flirtpartner.org Open in urlscan Pro
185.101.156.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.cutt.us/5V1cv
Effective URL:
https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pub...
Submission: On October 13 via manual (October 13th 2021, 6:42:56 pm UTC) from SG — Scanned from DE

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 8 countries across 20 domains to perform 39 HTTP transactions. The main IP is 185.101.156.25, located in Switzerland and belongs to HOSTTECH-AS, CH. The main domain is flirtpartner.org.
TLS certificate: Issued by R3 on September 9th 2021. Valid for: 3 months.

This is the only time flirtpartner.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	69.61.26.123 69.61.26.123	141518 (SUBHOST-A...) (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:10:... 2606:4700:10::6814:8a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.21.43.36 104.21.43.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	212.32.252.82 212.32.252.82	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	212.32.250.178 212.32.250.178	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	185.162.87.41 185.162.87.41	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	18.195.174.160 18.195.174.160	16509 (AMAZON-02) (AMAZON-02)
1 1	18.193.209.105 18.193.209.105	16509 (AMAZON-02) (AMAZON-02)
1 1	52.210.2.133 52.210.2.133	16509 (AMAZON-02) (AMAZON-02)
9	185.101.156.25 185.101.156.25	207143 (HOSTTECH-AS) (HOSTTECH-AS)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	178.132.207.149 178.132.207.149	49505 (SELECTEL) (SELECTEL)
2	2600:9000:225... 2600:9000:2250:9a00:7:90a9:9e80:21	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:224... 2600:9000:2240:6e00:4:1626:2a80:21	16509 (AMAZON-02) (AMAZON-02)
39	18

2 69.61.26.123 (United States) 1 redirects

ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN)

www.cutt.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cutt.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b6ade51eb554552f737a3095b8de9e33.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:8a41 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.43.36 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

local-hot-dates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.252.82 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

t.luvmenow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.32.250.178 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

r.goaffmy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.162.87.41 (United Kingdom) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

omgtds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.174.160 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-174-160.eu-central-1.compute.amazonaws.com

track.lobby-x.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.209.105 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-209-105.eu-central-1.compute.amazonaws.com

weases-vardship.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.2.133 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com

tracking.flirtpartner.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.101.156.25 (Switzerland)

ASN207143 (HOSTTECH-AS, CH)
PTR: mx.mail.14040.hostserv.eu

flirtpartner.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.132.207.149 (Russian Federation)

ASN49505 (SELECTEL, RU)

v3.http.api.mein-chat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:9a00:7:90a9:9e80:21 (United States)

ASN16509 (AMAZON-02, US)

d1vs2ewexrkl16.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2240:6e00:4:1626:2a80:21 (United States)

ASN16509 (AMAZON-02, US)

d1mti8cqxh4eqy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	flirtpartner.org 1 redirects tracking.flirtpartner.org flirtpartner.org	1 MB
9	cloudfront.net d1vs2ewexrkl16.cloudfront.net d1mti8cqxh4eqy.cloudfront.net	155 KB
7	googlesyndication.com b6ade51eb554552f737a3095b8de9e33.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	38 KB
3	doubleclick.net securepubads.g.doubleclick.net	124 KB
2	goaffmy.com 2 redirects r.goaffmy.com	669 B
2	google.com adservice.google.com www.google.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	cutt.us 1 redirects www.cutt.us cutt.us	2 KB
1	mein-chat.com v3.http.api.mein-chat.com	3 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	weases-vardship.com 1 redirects weases-vardship.com	866 B
1	lobby-x.eu 1 redirects track.lobby-x.eu	908 B
1	omgtds.com 1 redirects omgtds.com	386 B
1	luvmenow.com 1 redirects t.luvmenow.com	360 B
1	local-hot-dates.com 1 redirects local-hot-dates.com	1 KB
1	tinyurl.com 1 redirects tinyurl.com	411 B
1	google.de adservice.google.de	853 B
1	googletagmanager.com www.googletagmanager.com	38 KB
1	googletagservices.com www.googletagservices.com	27 KB
39	20

	Domain	Requested by
9	flirtpartner.org	cutt.us flirtpartner.org
7	d1mti8cqxh4eqy.cloudfront.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	d1vs2ewexrkl16.cloudfront.net	flirtpartner.org
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	r.goaffmy.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	v3.http.api.mein-chat.com	flirtpartner.org
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	flirtpartner.org
1	www.google.com	tpc.googlesyndication.com
1	tracking.flirtpartner.org	1 redirects
1	weases-vardship.com	1 redirects
1	track.lobby-x.eu	1 redirects
1	omgtds.com	1 redirects
1	t.luvmenow.com	1 redirects
1	local-hot-dates.com	1 redirects
1	tinyurl.com	1 redirects
1	b6ade51eb554552f737a3095b8de9e33.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagmanager.com	cutt.us
1	www.googletagservices.com	cutt.us
1	cutt.us
1	www.cutt.us	1 redirects
39	26

This site contains no links.

