urlscan.io logo urlscan.io
SecurityTrails logo

cuttyladies.com Open in urlscan Pro
104.21.96.143  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cutt.us/DYQLT
Effective URL: https://cuttyladies.com/wWbjw64R
Submission: On November 01 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 15 domains to perform 32 HTTP transactions. The main IP is 104.21.96.143, located in United States and belongs to CLOUDFLARENET, US. The main domain is cuttyladies.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2021. Valid for: a year.
This is the only time cuttyladies.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 69.61.26.123 22653 (GLOBALCOM...)
1 172.217.23.98 15169 (GOOGLE)
1 142.250.185.232 15169 (GOOGLE)
3 172.217.18.98 15169 (GOOGLE)
2 142.250.186.78 15169 (GOOGLE)
1 142.250.185.194 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 142.250.186.33 15169 (GOOGLE)
5 142.250.185.162 15169 (GOOGLE)
1 1 185.15.209.141 52000 (MIRHOSTING)
1 1 31.11.33.85 31034 (ARUBA-ASN)
1 1 80.89.229.79 204601 (ON-LINE-D...)
10 104.21.96.143 13335 (CLOUDFLAR...)
2 142.250.184.193 15169 (GOOGLE)
1 172.217.16.132 15169 (GOOGLE)
1 142.250.185.202 15169 (GOOGLE)
1 142.250.185.67 15169 (GOOGLE)
1 172.67.181.239 13335 (CLOUDFLAR...)
32 15
1    69.61.26.123 (Atlanta, United States)

ASN22653 (GLOBALCOMPASS, US)
cutt.us
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
www.googletagservices.com
1    142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
www.googletagmanager.com
3    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
securepubads.g.doubleclick.net
2    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
www.google-analytics.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
adservice.google.de
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
adservice.google.com
1    142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net
3d173a783ce34bb556ae27bfc28d6754.safeframe.googlesyndication.com
5    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pagead2.googlesyndication.com
1    185.15.209.141 (Dronten, Netherlands)

ASN52000 (MIRHOSTING, RU)
PTR: nbn.topsnursingschool.com
gg.gg
1    31.11.33.85 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: websn2s075.aruba.it
www.corsaro.it
1    80.89.229.79 (Enschede, Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: vm2688619.23ssd.had.wf
otk1.gq
10    104.21.96.143 (United States)

ASN13335 (CLOUDFLARENET, US)
cuttyladies.com
2    142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net
tpc.googlesyndication.com
1    172.217.16.132 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f132.1e100.net
www.google.com
1    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
1    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
1    172.67.181.239 (United States)

ASN13335 (CLOUDFLARENET, US)
frenchequal.pro
Domain Requested by
10 cuttyladies.com cutt.us
cuttyladies.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 frenchequal.pro cuttyladies.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com cuttyladies.com
1 www.google.com tpc.googlesyndication.com
1 otk1.gq 1 redirects
1 www.corsaro.it 1 redirects
1 gg.gg 1 redirects
1 3d173a783ce34bb556ae27bfc28d6754.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.googletagmanager.com cutt.us
1 www.googletagservices.com cutt.us
1 cutt.us
32 18

This site contains no links.

Subject Issuer Validity Valid
www.cutt.us
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-03 -
2022-08-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://cuttyladies.com/wWbjw64R
Frame ID: 9188806D460B4455CC3B1A544867D357
Requests: 27 HTTP requests in this frame

Frame: https://3d173a783ce34bb556ae27bfc28d6754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4748C6B8FAE957ADDA556540779990DD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F1D557F418DBB7DEE02EF1E05AD1CF31
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E1D05949B925A9F80E6E1C56AE05E60E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Age verification

Page URL History Show full URLs

  1. https://cutt.us/DYQLT Page URL
  2. http://gg.gg/w1tvo HTTP 301
    http://www.corsaro.it/portale/AdRedir.asp?url=https://otk1.gq/bnDPsf HTTP 302
    https://otk1.gq/bnDPsf HTTP 302
    https://cuttyladies.com/wWbjw64R Page URL

