urlscan.io logo urlscan.io
SecurityTrails logo

ddoklg.womenfolove.net Open in urlscan Pro
2600:1f18:420a:9200::ab  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cutt.us/PvpTo
Effective URL: https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1
Submission: On November 13 via manual from SK — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 30 HTTP transactions. The main IP is 2600:1f18:420a:9200::ab, located in and belongs to . The main domain is ddoklg.womenfolove.net.
TLS certificate: Issued by R3 on October 6th 2021. Valid for: 3 months.
This is the only time ddoklg.womenfolove.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    69.61.26.123 (United States)

ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN)
cutt.us
1    2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2607:f8b0:4006:81d::2001 (United States)

ASN15169 (GOOGLE, US)
051c330aafdbedf85c97870a976a8cee.safeframe.googlesyndication.com
1    2600:9000:210b:2e00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
d9u79.app.link
1    172.96.191.234 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.234-static.reverse.arandomserver.com
tricia.laceywhitley.xyz
1    2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2600:1f18:420a:9200::ab (None, )

ASN- ()
ddoklg.womenfolove.net
6    104.126.117.16 (None, )

ASN- ()
cdn-bimi.akamaized.net
1    2607:f8b0:4006:80d::200a (None, )

ASN- ()
fonts.googleapis.com
Domain Requested by
6 cdn-bimi.akamaized.net ddoklg.womenfolove.net
cdn-bimi.akamaized.net
3 ddoklg.womenfolove.net tricia.laceywhitley.xyz
ddoklg.womenfolove.net
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com cutt.us
ddoklg.womenfolove.net
1 fonts.googleapis.com cdn-bimi.akamaized.net
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 tricia.laceywhitley.xyz cutt.us
1 d9u79.app.link 1 redirects
1 051c330aafdbedf85c97870a976a8cee.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 www.googletagservices.com cutt.us
1 cutt.us
0 www.gstatic.com Failed ddoklg.womenfolove.net
0 fonts.gstatic.com Failed fonts.googleapis.com
0 www.google.com Failed tpc.googlesyndication.com
30 17

This site contains no links.

Subject Issuer Validity Valid
www.cutt.us
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.womenfolove.net
R3		 2021-10-06 -
2022-01-04		 3 months crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1
Frame ID: 3CA74C9349BBCEEB847CF23AE9667CC9
Requests: 27 HTTP requests in this frame

Frame: https://051c330aafdbedf85c97870a976a8cee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5032A0AE738559B9DB8B5167221FC00A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 87245E9868B0AD7A6DB9CC27C9B6BD78
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FF89FB3FCE929AA5267D891DE554A1B9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cutt.us/PvpTo Page URL
  2. https://d9u79.app.link/xDcbLMMf1kb HTTP 307
    http://tricia.laceywhitley.xyz/NU45Q3csREVXQSwxNjM2MzgxNDI0LA?_branch_match_id=988073974341024794&utm_sourc... Page URL
  3. https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1 Page URL

Page Statistics

30
Requests

77 %
HTTPS

71 %
IPv6

13
Domains

17
Subdomains

14
IPs

2
Countries

498 kB
Transfer

1025 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutt.us/PvpTo Page URL
  2. https://d9u79.app.link/xDcbLMMf1kb HTTP 307
    http://tricia.laceywhitley.xyz/NU45Q3csREVXQSwxNjM2MzgxNDI0LA?_branch_match_id=988073974341024794&utm_source=facebook&utm_campaign=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT7EsNbfUSywo0MvJzMvWr3BJTvLx9U0zzE4CAG6JWdoiAAAA Page URL
  3. https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://d9u79.app.link/xDcbLMMf1kb HTTP 307
  • http://tricia.laceywhitley.xyz/NU45Q3csREVXQSwxNjM2MzgxNDI0LA?_branch_match_id=988073974341024794&utm_source=facebook&utm_campaign=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT7EsNbfUSywo0MvJzMvWr3BJTvLx9U0zzE4CAG6JWdoiAAAA