Subject Issuer	Validity	Valid
www.cutt.us R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
flirtpartner.org R3	`2021-09-09` - `2021-12-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
v3.http.api.mein-chat.com R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
Frame ID: 0283B04C085F988CE676631E9592F43B
Requests: 37 HTTP requests in this frame

Frame: https://b6ade51eb554552f737a3095b8de9e33.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4CB6B936F6AA21E3C92F01478CA2BE20
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D94CE55CB5AFC0955F493E40D30684E1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F4BE26BC917CFD5F963306CAEF3883E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

flirtpartner

Page URL History Show full URLs

http://www.cutt.us/5V1cv HTTP 301
https://cutt.us/5V1cv Page URL
http://tinyurl.com/crypto002 HTTP 307
https://tinyurl.com/crypto002 HTTP 301
https://local-hot-dates.com/8R5SxQ9p HTTP 302
http://t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=11249&sub3=3gv40a13oo28k&sub1=897&sub2=frd HTTP 302
https://r.goaffmy.com/click?pid=6565&offer_id=2606&sub1=a_616728aca7ce420001891dd7&sub2=897 HTTP 302
https://omgtds.com/c1/652d1ae4-50ba-4605-902d-143db04df43e?aff=6565&source=897&externalId=61672... HTTP 302
https://r.goaffmy.com/click?pid=11972&offer_id=2860&sub1=c5jihb51su2olhh661r0&sub2=897&sub3=6565 HTTP 302
https://track.lobby-x.eu/fad529ff-1ac0-4a10-8a43-3d8533c32f42?w=47402&ws=6565&affsub=897&wt=616728acf... HTTP 302
http://weases-vardship.com/244f5cf0-4e1a-44a7-9fd5-95be2fa3d8b6?CampaignID=4828ffad-4f83-4611-a900-3c9e... HTTP 302
http://tracking.flirtpartner.org/aff_c?offer_id=125&aff_id=1426&source=w4ntpdd07lklnq5b2blhjtac&aff_sub=4828f... HTTP 302
https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125... Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

39
Requests

100 %
HTTPS

56 %
IPv6

20
Domains

26
Subdomains

18
IPs

8
Countries

1665 kB
Transfer

6689 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.cutt.us/5V1cv HTTP 301
https://cutt.us/5V1cv Page URL
http://tinyurl.com/crypto002 HTTP 307
https://tinyurl.com/crypto002 HTTP 301
https://local-hot-dates.com/8R5SxQ9p HTTP 302
http://t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=11249&sub3=3gv40a13oo28k&sub1=897&sub2=frd HTTP 302
https://r.goaffmy.com/click?pid=6565&offer_id=2606&sub1=a_616728aca7ce420001891dd7&sub2=897 HTTP 302
https://omgtds.com/c1/652d1ae4-50ba-4605-902d-143db04df43e?aff=6565&source=897&externalId=616728acfb8c870001a8a8f9&sub2=897&sub3=6565&pp=1 HTTP 302
https://r.goaffmy.com/click?pid=11972&offer_id=2860&sub1=c5jihb51su2olhh661r0&sub2=897&sub3=6565 HTTP 302
https://track.lobby-x.eu/fad529ff-1ac0-4a10-8a43-3d8533c32f42?w=47402&ws=6565&affsub=897&wt=616728acfb8c870001a8a8fb&sub3=smartlink HTTP 302
http://weases-vardship.com/244f5cf0-4e1a-44a7-9fd5-95be2fa3d8b6?CampaignID=4828ffad-4f83-4611-a900-3c9e98af653c&clickID=w4ntpdd07lklnq5bit8d8u7c HTTP 302
http://tracking.flirtpartner.org/aff_c?offer_id=125&aff_id=1426&source=w4ntpdd07lklnq5b2blhjtac&aff_sub=4828ffad-4f83-4611-a900-3c9e98af653c HTTP 302
https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.cutt.us/5V1cv HTTP 301
https://cutt.us/5V1cv

39 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

5V1cv Show response
cutt.us/
Redirect Chain

http://www.cutt.us/5V1cv
https://cutt.us/5V1cv

3 KB
2 KB

595ms
291ms

Document
text/html

69.61.26.123
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to

Full URL

https://cutt.us/5V1cv

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.61.26.123 , United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),

Reverse DNS

Software

Hotcores.com /

Resource Hash

d9ff67959ea8cabc4b5ab00d4fa6b11314a2979c370f8a09fe5e1dea5bf4949d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Host: cutt.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: Hotcores.com
Date: Wed, 13 Oct 2021 18:42:51 GMT
Content-Type: text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Robots-Tag: noindex, nofollow
I-AM: Gamma
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip

Redirect headers

Server: Hotcores.com
Date: Wed, 13 Oct 2021 18:42:50 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://cutt.us/5V1cv

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cutt.us
URL: https://cutt.us/5V1cv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20d78245f98a0e7c7eb5838bf15893cd886071aa434ffe3950a60c2c962256f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1015 / 409 of 1000 / last-modified: 1634138812"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27161
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 13 Oct 2021 18:42:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 40ms
17ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31510493-1

Requested by

Host: cutt.us
URL: https://cutt.us/5V1cv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c343daa7f71aec629b5aab04e0497b2d201619babc20b355d44c45fec8d7070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:42:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38590
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Oct 2021 18:42:51 GMT

GET
H2 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ 361 KB
122 KB 43ms
16ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063142