Page Statistics

32
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

18
Subdomains

15
IPs

3
Countries

426 kB
Transfer

978 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutt.us/DYQLT Page URL
  2. http://gg.gg/w1tvo HTTP 301
    http://www.corsaro.it/portale/AdRedir.asp?url=https://otk1.gq/bnDPsf HTTP 302
    https://otk1.gq/bnDPsf HTTP 302
    https://cuttyladies.com/wWbjw64R Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
DYQLT
cutt.us/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cutt.us/DYQLT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.123 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US),
Reverse DNS
Software
Hotcores.com /
Resource Hash
707b391c31186de291cfa9fa41c286164cb1fa04683137205d95fa2383a2aad6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
Hotcores.com
Date
Mon, 01 Nov 2021 06:37:41 GMT
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate, max-age=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
I-AM
Gamma
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cutt.us
URL: https://cutt.us/DYQLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
4dba1e011745c1bec0b32691b466bf85c8972935bdb186a45fc96296136b23d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1030 / 853 of 1000 / last-modified: 1635545062"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27294
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 01 Nov 2021 06:37:41 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Requested by
Host: cutt.us
URL: https://cutt.us/DYQLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6d0b536520237167e7b64d244b6f9ca4907bd83f1b7e6aa460b8d6bf36fb1e25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35870
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 Nov 2021 06:37:41 GMT
pubads_impl_2021102501.js
securepubads.g.doubleclick.net/gpt/ 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122594
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 08:35:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 01 Nov 2021 06:37:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		26 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
9976a6ecb3c55b071fd718a5849aa06de3cec11a5a80ff3f73ff564018d1443b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Nov 2021 06:37:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Mon, 01 Nov 2021 06:37:41 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
2195
date
Mon, 01 Nov 2021 06:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 01 Nov 2021 08:01:06 GMT
collect
www.google-analytics.com/j/ 		1 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=824936947&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2FDYQLT&ul=en-us&de=UTF-8&dt=DYQLT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1561792920&gjid=1310426948&cid=1794826060.1635748662&tid=UA-31510493-1&_gid=575452471.1635748662&_r=1&gtm=2ouar0&z=411051736
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cutt.us/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 06:37:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cutt.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cutt.us
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Nov 2021 06:37:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cutt.us
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Nov 2021 06:37:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		437 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3385317608116514&correlator=1095486079200190&output=ldjh&impl=fif&eid=31063139&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211101&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1635748661&dt=1635748661597&dlt=1635748661348&idt=229&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1933368604&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcutt.us%2FDYQLT&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x63&msz=0x0&ga_vid=1794826060.1635748662&ga_sid=1635748662&ga_hid=824936947&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
5683d85ab6025ea20cbb0fe0b9a6b5da01cc88273357825c9afde7e73764ca57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutt.us
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3d173a783ce34bb556ae27bfc28d6754.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4748 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d173a783ce34bb556ae27bfc28d6754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 01 Nov 2021 06:37:41 GMT
expires
Tue, 01 Nov 2022 06:37:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=cutt.us&host=cutt.us&success=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 06:37:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request wWbjw64R
cuttyladies.com/
Redirect Chain
  • http://gg.gg/w1tvo
  • http://www.corsaro.it/portale/AdRedir.asp?url=https://otk1.gq/bnDPsf
  • https://otk1.gq/bnDPsf
  • https://cuttyladies.com/wWbjw64R
72 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cuttyladies.com/wWbjw64R
Requested by
Host: cutt.us
URL: https://cutt.us/DYQLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.96.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5056829ad78610f3e1fb528c05ff0a7dd7956e5d79c4333a84093b642ebe7002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/DYQLT

