested by

Host: lookthewomen.online
URL: https://lookthewomen.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7dbb1c6491c8765c5b462a9656f9b443fad8cb427fef8442cf3bc74ec931c328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76090
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 21:32:42 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 22:46:00 GMT

GET
H2

200

esm.min.js Show response
unpkg.com/@growthbook/growthbook@1.1.0/dist/bundles/
Redirect Chain

https://unpkg.com/@growthbook/growthbook/dist/bundles/esm.min.js
https://unpkg.com/@growthbook/growthbook@1.1.0/dist/bundles/esm.min.js

39 KB
16 KB

32ms
32ms

Script
application/javascript

2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@growthbook/growthbook@1.1.0/dist/bundles/esm.min.js

Requested by

Host: lookthewomen.online
URL: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec

Protocol

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abeac977412353f839a68ee3e70a11c889acc5115e27eec1d3d2754d6fc6a14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 689397
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J1R9AYC0AYSXSR29CZCMB2Z3-fra
server: cloudflare
etag: "9c37-gkmz2JwWxugtnK30oniYqXpXI2I"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a0bd8fc19b9194d-FRA

Redirect headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J2CTJD3X2MSBPC8NJA9V93JK-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 238
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@growthbook/growthbook@1.1.0/dist/bundles/esm.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8a0bd8fbd987194d-FRA

GET
H2 200 sdk-KJYgHm9pSDpLfmzG Show response
pwrgrowthapi.com/api/features/ 31 KB
31 KB 64ms
28ms Fetch
application/json 31.220.24.142
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pwrgrowthapi.com/api/features/sdk-KJYgHm9pSDpLfmzG
Requested by: Host: unpkg.com
URL: https://unpkg.com/@growthbook/growthbook@1.1.0/dist/bundles/esm.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.24.142 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS: mailer.lookadatemail.com
Software: nginx/1.22.1 / Express
Resource Hash: 42754e6e598ae70c0c571d629bef56c1bb80c94237d734cbce058f905eb37ecd

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-sse-support: enabled
date: Tue, 09 Jul 2024 22:46:00 GMT
server: nginx/1.22.1
x-powered-by: Express
etag: W/"7b0e-SNqzUDi44QmB1PL6gWVm0Oo0E1g"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-sse-support
content-length: 31502

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
101 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7W6GLM2DR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7b95e060f3b9de1dc390f2e0e34bdbc2009cbedac823bda6b0ca8b59495dbc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jul 2024 22:46:00 GMT

GET
H2 200 bvsqia2v2y Show response
www.clarity.ms/tag/ 655 B
1019 B 247ms
179ms Script
application/x-javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/bvsqia2v2y
Requested by: Host: lookthewomen.online
URL: https://lookthewomen.online/single/login/45fc4322b5c7035d0144bda7e23c08ec
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 995eca61afa2c355a57ce29bb3ebe616e631d91f12bead679bdf185067407f47

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Tue, 09 Jul 2024 22:46:00 GMT
x-azure-ref: 20240709T224600Z-16688478745wzh6l0nys2h6g5s00000008zg0000000032wz
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 655
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-166266073-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a572fd131df07e445620f8c3c07d1beec6527af20b0cc559557846626446a569

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77033
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 21:32:42 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 22:46:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
89 KB 77ms
77ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1008R4LXMB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166266073-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8dd14a8d1c36876b7181bcf109d709d91a42d745540225f226fb8134d77ad431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90636
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jul 2024 22:46:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 56ms
25ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166266073-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jul 2024 22:34:59 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 661
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 10 Jul 2024 00:34:59 GMT

POST
H3 200 tp2 Show response
sp.lookthewomen.online/com.snowplowanalytics.snowplow/ 2 B
589 B 47ms
46ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.lookthewomen.online/com.snowplowanalytics.snowplow/tp2
Requested by: Host: lookthewomen.online
URL: https://lookthewomen.online/js/sp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W2L7enjduREBAfurjzCnPHrltiTa6d79f9CNOxnCNnp01fgaI81ipe%2BehG06Qcs7WZbaefieFVCr%2BU%2FvCVifcsWYRn2rTHcX72IhMd3IEGPciC2X5RV4p7z16AZhs9qktP58AcD7jrsI"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookthewomen.online
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 8a0bd8fcb8412bce-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

GET sdk-KJYgHm9pSDpLfmzG
pwrgrowthapi.com/sub/ 0
0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 19ms
18ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1574954895&t=pageview&_s=1&dl=https%3A%2F%2Flookthewomen.online%2F&ul=nl-nl&de=UTF-8&dt=LookAWoman.com%20-%20search%20all%20best%20free%20online%20dating%20sites&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1865108370&gjid=1876996537&cid=1803605928.1720565160&tid=UA-166266073-1&_gid=1911071994.1720565160&_r=1&gtm=457e4730za200zb840511593&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=852708775