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
PvpTo
cutt.us/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cutt.us/PvpTo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.123 , United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software
Hotcores.com /
Resource Hash
b40e3ad4018615b3f79bfe9b3a086c02ba81fb0d819ceccf8ff992e44e27afcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Hotcores.com
Date
Sat, 13 Nov 2021 14:23:36 GMT
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate, max-age=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
I-AM
Gamma
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip
gpt.js
www.googletagservices.com/tag/js/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cutt.us
URL: https://cutt.us/PvpTo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e62b6f9b347200447b4c192c6ebb756a3db8533b4dc29ebf6888ab2e4293a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 14:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1042 / 623 of 1000 / last-modified: 1636758378"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26695
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Nov 2021 14:23:37 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Requested by
Host: cutt.us
URL: https://cutt.us/PvpTo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bcba1cdfe1de5654151ac296ae5d6328f452135f4b7abec13402912d85a32714
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 14:23:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
36119
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Nov 2021 14:23:37 GMT
pubads_impl_2021111001.js
securepubads.g.doubleclick.net/gpt/ 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
sffe /
Resource Hash
10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 14:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
117754
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 09:34:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Nov 2021 14:23:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		26 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
9976a6ecb3c55b071fd718a5849aa06de3cec11a5a80ff3f73ff564018d1443b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 14:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Sat, 13 Nov 2021 14:23:38 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3042
date
Sat, 13 Nov 2021 13:32:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20006
expires
Sat, 13 Nov 2021 15:32:56 GMT
collect
www.google-analytics.com/j/ 		1 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=399012091&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2FPvpTo&ul=en-us&de=UTF-8&dt=PvpTo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1612051970&gjid=2063649049&cid=505047818.1636813418&tid=UA-31510493-1&_gid=1946445983.1636813418&_r=1&gtm=2ouba1&z=1708710938
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cutt.us/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 14:23:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cutt.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cutt.us
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 14:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		437 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1499790786025520&correlator=1661319030188572&output=ldjh&impl=fif&eid=31063206%2C31063705%2C31063712%2C44754276%2C44748552&vrg=2021111001&ptt=17&sc=1&sfv=1-0-38&ecs=20211113&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1636813418&dt=1636813418520&dlt=1636813416949&idt=1548&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1933368604&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcutt.us%2FPvpTo&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x63&msz=0x0&ga_vid=505047818.1636813418&ga_sid=1636813419&ga_hid=399012091&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ef2012e21153dac920bf5a9008ea746ec4fe4dc01489951e3455a2492c53222b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 14:23:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
228
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutt.us
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
051c330aafdbedf85c97870a976a8cee.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5032 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://051c330aafdbedf85c97870a976a8cee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 13 Nov 2021 14:23:39 GMT
expires
Sun, 13 Nov 2022 14:23:39 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
clear
NU45Q3csREVXQSwxNjM2MzgxNDI0LA
tricia.laceywhitley.xyz/
Redirect Chain
  • https://d9u79.app.link/xDcbLMMf1kb
  • http://tricia.laceywhitley.xyz/NU45Q3csREVXQSwxNjM2MzgxNDI0LA?_branch_match_id=988073974341024794&utm_source=facebook&utm_campaign=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT7EsNbfUSywo0MvJ...
1 KB
838 B 		Document
General
Check archive.org
Download Go to
Full URL
http://tricia.laceywhitley.xyz/NU45Q3csREVXQSwxNjM2MzgxNDI0LA?_branch_match_id=988073974341024794&utm_source=facebook&utm_campaign=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT7EsNbfUSywo0MvJzMvWr3BJTvLx9U0zzE4CAG6JWdoiAAAA
Requested by
Host: cutt.us
URL: https://cutt.us/PvpTo
Protocol
HTTP/1.1
Server
172.96.191.234 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
172.96.191.234-static.reverse.arandomserver.com
Software
LiteSpeed / PHP/7.3.32
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/PvpTo

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
x-powered-by
PHP/7.3.32
cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=UTF-8
content-length
530
content-encoding
gzip
vary
Accept-Encoding
date
Sat, 13 Nov 2021 14:23:40 GMT
server
LiteSpeed