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 13 Oct 2021 18:42:51 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 26 B
699 B 41ms
15ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9976a6ecb3c55b071fd718a5849aa06de3cec11a5a80ff3f73ff564018d1443b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 18:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Wed, 13 Oct 2021 18:42:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 21:34:48 GMT
server: Golfe2
age: 2505
date: Wed, 13 Oct 2021 18:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Wed, 13 Oct 2021 20:01:06 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
200 B 14ms
12ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1256643352&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2F5V1cv&ul=en-us&de=UTF-8&dt=5V1cv&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=385613771&gjid=789094630&cid=1906488941.1634150571&tid=UA-31510493-1&_gid=929766213.1634150571&_r=1&gtm=2ouab0&z=294431499

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cutt.us/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 18:42:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cutt.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 65ms
17ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cutt.us

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 18:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 38ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cutt.us

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 18:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 437 B
726 B 39ms
38ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2067814110581138&correlator=785378185169999&output=ldjh&impl=fif&eid=31063083%2C31063142&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211013&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1634150571&dt=1634150571284&dlt=1634150571105&idt=157&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1933368604&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcutt.us%2F5V1cv&vis=1&dmc=8&scr_x=0&scr_y=0&psz=324x63&msz=0x0&ga_vid=1906488941.1634150571&ga_sid=1634150571&ga_hid=1256643352&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1bb61d9e61a78236895e2e0daa214425048f0892d06c60114720234dc5a809a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:42:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 223
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutt.us
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b6ade51eb554552f737a3095b8de9e33.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4CB6 6 KB
4 KB 78ms
15ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b6ade51eb554552f737a3095b8de9e33.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b6ade51eb554552f737a3095b8de9e33.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cutt.us/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 13 Oct 2021 18:42:51 GMT
expires: Thu, 13 Oct 2022 18:42:51 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Primary Request / Show response
flirtpartner.org/p/
Redirect Chain

http://tinyurl.com/crypto002
https://tinyurl.com/crypto002
https://local-hot-dates.com/8R5SxQ9p
http://t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=11249&sub3=3gv40a13oo28k&sub1=897&sub2=frd
https://r.goaffmy.com/click?pid=6565&offer_id=2606&sub1=a_616728aca7ce420001891dd7&sub2=897
https://omgtds.com/c1/652d1ae4-50ba-4605-902d-143db04df43e?aff=6565&source=897&externalId=616728acfb8c870001a8a8f9&sub2=897&sub3=6565&pp=1
https://r.goaffmy.com/click?pid=11972&offer_id=2860&sub1=c5jihb51su2olhh661r0&sub2=897&sub3=6565
https://track.lobby-x.eu/fad529ff-1ac0-4a10-8a43-3d8533c32f42?w=47402&ws=6565&affsub=897&wt=616728acfb8c870001a8a8fb&sub3=smartlink
http://weases-vardship.com/244f5cf0-4e1a-44a7-9fd5-95be2fa3d8b6?CampaignID=4828ffad-4f83-4611-a900-3c9e98af653c&clickID=w4ntpdd07lklnq5bit8d8u7c
http://tracking.flirtpartner.org/aff_c?offer_id=125&aff_id=1426&source=w4ntpdd07lklnq5b2blhjtac&aff_sub=4828ffad-4f83-4611-a900-3c9e98af653c
https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac

13 KB
13 KB

206ms
15ms

Document
text/html

185.101.156.25
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac

Requested by

Host: cutt.us
URL: https://cutt.us/5V1cv

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.101.156.25 , Switzerland, ASN207143 (HOSTTECH-AS, CH),

Reverse DNS

mx.mail.14040.hostserv.eu

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

c709e1afefe7958a085f07b8c9dbe88c0e5ed1d770855977dfcb433dd7c5b888

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:method: GET
:authority: flirtpartner.org
:scheme: https
:path: /p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/5V1cv

Response headers

server: nginx/1.14.0 (Ubuntu)
date: Wed, 13 Oct 2021 18:42:52 GMT
content-type: text/html
content-length: 13466
last-modified: Wed, 13 Oct 2021 11:08:55 GMT
strict-transport-security: max-age=63072000
cache-control: no-store, max-age=0
accept-ranges: bytes

Redirect headers

Server: nginx
Date: Wed, 13 Oct 2021 18:42:52 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 392
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_125=ENC034bdaf151cd8c13b12e67427b2042e20f6dfdff5c305ac1ae9ab06e338bea3573a9b4b78f8adbe688b78012159bf344d238f13e5c0a4cd863ef5c5a7ea2308daa7635bfd2bd35ff1a240341c8bb684641a070c121a4add201fb4e835a8247429bf4ed96c00517e4024efd2ac4eeb3ed5b328c11fd3976cdd714165e47848eac436b94eed44a6b9cc6db629f97ba392c377f501e21ccce04834d2156fc5546f2ca9ec82d6ea39bc7345d6321d37ccfa0ff75ed46498e2387e41a8365254ce038a51f60a85f; expires=Fri, 13 Oct 2023 18:42:52 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sat, 07 Sep 2024 05:22:52 GMT; path=/; SameSite=None; Secure
Tracking_id: 1025c170908f261ad77cb320562878
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: e0c5e17ad392a14ac427429445e39056
Access-Control-Allow-Headers: Tune-SDK-Version

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 46ms
23ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 18:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8430
x-xss-protection: 0