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 22:46:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lookthewomen.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 106ms
18ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q7W6GLM2DR&gtm=45je4730v888036880z8840511593za200zb840511593&_p=1720565160171&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1803605928.1720565160&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720565160&sct=1&seg=0&dl=https%3A%2F%2Flookthewomen.online%2F&dt=LookAWoman.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=page_view&_fv=1&_ss=1&tfd=541&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q7W6GLM2DR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 22:46:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lookthewomen.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 110ms
22ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=1803605928.1720565160&gtm=45je4730v888036880z8840511593za200zb840511593&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q7W6GLM2DR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 22:46:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lookthewomen.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 118ms
33ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=1803605928.1720565160&gtm=45je4730v888036880z8840511593za200zb840511593&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0&z=1772752461

Requested by

Host: lookthewomen.online
URL: https://lookthewomen.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 22:46:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 108ms
22ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-166266073-1&cid=1803605928.1720565160&jid=1865108370&gjid=1876996537&_gid=1911071994.1720565160&npa=1&_u=YEBAAUAAAAAAACAAI~&z=734697046

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jul 2024 22:46:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lookthewomen.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 79ms
19ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1008R4LXMB&gtm=45je4730v9107162463za200&_p=1720565160171&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1803605928.1720565160&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1720565160&sct=1&seg=0&dl=https%3A%2F%2Flookthewomen.online%2F&dt=LookAWoman.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=page_view&_fv=1&_ss=1&tfd=570&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1008R4LXMB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 22:46:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lookthewomen.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 30ms
29ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/bvsqia2v2y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240709T224600Z-16688478745wzh6l0nys2h6g5s00000008zg0000000032xg
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: c94af730-101e-0028-09a2-cd4f73000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5AF7CE46AD65428FB096C95969639255&RedC=c.clarity.ms&MXFR=0133219849036CCE3A6C352F4D036224
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5AF7CE46AD65428FB096C95969639255&MUID=1E0CE5524DD56B9102B2F1E54C826AEC

42 B
442 B

30ms
29ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5AF7CE46AD65428FB096C95969639255&MUID=1E0CE5524DD56B9102B2F1E54C826AEC
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 22:46:00 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 09 Jul 2024 22:46:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FA83416A77384DCCB04DC9B96F5E59DB Ref B: AMS04EDGE1311 Ref C: 2024-07-09T22:46:00Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5AF7CE46AD65428FB096C95969639255&MUID=1E0CE5524DD56B9102B2F1E54C826AEC
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 favicon.ico
lookthewomen.online/ 1 KB
946 B 31ms
31ms Other
image/x-icon 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lookthewomen.online/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 616c7bef93a6dba87aa67abf2d5e2ee58ad885f1d588ce451fea2f9e08255931

Request headers

Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Apr 2024 10:07:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4793
etag: W/"6615136d-47e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xjlUjsEtfzqUbt%2BRaTo7JqmdZI1KzFU4OeiIRwBiGj1jfc8j0H3PjtRiEPjK%2FydyB7acBR%2BAAtA5r2WH6RRLiz3%2FSnUxJO3IjYGpkSS2B9ljQMjFz8geWVtr0CyaKf61U3zQKcJA"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 8a0bd8fe4f745d91-FRA
alt-svc: h3=":443"; ma=86400

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
283 B 307ms
100ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://lookthewomen.online
Date: Tue, 09 Jul 2024 22:46:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3

200

client Show response
queitho.com/
Redirect Chain

https://lookthewomen.online/
https://r.go2offer-1.com/click?offer_id=2234&pid=1698
https://r.go2offer-1.com/click?pid=1698&offer_id=3678&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=&sub7=&sub8=
https://omgtds.com/c1/b30bdb65-5c08-49a9-8082-5c8ea9af818f?aff=1698&source=&externalId=668dbdaacc08810001a810ba&sub2=&sub3=1698&pp=1
https://r.goaffmy.com/click?pid=14148&offer_id=5024&sub1=cq6rrah371ks01n3mtl0&sub2=1698_&sub3=1698&sub5=668dbdaacc08810001a810ba&sub8=&sub4=|s_cq6rrah371ks01n3mtl0&sub7=
https://queitho.com/client?camp=s39&aff_id=10&source=1698&aff_sub=1698_&aff_sub2=trafficback&click_id=668dbdaafe9e970001c743b5

6 KB
3 KB

90ms
52ms

Document
text/html

172.67.169.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://queitho.com/client?camp=s39&aff_id=10&source=1698&aff_sub=1698_&aff_sub2=trafficback&click_id=668dbdaafe9e970001c743b5