Response headers

date
Mon, 01 Nov 2021 06:37:42 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires
0
last-modified
Mon, 01 Nov 2021 06:37:42 GMT
pragma
no-cache
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IGDPXSHBHxk2uKUPBGhJ8mYmQh96nCNH5TNPAES8ELZGNS1Z16ZQzLu6simvoAzv51%2FedkYBJLoiacdStZrPMerTk5%2BVh1LDVJrK1gL4ZQBESytoeTclH47Su8rA11ZnYs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a731db5ca49edd3-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Server
nginx
Date
Mon, 01 Nov 2021 06:37:42 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/7.4.23
Last-Modified
Mon, 01 Nov 2021 06:37:42 GMT
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Pragma
no-cache
Expires
0
Location
https://cuttyladies.com/wWbjw64R
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Nov 2021 06:37:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9120
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 01 Nov 2021 06:37:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F1D5 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 31 Oct 2021 16:31:30 GMT
expires
Mon, 31 Oct 2022 16:31:30 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50771
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E1D0 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VxcDzndO0whkw1zd7KCIUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 01 Nov 2021 06:37:41 GMT
date
Mon, 01 Nov 2021 06:37:41 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-VxcDzndO0whkw1zd7KCIUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js
pagead2.googlesyndication.com/bg/ Frame F1D5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
215610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13354
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 29 Oct 2022 18:44:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E1D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102501&jk=3385317608116514&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102501&jk=3385317608116514&bg=!BQalBkLNAAZzbWp4c207ACkAdvg8WpDxskX9dCKVJ_y8zfG-0XDKasH0yvGz_xTaoagsUuu_kFkKJQIAAABOUgAAAAtoAQeZArDDUNpuCUlaQRV4Yny7chMkqw5WfW7MF8HsEFwyV922NZ7_ytns3Ez5GWotw3WxOrmBmbf1emPbj5vTTT6Su40Hmj8KVCzPrbjMDF6yNs7bKsLttW2Zxaw_cFqhiBdkKAaZBfBu8TIObXx0Q0t7ux9iJ5dJEFIvPpi4rSy3l7XG0XY2-KZRw1dOuw9i7QYtwGAGR5WllVxeNKpoBiW2Eav1BuMXhrDiPMy-nNMtWDW5uLaigB_qYkk4WQ9sbqMokQGDHyBlLiALt1pgOD60BIBvDqbWmSnMFeIZJC3IoQpEZlyjGcO5qIokCkpw2tMoP1a162FtYxb4MG9vxT5lxPvdiaiJ5iEOtjqFA4knnwiJt6SpK-58zvbdrZKBtRjCHKQ7GdCsrzoCceX1zkOYbEGYOrMVI2i8Yb4QfEKrgQVsDcmUVmdHDzMztcLXtRId8B_eOoIeWG8OlHp3FOwjxEWKvDOExn3Jw_k4_G8P6wb4clY4CoS03i4LrOaT5Ay253cwFEIm_rUQhnU4mIJUVWGNhpX_XZBsw-zloEobNY0SKBSF6bn8YU-zj1jFAnQUkj033wx5DAFFX5EjTscApVgnUEA9oEz08Hbl7HqFMJqPOmdTZWDGY4EPLSqNIvDaNGyunXzVFCQ7VXY6hvPJSp4Xtm91UrPvJ1dzziUBRyHrbp6gGDpSPSP5yxiNvJaitd5djgbmlcA7ZsF3wsc761qISdKvWVYpZE6Y2VD7nCd2xR9t2UnIuy0WtzxMBxSfd3SEEZRo1-bqhlCD-39w86OTOwAX27WpfkVgr1tkt8W4TiFoPmSEmfidZyjuDN5Y4GE0QxFWznDoV0yIsBuoS9YXHHZ19DD7m9JIQtt-nV-U79-NnzXiSdfFA-SWPWItUJ50QhF2s_1hFBHaaTkrDPwa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 06:37:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
font-awesome.min.css
cuttyladies.com/landers/agever-v4_1567758728/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cuttyladies.com/landers/agever-v4_1567758728/font-awesome.min.css
Requested by
Host: cuttyladies.com
URL: https://cuttyladies.com/wWbjw64R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cuttyladies.com/landers/agever-v4_1567758728/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:42 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nr1RN0mVzpKvOZsI1sr28FsHEWXvfSS2ykuzO9z9H%2Fk1J24LIvUUJsDbboJS2zcWm4Ko4T5poF2Y2adVs2qQVUrWNkoYzHo2%2FatnjofVgWXjZQti7CtLw11LQzauxmUZstI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
6a731db6a8963a5d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,800,800italic
Requested by
Host: cuttyladies.com
URL: https://cuttyladies.com/wWbjw64R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