GET
H2 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 48ms
26ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 13 Oct 2021 18:42:51 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D94C 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cutt.us/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 13 Oct 2021 18:24:34 GMT
expires: Thu, 13 Oct 2022 18:24:34 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 1F4B 783 B
1 KB 38ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tziYdJjs2TGC0zaK4Rik5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cutt.us/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 13 Oct 2021 18:42:51 GMT
date: Wed, 13 Oct 2021 18:42:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-tziYdJjs2TGC0zaK4Rik5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
pagead2.googlesyndication.com/bg/ Frame D94C 35 KB
14 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 18:21:42 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1F4B 0
0 55ms
55ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101201&jk=2067814110581138&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 43ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=2067814110581138&bg=!09Cl0JTNAAbGFvHlxhY7ACkAdvg8WskKOlWPOmG37yLroyf69YYSOatsE2W_CKyA4ffG0KZ4kh2DGwIAAABbUgAAAAhoAQeZArioR7wFO5Nh9nuunwJ6EoU_Xrj1PQlDUuqJHH8uRuEtesc79MinTtSFI3clF2GEFbj6M4pOXmX3jf126tk1SZI1eG2yPMiuiyC2ZvNnCW1Jh7QSY2ImudvLXmR34sK3njNKQRI4kXNQ3j6lr4vhuQI_x8wzVQlERL4HoNfyn8AW0-SZjHDYAflkDJ3tSr6ALGRkxP6XVBGZI1fXSYIp6R52uR1Ur2R-0Sb5PPzPYy2z8PdlTAKZ2auW0u5FEcJ9hqPQmojJ6humFBXnZRB-zwDzQK6IxRlR9jcBidBn0-O-OyVWDYB7c9Uwr-zYgvpisbMEBDlaR7hFl8FuUGLelHMrY3ruQyzUrG-vJRUghFYxq53iqFDqm5NbqIyEK6qGC2M6gpJrBHNG2zoPa071sddZAEVKLFzGZQFhoIDfVOVkwsjqNh2_5yJfEAlrbaex6nE-hdpFBx4qhjCbRJY9LEwkvItL8keCcJ7ZgmN2H8Pk230ujNnNSeN9ul-XEjAVmzSBAgf3HKy3OCEn59VDnJ61LG0nmUp9SlfaBD0vJ4L-bzT0hWGkW2noAhRpUp9vZ5EJJPxxS38uJFHBs-2q7zsb1JGS7o8moFfAcRZSPa6ijn8v684aD9hwQpU-9bzEio0yhEQD57q97eoC7k31OxDKrrGGkLfAmSNM6821iZWM8jMTj1SLVJ4av8j-fmOdqoDqmQw739bbSr6vJWIle_8qTlW_K8dvfxvQ8_OFezX9DCACxpnMcrJw7g4a_rZIreK5N_rcimsDDRIVufyTPjXP1BHyngoWENPkbzJvkswljayrH9xzCs3SYSP6KXzdCtyAWgwkbBXnO4kBxsI_W2-NNXKFMnBIFwXcDwY5IgP915JEfHbCrK5k3NU8MX02ZqZ_ZwkfT78sOmx1q5Vwzmcr8Z4fCknn60s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 18:42:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendor.7cfa5604.css
flirtpartner.org/ 40 KB
9 KB 19ms
18ms Stylesheet
text/css 185.101.156.25
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtpartner.org/vendor.7cfa5604.css
Requested by: Host: flirtpartner.org
URL: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.101.156.25 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx.mail.14040.hostserv.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d846ebf2fd747cfec6861ecc80ffeb47670fd198db955db9e9c46ce46ead16f5

Request headers

:path: /vendor.7cfa5604.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: flirtpartner.org
referer: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:42:52 GMT
content-encoding: br
last-modified: Wed, 13 Oct 2021 10:57:51 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9245
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.7464bbd3.css
flirtpartner.org/ 172 KB
29 KB 20ms
19ms Stylesheet
text/css 185.101.156.25
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtpartner.org/app.7464bbd3.css
Requested by: Host: flirtpartner.org
URL: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.101.156.25 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx.mail.14040.hostserv.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b0a6fde419370ec773fb46d7d0f919219791751c3196a33b1ecdb59014035dce

Request headers

:path: /app.7464bbd3.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: flirtpartner.org
referer: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:42:52 GMT
content-encoding: br
last-modified: Wed, 13 Oct 2021 10:57:51 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 29042
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.93115c1e.js Show response
flirtpartner.org/ 3 KB
2 KB 25ms
25ms Script
application/javascript 185.101.156.25
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtpartner.org/runtime.93115c1e.js
Requested by: Host: flirtpartner.org
URL: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.101.156.25 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx.mail.14040.hostserv.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f55c59b0ef9ad2b2e423af5df0cd27c40df3544e0368cb8fae73480661091ccd

Request headers

:path: /runtime.93115c1e.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: flirtpartner.org
referer: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:42:52 GMT
content-encoding: br
last-modified: Wed, 13 Oct 2021 10:57:51 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1225
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendor.337455ed.js Show response
flirtpartner.org/ 3 MB
656 KB 25ms
25ms Script
application/javascript 185.101.156.25
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtpartner.org/vendor.337455ed.js
Requested by: Host: flirtpartner.org
URL: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.101.156.25 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx.mail.14040.hostserv.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7b4203e57d70057e04f2caea22bd897ae55920b2352558387415f4d16c23994e