Requested by

Host: lookthewomen.online
URL: https://lookthewomen.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.169.237 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ba9f0c4744ca09b2cf58fb6881d06505cd8f4be8298c8ea6789d0a1d3b5e6bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://oacenom.com https://openfpcdn.io/fingerprintjs/v4; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://oacenom.com https://openfpcdn.io/fingerprintjs/v4
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lookthewomen.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400
cache-control: no-store no-store, no-cache
cf-cache-status: DYNAMIC
cf-ray: 8a0bd909ef031c60-FRA
content-encoding: br
content-security-policy: default-src 'self' https://oacenom.com https://openfpcdn.io/fingerprintjs/v4; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://oacenom.com https://openfpcdn.io/fingerprintjs/v4
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 09 Jul 2024 22:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ckJK7xdtk%2FYj53ogDEHMH6oNPJd78U6b5KUkwhjm5ow1GGahlioewAz2oC6Q4%2Brj5iJyLUR8STgjRWfSIZnLftt0H%2F4ZoQx%2Fm1HTNKq4JJu3e1y1lmSITVm%2FKWUJsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Tue, 09 Jul 2024 22:46:02 GMT
location: https://queitho.com/client?camp=s39&aff_id=10&source=1698&aff_sub=1698_&aff_sub2=trafficback&click_id=668dbdaafe9e970001c743b5
server: nginx
x-adjust-use-original-forwarded-for: 1

POST
H/1.1 204
No Content collect
x.clarity.ms/ 0
283 B 100ms
98ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: application/x-clarity-gzip
Referer: https://lookthewomen.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://lookthewomen.online
Date: Tue, 09 Jul 2024 22:46:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H3 201 ckset Show response
oacenom.com/ 117 B
1 KB 150ms
110ms Fetch
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oacenom.com/ckset

Requested by

Host: queitho.com
URL: https://queitho.com/client?camp=s39&aff_id=10&source=1698&aff_sub=1698_&aff_sub2=trafficback&click_id=668dbdaafe9e970001c743b5

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

559d7269f9b0ef8a8cae24fdedd8f7fa7e12cb733afaa9b8887b2842483225b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:02 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
content-length: 117
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"75-NSQmu9W+92wEpZEnmn2d6ZYuhz0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZQxhi1Vldisw%2FCAzKd1xy4d4%2Bg83cnaPxAzcYKLJoiL6qjgHdKrGpMQ5IX5lfTW2ApR2G05V5S0ZUXJvXd%2FlWBmzzPMGHVT91SRp7oncXlvz0Sc1J8o2%2BJCP%2BZeNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://queitho.com
origin-agent-cluster: ?1
access-control-allow-credentials: true
cf-ray: 8a0bd90af97571c5-FRA

GET
H3 404 favicon.ico
queitho.com/ 548 B
556 B 30ms
30ms Other
text/html 172.67.169.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://queitho.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:46:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 116
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6NCXFgX%2FtvH9BNZviLmPardGaxMN5ppAVEOnTMY8bfRnLIL9fqo3%2FTDpnus3k2ywVCCBv2z95biOiWt7567yEBt%2Bnb7LVZLhCljRW0MUddD6mO06QFjqRyYWlhlgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8a0bd90a6f5c1c60-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 201 visit Show response
queitho.com/ 753 B
2 KB 125ms
124ms Fetch
application/json 172.67.169.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://queitho.com/visit?aff_id=10&aff_sub=1698_&aff_sub2=trafficback&click_id=668dbdaafe9e970001c743b5&source=1698&ttype=direct&camp=s39&bstep=&sid=&efcn=custom-unknown&cntp=custom-unknown&sch=&scw=&vph=&vpw=&lt=

Requested by

Host: queitho.com
URL: https://queitho.com/client?camp=s39&aff_id=10&source=1698&aff_sub=1698_&aff_sub2=trafficback&click_id=668dbdaafe9e970001c743b5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.169.237 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab947cc0273b8a57c6cb88a19f7022a0121817449ec7c7f6c93f0ea044af26cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Jul 2024 22:46:02 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
content-length: 753
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"2f1-xz0OJzob0wA2a9QXsE08b/DpzA4"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZOvjPpyezgLj%2Bh5%2BkMkwArDQa4BGxTJmK%2FzdKVLQCpIQaoTHpdbY%2FX6GY2oMMri9PCaVzX2C4ujlAMwZfulcjma%2B0q7dMPI1UArFuF9%2FeuQhymgU24XsYPbxZOZwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-store, no-cache
cf-ray: 8a0bd90b58131c60-FRA

POST
H3 201 fl Show response
queitho.com/ 1 KB
2 KB 43ms
42ms Fetch
application/json 172.67.169.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://queitho.com/fl?aff_id=10&aff_sub=1698_&aff_sub2=trafficback&click_id=668dbdaafe9e970001c743b5&source=1698&ttype=non-target&camp=f20&sl_cid=8057f34b-36b6-4ba1-b662-212efdd9dea3_00f84904a032d18f920d4ed9163cd85b&bstep=&sid=s39&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=https%3A%2F%2Flookthewomen.online%2F&lt=

Requested by

Host: queitho.com
URL: https://queitho.com/client?camp=s39&aff_id=10&source=1698&aff_sub=1698_&aff_sub2=trafficback&click_id=668dbdaafe9e970001c743b5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.169.237 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a32d2ebca7c3abe581e62f56f98e3af23c44a2de3b18ea9c91a82a2bd5e3e2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Jul 2024 22:46:02 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
content-length: 1217
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"4c1-DZGg8yIxRlKH4KUL8oZxE/W1a4g"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DR6YjybHVy0YMJDvvMfJSrQPoSgSApsBQeeTF2AUrO39FRWjhfhB7JnGkiLxdTR24j034ZAgj2aDV5x7VUyeD9Z0F8SnHbX6TWdX4JLyQznljpgxGir4Rokfp4p1ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-store, no-cache
cf-ray: 8a0bd90c28cf1c60-FRA