731c84b4008ed3a7a9df00e0eb85f8d0911d2565db00ab0ddff3bc56bdb5cae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cuttyladies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 05:49:34 GMT
server
ESF
date
Mon, 01 Nov 2021 06:37:42 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 01 Nov 2021 06:37:42 GMT
jquery.min.js
cuttyladies.com/landers/agever-v4_1567758728/assets/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cuttyladies.com/landers/agever-v4_1567758728/assets/js/jquery.min.js
Requested by
Host: cuttyladies.com
URL: https://cuttyladies.com/wWbjw64R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cuttyladies.com/wWbjw64R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
194134
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 27 Aug 2020 15:18:34 GMT
server
cloudflare
etag
W/"5f47ceca-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rk3%2BHhJpJee%2F%2BOKnffLJJxKhqTLCREeINRvNFbSP9DWKMW0PYteE2KGBf2LT6vpBHxpsCDWfIaq1zvtgpnLEBbXV95YhYvQ8HNZZxa8u76vz7m26cmY5BtFcuHiNpUnblXw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6a731db6a88a3a5d-CDG
expires
Tue, 09 Nov 2021 00:42:08 GMT
jquery.scrollex.min.js
cuttyladies.com/landers/agever-v4_1567758728/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cuttyladies.com/landers/agever-v4_1567758728/assets/js/jquery.scrollex.min.js
Requested by
Host: cuttyladies.com
URL: https://cuttyladies.com/wWbjw64R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc25b75fb3fc8b42756413be387e0d7a602813125283d2384551961d73ea784e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cuttyladies.com/wWbjw64R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
194134
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 27 Aug 2020 15:18:34 GMT
server
cloudflare
etag
W/"5f47ceca-8d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kljZ4vNlW7Z3sQNblGKFk3my6PBdLWQ8hA9dBO8pN5ijVw9RBl4uz5RjJh30J7N80xx%2BypW5SWDxfMx12WDoaW9mIarvXfZ%2Brqu1HWokq7pZOfI5ND24Xj8AQeBVhi9%2FiQk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6a731db6a8923a5d-CDG
expires
Tue, 09 Nov 2021 00:42:08 GMT
jquery.scrolly.min.js
cuttyladies.com/landers/agever-v4_1567758728/assets/js/ 		831 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cuttyladies.com/landers/agever-v4_1567758728/assets/js/jquery.scrolly.min.js
Requested by
Host: cuttyladies.com
URL: https://cuttyladies.com/wWbjw64R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b6571ea2c3631ff50bb4b96e7f9081c6e33ebaadef9cb2ca5955d5e0b625a02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cuttyladies.com/wWbjw64R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
239238
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 27 Aug 2020 15:18:34 GMT
server
cloudflare
etag
W/"5f47ceca-33f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fy88Rn92ZmOxyon3GnuQTQjEPwNcprc92w1oQYxn4VYlKnSagaBYwSS9RCU12%2F4rVn2n9EJYiW8kHBC6P1VgcstFhHNPhNMWVVk6EO2xL3LZxRcFv7w69%2FRpi07L7E0W6As%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6a731db6a8953a5d-CDG
expires
Mon, 08 Nov 2021 12:10:24 GMT
browser.min.js
cuttyladies.com/landers/agever-v4_1567758728/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cuttyladies.com/landers/agever-v4_1567758728/assets/js/browser.min.js
Requested by
Host: cuttyladies.com
URL: https://cuttyladies.com/wWbjw64R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cuttyladies.com/wWbjw64R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9935
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 27 Aug 2020 15:18:34 GMT
server
cloudflare
etag
W/"5f47ceca-73b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnRFuRIs8Xol6mMMsgPta7ZMVwK%2B5AZGnV%2B%2FI3UQlzYG2gGUq33ElnuJwJhLY4OVaF10LanvEb7jMvCxzk2%2FjXaPZ3HCIE1Jxb8UHisY1kKoulzcbAN2pq7J32pKASPwLs8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6a731db6a8943a5d-CDG
expires
Thu, 11 Nov 2021 03:52:07 GMT
breakpoints.min.js
cuttyladies.com/landers/agever-v4_1567758728/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cuttyladies.com/landers/agever-v4_1567758728/assets/js/breakpoints.min.js