Request headers

:path: /vendor.337455ed.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: flirtpartner.org
referer: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:42:52 GMT
content-encoding: br
last-modified: Wed, 13 Oct 2021 10:57:51 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 670955
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.1fcedd06.js Show response
flirtpartner.org/ 2 MB
353 KB 25ms
25ms Script
application/javascript 185.101.156.25
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtpartner.org/app.1fcedd06.js
Requested by: Host: flirtpartner.org
URL: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.101.156.25 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx.mail.14040.hostserv.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 55176de8f6feb64c861f933fb668b1840a4ba1f6dbf8eb1d63dd78b72a955594

Request headers

:path: /app.1fcedd06.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: flirtpartner.org
referer: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/p/?transactionId=1025c170908f261ad77cb320562878&offerId=125&pub=has_1426_125_Primus_flir_par&pubSub=4828ffad-4f83-4611-a900-3c9e98af653c&track=w4ntpdd07lklnq5b2blhjtac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:42:52 GMT
content-encoding: br
last-modified: Wed, 13 Oct 2021 10:57:51 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 360493
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 44ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700,400,300

Requested by

Host: flirtpartner.org
URL: https://flirtpartner.org/app.7464bbd3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1541f1f36a00c93fe07fc6d90d9ddded61e111aebebb7942752b1f7e84f29a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 18:42:52 GMT
server: ESF
date: Wed, 13 Oct 2021 18:42:52 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 18:42:52 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 39ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flirtpartner.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 17:04:31 GMT
x-content-type-options: nosniff
age: 524301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 07 Oct 2022 17:04:31 GMT

POST
H/1.1 200 settings Show response
v3.http.api.mein-chat.com/ws-proxy/api/g-db-layer-0.1/domain/get/client/ 3 KB
3 KB 171ms
76ms XHR
application/json 178.132.207.149
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://v3.http.api.mein-chat.com/ws-proxy/api/g-db-layer-0.1/domain/get/client/settings?requestId=H-ac19fe4a579724ecd008ca-0&clientId=8d71b4339789&payload=true
Requested by: Host: flirtpartner.org
URL: https://flirtpartner.org/vendor.337455ed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.132.207.149 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f5e037221b82581eeb837f270160a17d68eb49709ce3fb699dacd11d01a4f3aa

Request headers

Accept: application/json
Referer: https://flirtpartner.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 13 Oct 2021 18:42:53 GMT
access-control-allow-credentials: true
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Length: 3261
Content-Type: application/json;charset=UTF-8

GET
H2 200 de.svg
d1vs2ewexrkl16.cloudfront.net/flags/2020-01-18/4x3/ 213 B
533 B 50ms
13ms Image
image/svg+xml 2600:9000:2250:9a00:7:90a9:9e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vs2ewexrkl16.cloudfront.net/flags/2020-01-18/4x3/de.svg
Requested by: Host: flirtpartner.org
URL: https://flirtpartner.org/livechat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9a00:7:90a9:9e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 226631a8fa9deee07022680ce0461b7a09b416b616c56ebcaf21f50e2b34ea8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 21:02:44 GMT
via: 1.1 03249875678629095a5ec311a6f1a299.cloudfront.net (CloudFront)
last-modified: Sat, 18 Jan 2020 09:28:52 GMT
server: AmazonS3
age: 78010
etag: "3e726c2b6a59e6e4543c0a1534d93796"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 213
x-amz-cf-id: 1tmaKdCBh2mSaK7rNt5PihgJDcfn1pOsx5Lzgz6JXUJwibPGbP_tZQ==

GET
H2 200 gb.svg
d1vs2ewexrkl16.cloudfront.net/flags/2020-01-18/4x3/ 538 B
858 B 51ms
13ms Image
image/svg+xml 2600:9000:2250:9a00:7:90a9:9e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vs2ewexrkl16.cloudfront.net/flags/2020-01-18/4x3/gb.svg
Requested by: Host: flirtpartner.org
URL: https://flirtpartner.org/livechat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9a00:7:90a9:9e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 825310f9bcc8892559317bfc87fc28d5d7bad06c02d562b5740aafcf4b040803

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 05:55:19 GMT
via: 1.1 03249875678629095a5ec311a6f1a299.cloudfront.net (CloudFront)
last-modified: Sat, 18 Jan 2020 09:28:52 GMT
server: AmazonS3
age: 46059
etag: "d3ddd6025a06a78535b0d432d14905bf"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 538
x-amz-cf-id: 3Sni0_fnhxx_HzBYjC54Ycs1oxssNkRGZmiBycW-1em0zXbYO9MXhw==

GET
H2 200 background.jpg
flirtpartner.org/images/ 106 KB
106 KB 16ms
16ms Image
image/jpeg 185.101.156.25
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flirtpartner.org/images/background.jpg
Requested by: Host: flirtpartner.org
URL: https://flirtpartner.org/livechat/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.101.156.25 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx.mail.14040.hostserv.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2200bb0b5c1377e4b37c24608fa9217808fd1e8474d18df89301190b9e6fcf1a

Request headers

:path: /images/background.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: flirtpartner.org
referer: https://flirtpartner.org/livechat/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/livechat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:42:53 GMT
last-modified: Wed, 13 Oct 2021 10:57:51 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 108294
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
flirtpartner.org/images/ 11 KB
12 KB 24ms
24ms Image
image/png 185.101.156.25
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flirtpartner.org/images/logo.png
Requested by: Host: flirtpartner.org
URL: https://flirtpartner.org/livechat/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.101.156.25 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx.mail.14040.hostserv.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 113146ea41e6bb09c72f82877312a8024410d4bf7e1e77f44cf2352ce4bd0abd