POST
H3 201 ofp
queitho.com/ 148 B
1 KB 47ms
45ms Fetch
application/json 172.67.169.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://queitho.com/ofp?aff_id=10&aff_sub=1698_&aff_sub2=trafficback&click_id=668dbdaafe9e970001c743b5&source=1698&ttype=non-target&camp=f20&sl_cid=8057f34b-36b6-4ba1-b662-212efdd9dea3_00f84904a032d18f920d4ed9163cd85b&bstep=0&sid=s39&ofp_id=497&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=https%3A%2F%2Flookthewomen.online%2F&lt=0

Requested by

Host: queitho.com
URL: https://queitho.com/client?camp=s39&aff_id=10&source=1698&aff_sub=1698_&aff_sub2=trafficback&click_id=668dbdaafe9e970001c743b5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.169.237 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Jul 2024 22:46:02 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
content-length: 148
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"94-3TmWI2xDJ2BUdU63Ze133zMQKdA"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KcIIS%2F%2FW8jYchP5894TkUdx3zaCDWeAnvJ7i0cZxPgG%2F2ExbcSFeu0fRLhn1rAZDdGJv00fsQt155XjaI9pvnaEpBm%2FLVaK2eVuAFwHo7%2FWSRbRr970wFozTUiE6IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-store, no-cache
cf-ray: 8a0bd90c69011c60-FRA

GET
H/1.1

200
OK

Primary Request / Show response
thedateflirtings.life/
Redirect Chain

https://trk.wdacashtrk.com/aff_c?offer_id=1171&aff_id=15234&aff_click_id=8057f34b-36b6-4ba1-b662-212efdd9dea3&source=px1010
https://vtrack.wdavtrk2.com/a96179f3-7c30-4554-9e8c-872ef4a047de?affiliate_id=15234&offer_id=1171&transaction_id=1025c743937f0cbf11a1722e7301aa&email={email}
https://vtrack.wdavtrk2.com/a96179f3-7c30-4554-9e8c-872ef4a047de/2?affiliate_id=15234&offer_id=1171&transaction_id=1025c743937f0cbf11a1722e7301aa&email={email}
https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

5 KB
5 KB

254ms
182ms

Document
text/html

185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
Requested by: Host: queitho.com
URL: https://queitho.com/client?camp=s39&aff_id=10&source=1698&aff_sub=1698_&aff_sub2=trafficback&click_id=668dbdaafe9e970001c743b5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software: openresty /
Resource Hash: 42681e9ab31ecc8b8ad330f37781101694a822e2a53728d7e0ef1361a00d8d8a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 4931
Content-Type: text/html
Date: Tue, 09 Jul 2024 22:46:03 GMT
Server: openresty
cache-control: private

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Tue, 09 Jul 2024 22:46:03 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
pragma: no-cache
server: nginx
via: 1.1 f8d34d99bd5a267bad6857ae101ea8e2.cloudfront.net (CloudFront)
x-amz-cf-id: C7DDDZmMZLWRNjMRy5jh_q8wDD9hpHhYlSzLqM-2oRmkfkA-GEFL3g==
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 78ms
30ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0f801b749c46ed0906d0481cf7de681a0c5f29ecd12d1f5eecea75f7993b441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thedateflirtings.life/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jul 2024 22:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 22:46:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jul 2024 22:46:03 GMT

GET
H/1.1 200
OK style.css
thedateflirtings.life/media/dating/dirtysinder/css/ 16 KB
16 KB 32ms
31ms Stylesheet
text/css 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://thedateflirtings.life/media/dating/dirtysinder/css/style.css

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

9c0fba4352f346a81523df1f943addecb49b9f082cd6fee3962b1681a7fbd5f5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0ACC282B234CF
Connection: keep-alive
Content-Length: 15885
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 20 Feb 2023 09:31:06 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:30.645185Z
ETag: "fdf9ef7b632886c1ab15b32f6196cc81"
Vary: Origin, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1676843512#999936088/gid:0/gname:root/mode:33188/mtime:1655386830#645185000/uid:0/uname:root
Expires: Wed, 09 Jul 2025 22:46:03 GMT

GET
H/1.1 200
OK flag-icon.css
thedateflirtings.life/util/flag-icon/css/ 40 KB
40 KB 92ms
31ms Stylesheet
text/css 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://thedateflirtings.life/util/flag-icon/css/flag-icon.css

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0AC4BE22383F0
Connection: keep-alive
Content-Length: 40627
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 20 Feb 2023 09:36:38 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:14.684017Z
ETag: "0a47b937981e7389e3ebe63e4a503066"
Vary: Origin, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1676841679#813157920/gid:0/gname:root/mode:33188/mtime:1655386274#684017000/uid:0/uname:root
Expires: Wed, 09 Jul 2025 22:46:03 GMT