Requested by
Host: cuttyladies.com
URL: https://cuttyladies.com/wWbjw64R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cuttyladies.com/wWbjw64R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
194134
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 27 Aug 2020 15:18:34 GMT
server
cloudflare
etag
W/"5f47ceca-987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrmmHNHP3%2B7JgjlW924fJPDsC6w%2BS%2FDy0fdST%2BYp7Mm98Y8RbqdW5CLAl9uFfnH2q9EeloxINNnmN%2BsULYFLXMogtLbx6WiSuPX6cNWEXb1oaPaEiNrvYkJjKdesQpnsmGg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6a731db6a88e3a5d-CDG
expires
Tue, 09 Nov 2021 00:42:08 GMT
util.js
cuttyladies.com/landers/agever-v4_1567758728/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cuttyladies.com/landers/agever-v4_1567758728/assets/js/util.js
Requested by
Host: cuttyladies.com
URL: https://cuttyladies.com/wWbjw64R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cuttyladies.com/wWbjw64R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
194134
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 27 Aug 2020 15:18:34 GMT
server
cloudflare
etag
W/"5f47ceca-3091"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfAOb%2BZqZQE07aeJMdFUUjWPazZJGZ%2Fh94K2LO6yjYjRdaeiNR2DH4XxX8kr8qaVkKk2CEv2PHbFUn%2F2H7sANRDks25cBhmcmuyzT0i983ih277N%2FH7rMj6exTSydw0i2bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6a731db6a88c3a5d-CDG
expires
Tue, 09 Nov 2021 00:42:08 GMT
main.js
cuttyladies.com/landers/agever-v4_1567758728/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cuttyladies.com/landers/agever-v4_1567758728/assets/js/main.js
Requested by
Host: cuttyladies.com
URL: https://cuttyladies.com/wWbjw64R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68b89760db453294507c69ebc8f261cbc1e1b303215c7cc768f978e65dc86701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cuttyladies.com/wWbjw64R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
194134
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 27 Aug 2020 15:18:34 GMT
server
cloudflare
etag
W/"5f47ceca-709"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4xCJ4w8uNrwYJbu6m8VYDJVVa8prePj0ddPuL2SN2KQCDgMzeQKHk6%2BxOIunbf4xaQQMQVcWqVg5Lpx%2FjazKjGAzp9nTr4ZfpE8Ue%2B4xI3sszEEQEWfgJVCUdVOMxD9qR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6a731db6a8903a5d-CDG
expires
Tue, 09 Nov 2021 00:42:08 GMT
2.jpg
cuttyladies.com/landers/agever-v4_1567758728/images/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cuttyladies.com/landers/agever-v4_1567758728/images/2.jpg
Requested by
Host: cuttyladies.com
URL: https://cuttyladies.com/wWbjw64R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89298034a6ce12b9fb52cbc1582c12efae9cadd3de6850990c8cc6d81e14fd6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cuttyladies.com/wWbjw64R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
319105
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
80665
last-modified
Thu, 27 Aug 2020 15:18:34 GMT
server
cloudflare
etag
"5f47ceca-13b19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poD7vjkeRnwrwxZoNUVZBbWPqTfjUHHi5Ub%2FzJXfSg1OjvVRvDM%2BiNszuztRksGBUotrBrq1w6jT%2FpBWmJ3YntrdTqeE26JDZwMZqzbExwT2XoAEQtkfHviEchCr0%2BMGQAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
6a731db7190a3a5d-CDG
expires
Sun, 07 Nov 2021 13:59:17 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cuttyladies.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 16:21:35 GMT
x-content-type-options
nosniff
age
310567
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 16:21:35 GMT
pops.js
frenchequal.pro/code/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frenchequal.pro/code/pops.js?h=waWQiOjEwMTgwMjYsInNpZCI6MTAyMzc1Niwid2lkIjoxNzQ3MjksInNyYyI6Mn0=eyJ
Requested by
Host: cuttyladies.com
URL: https://cuttyladies.com/wWbjw64R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.181.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dff022ac9eb830cb01933959706fa5095b572fa96bcfcbcd57c32e169e023446