Request headers

:path: /images/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: flirtpartner.org
referer: https://flirtpartner.org/livechat/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/livechat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:42:53 GMT
last-modified: Wed, 13 Oct 2021 10:57:51 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11414
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 livechat.png
flirtpartner.org/images/ 29 KB
29 KB 24ms
24ms Image
image/png 185.101.156.25
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flirtpartner.org/images/livechat.png
Requested by: Host: flirtpartner.org
URL: https://flirtpartner.org/livechat/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.101.156.25 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx.mail.14040.hostserv.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 058369ee75618b9dd93c1c531cce1a697f02f0f560d1ba6f9b82a8afc63b259d

Request headers

:path: /images/livechat.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: flirtpartner.org
referer: https://flirtpartner.org/livechat/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/livechat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:42:53 GMT
last-modified: Wed, 13 Oct 2021 10:57:51 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 29640
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26dbed95d53da21c924e647685e135e87a7fe31532b636c74805ab8cb2ce753

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55ef9f2e94ce2563b1eabbe72425b02bc1ceae190263dbfa401573c49547add2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d336c9f679df7b560680945da2eddc3a8c8613be42a1d9dbae6e76f3404fdc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 33919a85-bfd8-45f3-919b-79003d767ec8.jpeg
d1mti8cqxh4eqy.cloudfront.net/ 11 KB
11 KB 45ms
18ms Image
image/jpeg 2600:9000:2240:6e00:4:1626:2a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mti8cqxh4eqy.cloudfront.net/33919a85-bfd8-45f3-919b-79003d767ec8.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6e00:4:1626:2a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b78c6b3f83c621093fd1fcc1637f27858f8ddb8e42924f3c30fc3865389f05e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 12:35:05 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified: Thu, 29 Sep 2016 04:29:45 GMT
server: AmazonS3
age: 22256
etag: "98cdd32337d16f9f8cae275935e43cd4"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 10868
x-amz-cf-id: jwBcPcIi6v2_RzWWMm0__zqdXB4YzyoVVVdmBrsWne4TlrmGIsa9bA==

GET
H2 200 9deb58aa-63db-4a37-8e74-2527738364b0.jpeg
d1mti8cqxh4eqy.cloudfront.net/ 11 KB
11 KB 47ms
20ms Image
image/jpeg 2600:9000:2240:6e00:4:1626:2a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mti8cqxh4eqy.cloudfront.net/9deb58aa-63db-4a37-8e74-2527738364b0.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6e00:4:1626:2a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb307f55e06e5b3f3a654610b9f611b676485ee07947ab7ad25f137d00f63c30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 17:24:34 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified: Fri, 05 Oct 2018 15:59:18 GMT
server: AmazonS3
age: 4702
etag: "f8c858119ac81604778231fa552ce9f4"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 11312
x-amz-cf-id: pz_PicikYd5f_t-u0UEY-OuL6owHG0Y3lMZRZlLx7NALAcmeo2EYWw==

GET
H2 200 c54bf85f-9966-4486-8167-09ba54848cd0.jpeg
d1mti8cqxh4eqy.cloudfront.net/ 10 KB
10 KB 48ms
21ms Image
image/jpeg 2600:9000:2240:6e00:4:1626:2a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mti8cqxh4eqy.cloudfront.net/c54bf85f-9966-4486-8167-09ba54848cd0.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6e00:4:1626:2a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2461b47337a9e349d23ac4567bdc3e14fb3179ba9628761599688636fbd705b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 18:58:12 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified: Thu, 26 Apr 2018 09:14:47 GMT
server: AmazonS3
age: 85484
etag: "589f38ee922d642e0eeb36dac7105922"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 9833
x-amz-cf-id: -rEX6Hay2s9Lq8817evHdUHTxQ0T433O8c-nvuNPoIFaGfkoOWQRpA==

GET
H2 200 5658b8ed-13c4-4580-9d9d-cda16b159cc7.jpeg
d1mti8cqxh4eqy.cloudfront.net/ 57 KB
57 KB 49ms
22ms Image
image/jpeg 2600:9000:2240:6e00:4:1626:2a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mti8cqxh4eqy.cloudfront.net/5658b8ed-13c4-4580-9d9d-cda16b159cc7.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6e00:4:1626:2a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5b7e28d097c126bce668fc6b2c74f32ec70b7ca1dc09ec934c5f5f827af0c1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 21:54:02 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified: Wed, 31 Aug 2016 01:15:25 GMT
server: AmazonS3
age: 74934
etag: "e0cc24668b228d0ab272ce81a02c37e5"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 58457
x-amz-cf-id: cQwN2_GFgZ0IeP2IBfYbNrfRK8xKovjzFLoJ8jYxKYhq0GgYVPWqHQ==

GET
H2 200 21604706__megchat_0000013f-79f9-88ab-3600-7096cb9c2bb8.jpg
d1mti8cqxh4eqy.cloudfront.net/ 11 KB
12 KB 38ms
12ms Image
image/jpeg 2600:9000:2240:6e00:4:1626:2a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mti8cqxh4eqy.cloudfront.net/21604706__megchat_0000013f-79f9-88ab-3600-7096cb9c2bb8.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6e00:4:1626:2a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f74f9f4f9e35cf9352723bfb981438b45860b229c8ff73264c8a97ac9a618898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 06:12:18 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified: Sun, 12 Feb 2017 04:26:27 GMT
server: AmazonS3
age: 45038
etag: "e805a0f56d0c30583ac137c03accec6f"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 11708
x-amz-cf-id: Ldwfuu6WiJmWfx5CqCNKRpSyFztb3B5LZwJCk0Kb_PXEgUbMQxihhw==