GET
H/1.1 200
OK js.cookie.js Show response
thedateflirtings.life/cookie/ 4 KB
5 KB 93ms
33ms Script
application/javascript 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://thedateflirtings.life/cookie/js.cookie.js

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0ABB9898563F3
Connection: keep-alive
Content-Length: 4264
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2023 15:19:53 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-07-21T10:00:37.354375Z
ETag: "a7e9883924072f15259de6888d5ef515"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1693134513#248036972/gid:0/gname:root/mode:33188/mtime:1658397637#354375000/uid:0/uname:root
Expires: Wed, 09 Jul 2025 22:46:03 GMT

GET
H/1.1 200
OK utils.js Show response
thedateflirtings.life/util/ 7 KB
8 KB 94ms
34ms Script
text/javascript 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://thedateflirtings.life/util/utils.js

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

a487d76bb55539f230c127ef33550d5c455ac0b67ca2b78b87452345bb0dc718

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0AC43012FA0CE
Connection: keep-alive
Content-Length: 7514
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 01 Jul 2024 09:08:58 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-01T09:08:58.408Z
ETag: "85a42b1d6c8769fce99fb44aefb041b0"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719824921#861045785/gid:0/gname:root/mode:33188/mtime:1719824938#357078843/uid:0/uname:root
Expires: Wed, 09 Jul 2025 22:46:03 GMT

GET
H/1.1 200
OK logo-loveme_black1.svg
thedateflirtings.life/media/dating/dirtysinder/images/ 4 KB
5 KB 94ms
33ms Image
image/svg+xml 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thedateflirtings.life/media/dating/dirtysinder/images/logo-loveme_black1.svg

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

3fd4d4a7fe6c0d2743ef52f04eddd31432c86c95fd79f39fe8bdffb7d8fba0b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0ACC29DD1BA59
Connection: keep-alive
Content-Length: 4449
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 21 Nov 2023 12:29:49 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:30.429185Z
ETag: "586f137204e47e4f50e5492ae49dd67c"
Vary: Origin, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1695223323#383566011/gid:0/gname:root/mode:33188/mtime:1655386830#429185000/uid:0/uname:root
Expires: Wed, 09 Jul 2025 22:46:03 GMT

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
thedateflirtings.life/media/dating/dirtysinder/js/ 84 KB
84 KB 95ms
34ms Script
text/javascript 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://thedateflirtings.life/media/dating/dirtysinder/js/jquery-2.2.4.min.js

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0ACC28D857044
Connection: keep-alive
Content-Length: 85578
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 01 Jul 2024 09:43:02 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-01T09:43:02.163Z
ETag: "2f6b11a7e914718e0290410e85366fe9"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1715611636#9341756/gid:0/gname:root/mode:33188/mtime:1719826982#109362281/uid:0/uname:root
Expires: Wed, 09 Jul 2025 22:46:03 GMT

GET
H/1.1 200
OK trls.js Show response
thedateflirtings.life/media/dating/dirtysinder/js/ 18 KB
18 KB 32ms
32ms Script
text/javascript 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://thedateflirtings.life/media/dating/dirtysinder/js/trls.js

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

93a93b5df3be25e67e3069683f81ff8797cf1080fea683c210121e52e9c120de

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0ACC291D86B6F
Connection: keep-alive
Content-Length: 18120
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 01 Jul 2024 09:43:02 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-01T09:43:02.153Z
ETag: "e2890586d95a3ceda7fe4deeb31e95cd"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719826982#149362368/gid:0/gname:root/mode:33188/mtime:1719826982#97362254/uid:0/uname:root
Expires: Wed, 09 Jul 2025 22:46:03 GMT

GET
H/1.1 200
OK main.js Show response
thedateflirtings.life/media/dating/dirtysinder/js/ 3 KB
4 KB 33ms
33ms Script
text/javascript 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://thedateflirtings.life/media/dating/dirtysinder/js/main.js

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

0982dadd535925cdc02610ef878d3cf9cdd9d74a9b0806cf8e8f6095d85d4f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0ACC28C5976ED
Connection: keep-alive
Content-Length: 3226
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 01 Jul 2024 09:43:02 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-01T09:43:02.027Z
ETag: "6426c23151365c9836c69e3a05ad0c0d"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1715611636#9341756/gid:0/gname:root/mode:33188/mtime:1719826981#969361974/uid:0/uname:root
Expires: Wed, 09 Jul 2025 22:46:03 GMT

GET
H/1.1 200
OK bb.js Show response
thedateflirtings.life/media/ 639 B
1 KB 34ms
34ms Script
application/javascript 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://thedateflirtings.life/media/bb.js

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0AC41EF0F5CCC
Connection: keep-alive
Content-Length: 639
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2023 15:21:05 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.852764Z
ETag: "0d553e4bac91c74bfee2dbabba61e99e"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1693134512#756035434/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root
Expires: Wed, 09 Jul 2025 22:46:03 GMT

GET
H/1.1 200
OK exit1.js Show response
thedateflirtings.life/media/exit-new/ 3 KB
4 KB 34ms
34ms Script
text/javascript 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://thedateflirtings.life/media/exit-new/exit1.js