Redirect headers

location
http://tricia.laceywhitley.xyz/NU45Q3csREVXQSwxNjM2MzgxNDI0LA?_branch_match_id=988073974341024794&utm_source=facebook&utm_campaign=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT7EsNbfUSywo0MvJzMvWr3BJTvLx9U0zzE4CAG6JWdoiAAAA
server
openresty
date
Sat, 13 Nov 2021 14:23:39 GMT
x-powered-by
Express
last-modified
Sat, 13 Nov 2021 14:23:39 GMT
x-cache
Miss from cloudfront
via
1.1 6886c621d4716e156349149ba8d65b41.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
WwHSFyE31NjTigsICUpZY6CZU-cKp1iGac3re1YZTiG8tLPHdvJ6Bw==
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Nov 2021 14:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
9146
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 14:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
clear
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 13 Nov 2021 14:23:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8724 		0
0
aframe
www.google.com/recaptcha/api2/ Frame FF89 		0
0
Primary Request da57dc555e50572d
ddoklg.womenfolove.net/c/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1
Requested by
Host: tricia.laceywhitley.xyz
URL: http://tricia.laceywhitley.xyz/NU45Q3csREVXQSwxNjM2MzgxNDI0LA?_branch_match_id=988073974341024794&utm_source=facebook&utm_campaign=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT7EsNbfUSywo0MvJzMvWr3BJTvLx9U0zzE4CAG6JWdoiAAAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:420a:9200::ab -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
eb623319ed9ed891081962c00e740a6a86f48f4048a19d1ab1ac715233e8261d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

server
nginx
date
Sat, 13 Nov 2021 14:23:41 GMT
content-type
text/html; charset=utf-8
content-encoding
gzip
main.css
cdn-bimi.akamaized.net/landings/202249/1619701409/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202249/1619701409/css/main.css?1619701409
Requested by
Host: ddoklg.womenfolove.net
URL: https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.126.117.16 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
486c3206eb63ca4bd1e4e6edfe59310d70bccb90b5af02270aeec17660e493e7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ddoklg.womenfolove.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 14:23:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 13:03:31 GMT
Server
AmazonS3
x-amz-request-id
1P2G54X7AE9H2B4W
ETag
"de0ef3694ddd3be0486a5a9c75a79fc6"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1802
x-amz-id-2
nIPP5fqjJ5huhA5vKzGXqtrQVF+CA8+7JCGYAyz53iHhILEEz1xqjSJlXzJaF40sMpj7HUa3MJs=
jquery.min.js
cdn-bimi.akamaized.net/landings/202249/1619701409/js/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202249/1619701409/js/jquery.min.js?1619701409
Requested by
Host: ddoklg.womenfolove.net
URL: https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.126.117.16 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ddoklg.womenfolove.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 14:23:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 13:03:31 GMT
Server
AmazonS3
x-amz-request-id
ZGPH3NQADXSZ9ET5
ETag
"2f6b11a7e914718e0290410e85366fe9"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
29855
x-amz-id-2
GNmAaVD6FDfliIrRR2lAq9pIfhDiPaWYmGzR5NfWqiEfPsNcGp7H7xpAPQkTNX70tJgSQjuvS/I=
function.js
cdn-bimi.akamaized.net/landings/202249/1619701409/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202249/1619701409/js/function.js?1619701409
Requested by
Host: ddoklg.womenfolove.net
URL: https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.126.117.16 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a73772cd4bb5a3d4d7c6df6cc30871fc54a300e769d5801dff556214096fec7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ddoklg.womenfolove.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 14:23:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 13:03:31 GMT
Server
AmazonS3
x-amz-request-id
034BEGD1DCXBN7DG
ETag
"b0561d8520837b958a331542f50c3cac"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
529
x-amz-id-2
9IsFgdZYsxkX6MAPmfFJSwbOJk38o/klTyZZcqvdH9NelSHbn5DfC4reNPcBhn8+yQQkCk5N9RI=
translates.js
cdn-bimi.akamaized.net/landings/202249/1619701409/js/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202249/1619701409/js/translates.js?1619701409
Requested by
Host: ddoklg.womenfolove.net
URL: https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.126.117.16 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aee743e84202e6fb2f4c64ce720e2c15bd831e56d3a32c93a15c6eb4f072da7b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ddoklg.womenfolove.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 14:23:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 13:03:31 GMT
Server
AmazonS3
x-amz-request-id
4W0TNB2TYK6AR11N
ETag
"0a414cc1f6e5cf7f0c545e4739571009"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
13814
x-amz-id-2
bNC/UgZGB5bvfh1jbNC9h/ATBxrIyIeHxLm3WLiyOoA9+imZ8u+/SnHYEEjyVRknzjaWC2dqfgY=
girl.png
cdn-bimi.akamaized.net/landings/202249/1619701409/images/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/202249/1619701409/images/girl.png
Requested by
Host: ddoklg.womenfolove.net
URL: https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.126.117.16 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
179e5a58f0da3453f9d12349e7ccea41d416fc8a0321ef5cece5aa8be0376c07