GET
H2 200 21604096__megchat_0000013f-6bca-a94f-d074-fcd9aaa584db.jpg
d1mti8cqxh4eqy.cloudfront.net/ 13 KB
13 KB 50ms
23ms Image
image/jpeg 2600:9000:2240:6e00:4:1626:2a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mti8cqxh4eqy.cloudfront.net/21604096__megchat_0000013f-6bca-a94f-d074-fcd9aaa584db.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6e00:4:1626:2a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 848c8172717488db2bf65fe9e37b63392bade78b0ff94880d230cebae0b02dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 01:17:48 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified: Sun, 12 Feb 2017 04:25:06 GMT
server: AmazonS3
age: 62708
etag: "02896cc1406459b38c9fa1d9d9af177c"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 12985
x-amz-cf-id: BYrIP7PnxYgPIciRrg2cxyjtcPWPZW0_FKeHmyRaTwQivBeLGuNgZg==

GET
H2 200 3caadfe3-ab85-4d56-bfce-54400f6bb190.20201116165642.jpeg
d1mti8cqxh4eqy.cloudfront.net/ 39 KB
39 KB 42ms
17ms Image
image/jpeg 2600:9000:2240:6e00:4:1626:2a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1mti8cqxh4eqy.cloudfront.net/3caadfe3-ab85-4d56-bfce-54400f6bb190.20201116165642.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6e00:4:1626:2a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d21b93cb05ca36203a54082b0e30dfaa213eed425b788049e2a2d7fe30e46cc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flirtpartner.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 15:16:07 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified: Mon, 16 Nov 2020 15:56:43 GMT
server: AmazonS3
age: 42399
etag: "4d4b5f7e5a42d8d45bb97b8df6983b5b"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 39989
x-amz-cf-id: ESvDMgVonu1YxNzEKd0qNjasnOXWWWDsfEuSXc0UM6_uDjfLRKfLlg==