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0AC43397ECD9B
Connection: keep-alive
Content-Length: 3473
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 21 Nov 2023 12:30:04 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z
ETag: "625e5e2950612f771e246beb33c9ea61"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1695223389#507714946/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root
Expires: Wed, 09 Jul 2025 22:46:03 GMT

GET
H/1.1 200
OK 1.jpg
thedateflirtings.life/media/dating/dirtysinder/images/ 142 KB
142 KB 34ms
34ms Image
image/jpeg 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thedateflirtings.life/media/dating/dirtysinder/images/1.jpg

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

37a751df9353725b7e06bec81bc5c9f42c77c21701e4717465a13f4df5c0540d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0ACC2A699598B
Connection: keep-alive
Content-Length: 144999
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2023 15:22:03 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:27.657179Z
ETag: "d7c3dbb1072324f863945d8511916660"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1693134505#144011613/gid:0/gname:root/mode:33188/mtime:1655386827#657179000/uid:0/uname:root
Expires: Wed, 09 Jul 2025 22:46:03 GMT

GET
H/1.1 200
OK 2.jpg
thedateflirtings.life/media/dating/dirtysinder/images/ 121 KB
122 KB 36ms
35ms Image
image/jpeg 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thedateflirtings.life/media/dating/dirtysinder/images/2.jpg

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

2949d919c1cbfea9a960e5a7a9fe4fe5086c1f9073c278d7e653980917a5a740

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0ACC2A9453100
Connection: keep-alive
Content-Length: 124409
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 20 Feb 2023 09:31:06 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:28.689181Z
ETag: "5dbe2191356b93f88f1d7bf68e119848"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1676843512#999936088/gid:0/gname:root/mode:33188/mtime:1655386828#689181000/uid:0/uname:root
Expires: Wed, 09 Jul 2025 22:46:03 GMT

GET
H/1.1 200
OK 3.jpg
thedateflirtings.life/media/dating/dirtysinder/images/ 146 KB
147 KB 37ms
32ms Image
image/jpeg 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thedateflirtings.life/media/dating/dirtysinder/images/3.jpg

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

8f31c428593d808f5dd1697233414338d03fdc0f7f88334ef3be339efc2ebda2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0ACC2A7BED39C
Connection: keep-alive
Content-Length: 149377
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 21 Nov 2023 12:29:49 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:28.841181Z
ETag: "1d9b9c419c00167969ce9b891aeb923b"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1695223323#347565929/gid:0/gname:root/mode:33188/mtime:1655386828#841181000/uid:0/uname:root
Expires: Wed, 09 Jul 2025 22:46:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 75ms
22ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thedateflirtings.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:41:41 GMT
x-content-type-options: nosniff
age: 47062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 09:41:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 83ms
31ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thedateflirtings.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:35:19 GMT
x-content-type-options: nosniff
age: 47444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 09:35:19 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 47 KB
47 KB 97ms
45ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thedateflirtings.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:34:00 GMT
x-content-type-options: nosniff
age: 47523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48336
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 09:34:00 GMT

GET
H/1.1 200
OK nl.svg
thedateflirtings.life/util/flag-icon/flags/4x3/ 380 B
1 KB 34ms
34ms Image
image/svg+xml 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thedateflirtings.life/util/flag-icon/flags/4x3/nl.svg

Requested by

Host: thedateflirtings.life
URL: https://thedateflirtings.life/util/flag-icon/css/flag-icon.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

e3305095b3544d76cbb66aab63bd7b3debd18ae41f8a7ca4df8fe0875b2bec4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedateflirtings.life/util/flag-icon/css/flag-icon.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0ACE68C97C44A
Connection: keep-alive
Content-Length: 380
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2023 15:26:17 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:45.79208Z
ETag: "c60ddf8b74c96f59ae869080ddc3dbb2"
Vary: Origin, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1693134513#304037147/gid:0/gname:root/mode:33188/mtime:1655386305#792080000/uid:0/uname:root
Expires: Wed, 09 Jul 2025 22:46:03 GMT

GET
H/1.1 204
No Content favicon.ico
thedateflirtings.life/ 0
136 B 31ms
31ms Other
text/plain 185.155.184.6
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL: https://thedateflirtings.life/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.155.184.6 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thedateflirtings.life/?u=dfd8eky&o=v81kaz1&m=1&cid=w1k819rt10ilvuj2jh6dbisi&t=15234
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:46:03 GMT
Cache-Control: no-transform
Server: openresty
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pwrgrowthapi.com
URL: https://pwrgrowthapi.com/sub/sdk-KJYgHm9pSDpLfmzG