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ddoklg.womenfolove.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 14:23:41 GMT
Last-Modified
Thu, 29 Apr 2021 13:03:31 GMT
Server
AmazonS3
x-amz-request-id
YKNW2WZ7EX0WTF29
ETag
"fce275d8f84102b0be395906e01f7842"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92518
x-amz-id-2
YpmeeX0Qz8mX46+5RmJBe/qv7PB4ywoLrjz43/xbGv8l3imqzFNznbSPVg0GfkQFYxLsQHtr0c8=
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,900
Requested by
Host: cdn-bimi.akamaized.net
URL: https://cdn-bimi.akamaized.net/landings/202249/1619701409/css/main.css?1619701409
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
79ed7ce5aa05b86669819fef0a8aef590009730b5638680c71148402ddf343d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn-bimi.akamaized.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 13:09:51 GMT
server
ESF
date
Sat, 13 Nov 2021 14:23:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Nov 2021 14:23:42 GMT
gtm.js
www.googletagmanager.com/ 		78 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPJGZHL
Requested by
Host: ddoklg.womenfolove.net
URL: https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3735b25c36bbee5f3b9ee0602686e4c3dd21474e2b30913c8cce304d49d2e42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ddoklg.womenfolove.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 14:23:42 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
31332
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Nov 2021 14:23:42 GMT
subscriber.js
ddoklg.womenfolove.net/js/pushjs/1.0.0/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ddoklg.womenfolove.net/js/pushjs/1.0.0/subscriber.js
Requested by
Host: ddoklg.womenfolove.net
URL: https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:420a:9200::ab -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
2687886ca805aee509c40e57448d1a2245f36a590213b3d0d3ebc27df6e5c964

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 14:23:42 GMT
content-encoding
gzip
expires
Sat, 20 Nov 2021 14:23:42 GMT
server
nginx
cache-control
max-age=604800
content-type
application/javascript
main_girl.jpg
cdn-bimi.akamaized.net/landings/202249/1619701409/images/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/202249/1619701409/images/main_girl.jpg
Requested by
Host: cdn-bimi.akamaized.net
URL: https://cdn-bimi.akamaized.net/landings/202249/1619701409/css/main.css?1619701409
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
104.126.117.16 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
453ef8f5c0a640f6fd98b9517da635cef23644464f475d86f6e3504059d87729