Verdicts & Comments Add Verdict or Comment

332 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cutt.us/	1970-01-20 15:27:02	Name: _ga Value: GA1.2.1906488941.1634150571
.cutt.us/	1970-01-19 21:57:16	Name: _gid Value: GA1.2.929766213.1634150571
.cutt.us/	1970-01-19 21:55:50	Name: _gat_gtag_UA_31510493_1 Value: 1
.doubleclick.net/	1970-01-19 21:55:51	Name: test_cookie Value: CheckForPermission
.cutt.us/	1970-01-20 07:17:26	Name: __gads Value: ID=13494f5a24b79278-22634159f5ca005c:T=1634150571:S=ALNI_MY9eLIpAvIBCnjZZVUoHJkqqBpKqw
local-hot-dates.com/	1970-01-19 22:40:28	Name: _subid Value: 3gv40a13oo28k
local-hot-dates.com/	1970-02-07 19:53:07	Name: 9bf24 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NzE4XCI6MTYzNDE1MDU3MSxcIjE1ODAzXCI6MTYzNDE1MDU3MX0sXCJjYW1wYWlnbnNcIjp7XCI4OTdcIjoxNjM0MTUwNTcxLFwiMTgyXCI6MTYzNDE1MDU3MX0sXCJ0aW1lXCI6MTYzNDE1MDU3MX0ifQ.VvtNPldTNX-UebSJMLZgnaKYQ3lt3r_mewY3RjE_a78
local-hot-dates.com/	1970-01-19 22:40:28	Name: _token Value: uuid_3gv40a13oo28k_3gv40a13oo28k616728ac03d0d1.55038979
.omgtds.com/	1970-01-19 21:57:16	Name: uid Value: InMK-BZfM
r.goaffmy.com/	1970-01-20 06:41:26	Name: afclick Value: 616728acfb8c870001a8a8fb
r.goaffmy.com/	1970-01-20 06:41:26	Name: afoffers Value: {"2606":1634150572,"2860":1634150572}
.track.lobby-x.eu/	1970-01-19 21:57:16	Name: fad529ff-1ac0-4a10-8a43-3d8533c32f42-v4 Value: tXonFBBwViI_yX1mR80k4wYaBveikfuZDq9Qh410WEA
.track.lobby-x.eu/	1970-01-20 06:41:26	Name: cc-v4 Value: VizMkY7FaUL%2FiqVpJ5aS7SVzki9GTIFIAgqOqVIag4obPSR3Q1Lb2101VOkK7IjlU7PZAJkgGd4bFiEcWnyqMld%2BmQaZdD8Yn34a5ixQtwP222MXJVecW39jjhve3ldzKOuusxiVPL%2BjyoyIo79Njw%3D%3D
.weases-vardship.com/	1970-01-19 21:57:16	Name: 244f5cf0-4e1a-44a7-9fd5-95be2fa3d8b6-v4 Value: 7BDcdDmSudlRtWWhF7YlwPkTEJDSoopp3tgMwhrU74Q
.weases-vardship.com/	1970-01-20 06:41:26	Name: cc-v4 Value: pSaF3hp9o8%2BVUpSDARLwwuVF3XblrqZPZBHLzwIE4fH6W8MnOw1LoZxQ7eTA3nYBUyrg2EZdjsk6A88MFRWbz%2BO5HmLmqe8g3nVMa3cJlDAQKp5%2BMjEyHLLYY724Uhy9EH1Y6N88pVd3pTYkFQk8Qg%3D%3D
flirtpartner.org/	1970-01-22 21:57:36	Name: chat.currentUser.session.id Value: 1b533711-e3b1-43a9-b11d-e39d6c89c9b3
flirtpartner.org/	1970-01-22 21:57:36	Name: chat.guestUser.session.id Value: 1b533711-e3b1-43a9-b11d-e39d6c89c9b3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
b6ade51eb554552f737a3095b8de9e33.safeframe.googlesyndication.com
cutt.us
d1mti8cqxh4eqy.cloudfront.net
d1vs2ewexrkl16.cloudfront.net
flirtpartner.org
fonts.googleapis.com
fonts.gstatic.com
local-hot-dates.com
omgtds.com
pagead2.googlesyndication.com
r.goaffmy.com
securepubads.g.doubleclick.net
t.luvmenow.com
tinyurl.com
tpc.googlesyndication.com
track.lobby-x.eu
tracking.flirtpartner.org
v3.http.api.mein-chat.com
weases-vardship.com
www.cutt.us
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.21.43.36
142.250.186.162
178.132.207.149
18.193.209.105
18.195.174.160
185.101.156.25
185.162.87.41
212.32.250.178
212.32.252.82
2600:9000:2240:6e00:4:1626:2a80:21
2600:9000:2250:9a00:7:90a9:9e80:21
2606:4700:10::6814:8a41
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2001
2a00:1450:4001:812::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2001
52.210.2.133
69.61.26.123
058369ee75618b9dd93c1c531cce1a697f02f0f560d1ba6f9b82a8afc63b259d
0d336c9f679df7b560680945da2eddc3a8c8613be42a1d9dbae6e76f3404fdc3
113146ea41e6bb09c72f82877312a8024410d4bf7e1e77f44cf2352ce4bd0abd
1541f1f36a00c93fe07fc6d90d9ddded61e111aebebb7942752b1f7e84f29a05
1b78c6b3f83c621093fd1fcc1637f27858f8ddb8e42924f3c30fc3865389f05e
1bb61d9e61a78236895e2e0daa214425048f0892d06c60114720234dc5a809a1
20d78245f98a0e7c7eb5838bf15893cd886071aa434ffe3950a60c2c962256f9
2200bb0b5c1377e4b37c24608fa9217808fd1e8474d18df89301190b9e6fcf1a
226631a8fa9deee07022680ce0461b7a09b416b616c56ebcaf21f50e2b34ea8f
2461b47337a9e349d23ac4567bdc3e14fb3179ba9628761599688636fbd705b8
2c343daa7f71aec629b5aab04e0497b2d201619babc20b355d44c45fec8d7070
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
55176de8f6feb64c861f933fb668b1840a4ba1f6dbf8eb1d63dd78b72a955594
55ef9f2e94ce2563b1eabbe72425b02bc1ceae190263dbfa401573c49547add2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b4203e57d70057e04f2caea22bd897ae55920b2352558387415f4d16c23994e
825310f9bcc8892559317bfc87fc28d5d7bad06c02d562b5740aafcf4b040803
848c8172717488db2bf65fe9e37b63392bade78b0ff94880d230cebae0b02dcd
9976a6ecb3c55b071fd718a5849aa06de3cec11a5a80ff3f73ff564018d1443b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b0a6fde419370ec773fb46d7d0f919219791751c3196a33b1ecdb59014035dce
b5b7e28d097c126bce668fc6b2c74f32ec70b7ca1dc09ec934c5f5f827af0c1c
c709e1afefe7958a085f07b8c9dbe88c0e5ed1d770855977dfcb433dd7c5b888
d21b93cb05ca36203a54082b0e30dfaa213eed425b788049e2a2d7fe30e46cc4
d26dbed95d53da21c924e647685e135e87a7fe31532b636c74805ab8cb2ce753
d846ebf2fd747cfec6861ecc80ffeb47670fd198db955db9e9c46ce46ead16f5
d9ff67959ea8cabc4b5ab00d4fa6b11314a2979c370f8a09fe5e1dea5bf4949d
eb307f55e06e5b3f3a654610b9f611b676485ee07947ab7ad25f137d00f63c30
f55c59b0ef9ad2b2e423af5df0cd27c40df3544e0368cb8fae73480661091ccd
f5e037221b82581eeb837f270160a17d68eb49709ce3fb699dacd11d01a4f3aa
f74f9f4f9e35cf9352723bfb981438b45860b229c8ff73264c8a97ac9a618898
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

flirtpartner.org Open in urlscan Pro 185.101.156.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

56 %IPv6

20 Domains

26 Subdomains

18 IPs

8 Countries

1665 kBTransfer

6689 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

flirtpartner.org Open in urlscan Pro
185.101.156.25 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

56 %
IPv6

20
Domains

26
Subdomains

18
IPs

8
Countries

1665 kB
Transfer

6689 kB
Size

17
Cookies

39 HTTP transactions
3 data transactions