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lookthewomen.online/	1970-01-21 06:41:41	Name: hashid Value: ea403c943161c621e3d45b15cfb69031
lookthewomen.online/	1970-01-21 06:41:41	Name: country Value: The+Netherlands
lookthewomen.online/	1970-01-21 06:41:41	Name: region Value: South+Holland
lookthewomen.online/	1970-01-21 06:41:41	Name: country_code Value: nl
lookthewomen.online/	1970-01-21 06:41:41	Name: city Value: Bergschenhoek
lookthewomen.online/	1970-01-21 06:41:41	Name: latitude Value: 51.9874
lookthewomen.online/	1970-01-21 06:41:41	Name: longitude Value: 4.4984
lookthewomen.online/	1970-01-21 07:32:05	Name: tour Value: 21
lookthewomen.online/	1970-01-20 21:56:06	Name: _sp_ses.66c3 Value: *
lookthewomen.online/	1970-01-21 07:32:05	Name: _sp_id.66c3 Value: 10e177f7-4d4e-4f70-bbc9-d6c4ff9d8865.1720565160.1.1720565160..6ef8fdf7-09ef-4947-82a6-69fb457741bc..e8a1be7d-02d6-418a-81f6-a528cb63b3b6.1720565160236.2
sp.lookthewomen.online/	1970-01-21 06:41:41	Name: sp Value: d273370b-0b4d-4655-84bb-ca073f9bd498
.lookthewomen.online/	1970-01-20 21:57:31	Name: _gid Value: GA1.2.1911071994.1720565160
.lookthewomen.online/	1970-01-20 21:56:05	Name: _gat_gtag_UA_166266073_1 Value: 1
.lookthewomen.online/	1970-01-21 07:32:05	Name: _ga Value: GA1.1.1803605928.1720565160
www.clarity.ms/	1970-01-21 06:41:41	Name: CLID Value: 9820e372b791405d9ccb7b019344cb8b.20240709.20250709
.lookthewomen.online/	1970-01-21 06:41:41	Name: _clck Value: 93hpui%7C2%7Cfnb%7C0%7C1651
.bing.com/	1970-01-21 07:17:41	Name: MUID Value: 1E0CE5524DD56B9102B2F1E54C826AEC
.c.bing.com/	1970-01-20 22:06:09	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:17:41	Name: SRM_B Value: 1E0CE5524DD56B9102B2F1E54C826AEC
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:17:41	Name: MUID Value: 1E0CE5524DD56B9102B2F1E54C826AEC
.c.clarity.ms/	1970-01-20 22:06:09	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:56:05	Name: ANONCHK Value: 0
.lookthewomen.online/	1970-01-20 21:57:31	Name: _clsk Value: ezyppf%7C1720565161081%7C1%7C1%7Cx.clarity.ms%2Fcollect
r.go2offer-1.com/	1970-01-21 06:41:41	Name: afclick Value: 668dbdaacc08810001a810ba
r.go2offer-1.com/	1970-01-21 06:41:41	Name: afoffers Value: {"3678":1720565162}
r.goaffmy.com/	1970-01-21 06:41:41	Name: afclick Value: 668dbdaafe9e970001c743b5
r.goaffmy.com/	1970-01-21 06:41:41	Name: afoffers Value: {"5024":1720565162}
.lookthewomen.online/	1970-01-21 07:32:05	Name: _ga_Q7W6GLM2DR Value: GS1.1.1720565160.1.0.1720565162.58.0.0
.lookthewomen.online/	1970-01-21 07:32:05	Name: _ga_1008R4LXMB Value: GS1.1.1720565160.1.0.1720565162.0.0.0
.oacenom.com/	1970-01-21 07:32:05	Name: mastidencook Value: 160ca9e5-baf7-44ee-b74d-a059826595ae_f1fe1991ab417505e2902e43cb90d204
.queitho.com/	1970-01-20 22:39:17	Name: browserLanguage Value: nl
.queitho.com/	1970-01-21 07:32:05	Name: userId Value: f10fdace-5ff4-481f-bd04-ffd7deb6c9bb_0b552414ab43c0f561ea345165cf6f74
trk.wdacashtrk.com/	1970-01-20 22:40:43	Name: enc_aff_session_1171 Value: ENC03d0c7e52831797152bcdd6ca1763f3ee9e86451f36c8c0a7dc51414800df7d0948a9813ffc3e42ee3941943d96ce1f18ee883456ce817839e374e2b6d4c44f09ac18b081851501518d23454b4b44e7ed4f5da87b3c36f2a754c9bc32e98cedabee434870086dcba3e304990d743abfc1f7912ca5b02750a4ce82dd2ac9e4e2155f00de766e9c92a85831e3e7055b2aa8936b808a6860a222dcf54243e0eaa97ea284cfd7e
trk.wdacashtrk.com/	1970-01-21 07:32:05	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJubC1OTCxubDtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.vtrack.wdavtrk2.com/	1970-01-20 21:57:31	Name: a96179f3-7c30-4554-9e8c-872ef4a047de-v4 Value: 7ad2fA4TA2eazMdnFMYC6lmcMKHNLqiUBK2jdS3EG08
.vtrack.wdavtrk2.com/	1970-01-21 06:41:41	Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22w1k819rt10ilvuj2jh6dbisi%22%2C%22caid%22%3A%22a96179f3-7c30-4554-9e8c-872ef4a047de%22%7D
thedateflirtings.life/	1969-12-31 23:59:59	Name: sid Value: t2~c4xvoen4rwlzhbiudhxin4c1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lookthewomen.online/fav/lw/js/main.js?91 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://queitho.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