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn-bimi.akamaized.net/landings/202249/1619701409/css/main.css?1619701409
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 14:23:42 GMT
last-modified
Thu, 29 Apr 2021 13:03:31 GMT
server
AmazonS3
x-amz-request-id
6BWYSYR4RCQJS159
etag
"046f0ac680753e76c1110935b3455f84"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
98827
x-amz-id-2
av8Zwdf7tRTiYBs6BrNvZpiM36rFaaWdj4QffUPPGBU05TwPg7iSz93MQjF27TDJLdcGUMeiVnM=
quic-version
Q050
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		0
0
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		0
0
firebase-app.js
www.gstatic.com/firebasejs/5.0.2/ 		0
0
firebase-messaging.js
www.gstatic.com/firebasejs/5.0.2/ 		0
0
utils.js
ddoklg.womenfolove.net/js/pushjs/1.0.0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ddoklg.womenfolove.net/js/pushjs/1.0.0/utils.js
Requested by
Host: ddoklg.womenfolove.net
URL: https://ddoklg.womenfolove.net/js/pushjs/1.0.0/subscriber.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:420a:9200::ab -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 14:23:42 GMT
content-encoding
gzip
expires
Sat, 20 Nov 2021 14:23:42 GMT
server
nginx
cache-control
max-age=604800
content-type
application/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Domain
www.gstatic.com
URL
https://www.gstatic.com/firebasejs/5.0.2/firebase-app.js
Domain
www.gstatic.com
URL
https://www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

6 Cookies

Domain/Path Name / Value
.cutt.us/ Name: _ga
Value: GA1.2.505047818.1636813418
.cutt.us/ Name: _gid
Value: GA1.2.1946445983.1636813418
.cutt.us/ Name: _gat_gtag_UA_31510493_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.cutt.us/ Name: __gads
Value: ID=a0508f7b20b8317f-22591de1547b0040:T=1636813418:S=ALNI_MZvbFdTS1swrnackT_-FViAaZhWcg
.app.link/ Name: _s
Value: Q0iLvrwT66RtZuDWm5xl5AhCAPrLIrULZL88V1ZNhokyIm%2BdbOkg4B2%2Bx1Cwh8JP

1 Console Messages

Source Level URL
Text
rendering warning URL: https://ddoklg.womenfolove.net/c/da57dc555e50572d?s1=116112&s2=1299442&s3=SENK&click_id=DEWA&j1=1&j3=1(Line 212)
Message:
The value "false" for key "user-scalable" is invalid, and has been ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

051c330aafdbedf85c97870a976a8cee.safeframe.googlesyndication.com
adservice.google.com
cdn-bimi.akamaized.net
cutt.us
d9u79.app.link
ddoklg.womenfolove.net
fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
tricia.laceywhitley.xyz
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
fonts.gstatic.com
tpc.googlesyndication.com
www.google.com
www.gstatic.com
104.126.117.16
142.251.41.2
172.96.191.234
2600:1f18:420a:9200::ab
2600:9000:210b:2e00:19:9934:6a80:93a1
2607:f8b0:4006:809::2002
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:817::2002
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81e::200e
69.61.26.123
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0a73772cd4bb5a3d4d7c6df6cc30871fc54a300e769d5801dff556214096fec7
10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d
179e5a58f0da3453f9d12349e7ccea41d416fc8a0321ef5cece5aa8be0376c07
2687886ca805aee509c40e57448d1a2245f36a590213b3d0d3ebc27df6e5c964
41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb
453ef8f5c0a640f6fd98b9517da635cef23644464f475d86f6e3504059d87729
486c3206eb63ca4bd1e4e6edfe59310d70bccb90b5af02270aeec17660e493e7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79ed7ce5aa05b86669819fef0a8aef590009730b5638680c71148402ddf343d4
8e62b6f9b347200447b4c192c6ebb756a3db8533b4dc29ebf6888ab2e4293a78
9976a6ecb3c55b071fd718a5849aa06de3cec11a5a80ff3f73ff564018d1443b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aee743e84202e6fb2f4c64ce720e2c15bd831e56d3a32c93a15c6eb4f072da7b
b40e3ad4018615b3f79bfe9b3a086c02ba81fb0d819ceccf8ff992e44e27afcf
bcba1cdfe1de5654151ac296ae5d6328f452135f4b7abec13402912d85a32714
c3735b25c36bbee5f3b9ee0602686e4c3dd21474e2b30913c8cce304d49d2e42
eb623319ed9ed891081962c00e740a6a86f48f4048a19d1ab1ac715233e8261d
ef2012e21153dac920bf5a9008ea746ec4fe4dc01489951e3455a2492c53222b