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cuttyladies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 06:37:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2070
x-zone
eu
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 01 Nov 2021 06:03:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7%2B7%2B1%2FyhbuTAMBIem%2FD3E1deg3YTYPCRAOU8gX0nWvvM%2B1hmjF9abfjvPoxQQeip7d4L04wFlUGtx9NC96%2BG31RRv577bZl9s%2FUokiXdBK4NKVQAQjFBlL3GbqxBmXrU%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://hot-locals.com
cache-control
max-age=14400
cf-ray
6a731db7a93b6b48-AMS

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| browser function| breakpoints string| offerUrl

13 Cookies

Domain/Path Name / Value
.cutt.us/ Name: _ga
Value: GA1.2.1794826060.1635748662
.cutt.us/ Name: _gid
Value: GA1.2.575452471.1635748662
.cutt.us/ Name: _gat_gtag_UA_31510493_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.cutt.us/ Name: __gads
Value: ID=8ebb6fb26527245c-22ca72b606cb00ba:T=1635748661:S=ALNI_Mb16fXKGaO1kMjI2XePKo0UAuIZnA
gg.gg/ Name: ci_session
Value: a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%227fdb76d167e6bd33615c08c6903e9397%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22216.131.111.174%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A114%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1635748662%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D8fcaa3ff9844fe7a267a3caf183f0016
.gg.gg/ Name: gg_token
Value: 112f75abb3526f302e68b264da64ee50617f8b36053638.12401139
www.corsaro.it/ Name: ASPSESSIONIDACTBQDRQ
Value: HGMHHGADADHHHFKKBGPGILCN
otk1.gq/ Name: _subid
Value: 1pffht7617f8b36854e0
otk1.gq/ Name: 18b13
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjdcIjoxNjM1NzQ4NjYyfSxcImNhbXBhaWduc1wiOntcIjJcIjoxNjM1NzQ4NjYyfSxcInRpbWVcIjoxNjM1NzQ4NjYyfSJ9.WTPFppjZK-O73e39rJ060S3S4KzSBhyit1yLNiiqmxE
cuttyladies.com/ Name: _subid
Value: 1pffht73t1k1k
cuttyladies.com/ Name: 9bf24
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0MDIwOFwiOjE2MzU3NDg2NjIsXCIxMjAxOTVcIjoxNjM1NzQ4NjYyfSxcImNhbXBhaWduc1wiOntcIjEzMjI3XCI6MTYzNTc0ODY2MixcIjg4N1wiOjE2MzU3NDg2NjJ9LFwidGltZVwiOjE2MzU3NDg2NjJ9In0.dwguoJ4HjWYDw_p-Mqz9YzgbfakeeEtpUYI4qo0vV8Y
cuttyladies.com/ Name: _token
Value: uuid_1pffht73t1k1k_1pffht73t1k1k617f8b36b5ac13.24571143

1 Console Messages

Source Level URL
Text
network error URL: https://cuttyladies.com/landers/agever-v4_1567758728/font-awesome.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3d173a783ce34bb556ae27bfc28d6754.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cutt.us
cuttyladies.com
fonts.googleapis.com
fonts.gstatic.com
frenchequal.pro
gg.gg
otk1.gq
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.corsaro.it
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.21.96.143
142.250.184.193
142.250.185.162
142.250.185.194
142.250.185.202
142.250.185.232
142.250.185.67
142.250.186.33
142.250.186.66
142.250.186.78
172.217.16.132
172.217.18.98
172.217.23.98
172.67.181.239
185.15.209.141
31.11.33.85
69.61.26.123
80.89.229.79
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52
4dba1e011745c1bec0b32691b466bf85c8972935bdb186a45fc96296136b23d8
5056829ad78610f3e1fb528c05ff0a7dd7956e5d79c4333a84093b642ebe7002
5683d85ab6025ea20cbb0fe0b9a6b5da01cc88273357825c9afde7e73764ca57
68b89760db453294507c69ebc8f261cbc1e1b303215c7cc768f978e65dc86701
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d0b536520237167e7b64d244b6f9ca4907bd83f1b7e6aa460b8d6bf36fb1e25
707b391c31186de291cfa9fa41c286164cb1fa04683137205d95fa2383a2aad6
731c84b4008ed3a7a9df00e0eb85f8d0911d2565db00ab0ddff3bc56bdb5cae8
87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89298034a6ce12b9fb52cbc1582c12efae9cadd3de6850990c8cc6d81e14fd6e
8b6571ea2c3631ff50bb4b96e7f9081c6e33ebaadef9cb2ca5955d5e0b625a02
9976a6ecb3c55b071fd718a5849aa06de3cec11a5a80ff3f73ff564018d1443b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
dff022ac9eb830cb01933959706fa5095b572fa96bcfcbcd57c32e169e023446
fc25b75fb3fc8b42756413be387e0d7a602813125283d2384551961d73ea784e
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62