lookthewomen.online
oacenom.com
omgtds.com
pwrgrowthapi.com
queitho.com
r.go2offer-1.com
r.goaffmy.com
region1.analytics.google.com
region1.google-analytics.com
sp.lookthewomen.online
stats.g.doubleclick.net
thedateflirtings.life
trk.wdacashtrk.com
unpkg.com
vtrack.wdavtrk2.com
www.clarity.ms
www.google-analytics.com
www.google.de
www.googletagmanager.com
x.clarity.ms
pwrgrowthapi.com
13.74.129.1
172.217.16.195
172.67.169.237
185.155.184.6
185.162.87.41
188.114.96.3
188.114.97.3
20.114.190.119
2001:4860:4802:32::178
2001:4860:4802:32::36
2600:9000:225b:5c00:1:3a28:62c0:93a1
2606:4700::6811:f9cb
2620:1ec:bdf::60
2620:1ec:c11::237
2a00:1450:4001:80b::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:82b::2008
2a00:1450:400c:c00::9c
2a04:4e42::485
31.220.24.142
34.141.137.168
99.80.160.149
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0982dadd535925cdc02610ef878d3cf9cdd9d74a9b0806cf8e8f6095d85d4f9b
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2949d919c1cbfea9a960e5a7a9fe4fe5086c1f9073c278d7e653980917a5a740
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
37a751df9353725b7e06bec81bc5c9f42c77c21701e4717465a13f4df5c0540d
3fd4d4a7fe6c0d2743ef52f04eddd31432c86c95fd79f39fe8bdffb7d8fba0b3
42681e9ab31ecc8b8ad330f37781101694a822e2a53728d7e0ef1361a00d8d8a
42754e6e598ae70c0c571d629bef56c1bb80c94237d734cbce058f905eb37ecd
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
559d7269f9b0ef8a8cae24fdedd8f7fa7e12cb733afaa9b8887b2842483225b5
5a32d2ebca7c3abe581e62f56f98e3af23c44a2de3b18ea9c91a82a2bd5e3e2f
5aca565aa096787fac4edefdc1d09138cf3103652a4bb52e2f03e77daa84635d
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
616c7bef93a6dba87aa67abf2d5e2ee58ad885f1d588ce451fea2f9e08255931
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
694d64d6d19470940bbe858f8184d4a3a95cb9826cb6227ebeaf5ae67436f9cc
6ad8b0d841442ed78801aee0bfc1d6479676456035eff4b2a088e9347c75455d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
744f481d39032dc24f2ab76f19ad66afeb06e14e09d4d2200d9104a98bb0903b
7d3d84e73da67922341950d1542a5a5da2420ea18026e314a9aec22f631e4246
7dbb1c6491c8765c5b462a9656f9b443fad8cb427fef8442cf3bc74ec931c328
823cea2501d230b3fdbe8fc098704a552ab4beb767c48990a59b87beca667ec7
8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6
8dd14a8d1c36876b7181bcf109d709d91a42d745540225f226fb8134d77ad431
8f31c428593d808f5dd1697233414338d03fdc0f7f88334ef3be339efc2ebda2
93a93b5df3be25e67e3069683f81ff8797cf1080fea683c210121e52e9c120de
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
995eca61afa2c355a57ce29bb3ebe616e631d91f12bead679bdf185067407f47
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba9f0c4744ca09b2cf58fb6881d06505cd8f4be8298c8ea6789d0a1d3b5e6bf
9c0fba4352f346a81523df1f943addecb49b9f082cd6fee3962b1681a7fbd5f5
a0f801b749c46ed0906d0481cf7de681a0c5f29ecd12d1f5eecea75f7993b441
a487d76bb55539f230c127ef33550d5c455ac0b67ca2b78b87452345bb0dc718
a572fd131df07e445620f8c3c07d1beec6527af20b0cc559557846626446a569
a7b95e060f3b9de1dc390f2e0e34bdbc2009cbedac823bda6b0ca8b59495dbc6
ab947cc0273b8a57c6cb88a19f7022a0121817449ec7c7f6c93f0ea044af26cf
abeac977412353f839a68ee3e70a11c889acc5115e27eec1d3d2754d6fc6a14c
c67876e8f1084758f1e18be9c2a06783986991a062ccf6e20ef5a00497bb6b57
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3305095b3544d76cbb66aab63bd7b3debd18ae41f8a7ca4df8fe0875b2bec4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

thedateflirtings.life Open in urlscan Pro 185.155.184.6 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

95 %HTTPS

50 %IPv6

21 Domains

25 Subdomains

18 IPs

6 Countries

1307 kBTransfer

2347 kBSize

38 Cookies

0 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

thedateflirtings.life Open in urlscan Pro
185.155.184.6 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

95 %
HTTPS

50 %
IPv6

21
Domains

25
Subdomains

18
IPs

6
Countries

1307 kB
Transfer

2347 kB
Size

38
Cookies

59 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!