queitho.com Open in urlscan Pro
2606:4700:3032::ac43:a9ed Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://geneticdisorders.info/
Effective URL:
https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8...
Submission Tags: phishingrod
Submission: On November 05 via api (November 5th 2023, 10:47:29 am UTC) from DE — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3032::ac43:a9ed, located in United States and belongs to CLOUDFLARENET, US. The main domain is queitho.com.
TLS certificate: Issued by E1 on September 17th 2023. Valid for: 3 months.

This is the only time queitho.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3033::ac43:a5c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3030::ac43:ddf5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	172.255.248.125 172.255.248.125	7979 (SERVERS-COM) (SERVERS-COM)
11	2606:4700:303... 2606:4700:3032::ac43:a9ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
24	7

7 2606:4700:3033::ac43:a5c4 (United States)

ASN13335 (CLOUDFLARENET, US)

geneticdisorders.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:ddf5 (United States)

ASN13335 (CLOUDFLARENET, US)

datingadvicefree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.255.248.125 (Luxembourg, Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

go.gkrtmc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3032::ac43:a9ed (United States)

ASN13335 (CLOUDFLARENET, US)

queitho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	queitho.com queitho.com	484 KB
7	geneticdisorders.info geneticdisorders.info	39 KB
3	gkrtmc.com 2 redirects go.gkrtmc.com — Cisco Umbrella Rank: 510172	4 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31	31 KB
2	datingadvicefree.com datingadvicefree.com	4 KB
1	gstatic.com fonts.gstatic.com	24 KB
24	6

	Domain	Requested by
11	queitho.com	go.gkrtmc.com queitho.com
7	geneticdisorders.info	geneticdisorders.info
3	go.gkrtmc.com	2 redirects datingadvicefree.com
2	datingadvicefree.com	geneticdisorders.info datingadvicefree.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	queitho.com
1	ajax.googleapis.com	queitho.com
24	7

This site contains no links.

Subject Issuer	Validity	Valid
geneticdisorders.info GTS CA 1P5	`2023-10-12` - `2024-01-10`	3 months	crt.sh
datingadvicefree.com GTS CA 1P5	`2023-10-10` - `2024-01-08`	3 months	crt.sh
track.cpamatica.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
queitho.com E1	`2023-09-17` - `2023-12-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Frame ID: A157E86EA184EF4059BDDFC6034A992A
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Are you looking for hot dates in your neighborhood?

Page URL History Show full URLs

https://geneticdisorders.info/ Page URL
https://datingadvicefree.com/x.php?s=tacf1&id=282016 Page URL
https://go.gkrtmc.com/aff_c?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst741 HTTP 302
https://go.gkrtmc.com/cl?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst741&... Page URL
https://go.gkrtmc.com/aff_c?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst7... HTTP 302
https://queitho.com/client?camp=s3&aff_id=2&aff_sub=66345&source=mst741&aff_sub2=seo-sem&click_i... Page URL
https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_994... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

583 kB
Transfer

819 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://geneticdisorders.info/ Page URL
https://datingadvicefree.com/x.php?s=tacf1&id=282016 Page URL
https://go.gkrtmc.com/aff_c?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst741 HTTP 302
https://go.gkrtmc.com/cl?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst741&bofc=aff_c Page URL
https://go.gkrtmc.com/aff_c?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst741&bofc=aff_c HTTP 302
https://queitho.com/client?camp=s3&aff_id=2&aff_sub=66345&source=mst741&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1 Page URL
https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://go.gkrtmc.com/aff_c?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst741 HTTP 302
https://go.gkrtmc.com/cl?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst741&bofc=aff_c

Request Chain 10

https://go.gkrtmc.com/aff_c?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst741&bofc=aff_c HTTP 302
https://queitho.com/client?camp=s3&aff_id=2&aff_sub=66345&source=mst741&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
geneticdisorders.info/ 20 KB
4 KB 494ms
238ms Document
text/html 2606:4700:3033::ac43:a5c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geneticdisorders.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae2fa0e10c930da6edb4439b99725ed4eddc1df67dc02b22e471aeb8503d3c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 821484a7fdae7738-LHR
content-encoding: br
content-type: text/html
date: Sun, 05 Nov 2023 10:47:21 GMT
expires: Sun, 05 Nov 2023 10:57:21 GMT
last-modified: Sat, 04 Nov 2023 05:52:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgPfIstINYAlCc4F57OimJVPaIhWAABkoB4jl3KV2b08320GSXLQEBJCVsJW2ewv39FccZ0nsMFiWMU3UnvB1wbrpD7V%2Fw%2FMKS5jL3C66Zq%2FNGUbR9STtlj44FFr96Qj8Gz83Q%2FC76Q4IMdFnHhVztQWJ80%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 swingersgxr.css
geneticdisorders.info/winnercldrt/ 497 B
549 B 259ms
257ms Stylesheet
text/css 2606:4700:3033::ac43:a5c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geneticdisorders.info/winnercldrt/swingersgxr.css
Requested by: Host: geneticdisorders.info
URL: https://geneticdisorders.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3055991fe47ba0bf13e7bd5665c503b97f5ede3d85f9a92d101451f34fe28aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geneticdisorders.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 10:47:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 04 Nov 2023 05:53:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCEtWHwAIUWJ74ksZktbH%2FbsJeaHAjc%2BxCUZKmUDqagHMG83mtbXoShsByVujY6aVeA2OBQ7uo0jUsXozS4CZ3vfJ72bHSFHCqvjFYKphJV5XB%2Fb0MVHHVyYxivxl0NdO35GP9sPVJytC0D%2FGSJWFfhCb48%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 821484a97f9f7738-LHR
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 10:47:22 GMT

GET
H2 200 nakedwomenmo.css
geneticdisorders.info/winnercldrt/ 3 KB
1 KB 249ms
248ms Stylesheet
text/css 2606:4700:3033::ac43:a5c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geneticdisorders.info/winnercldrt/nakedwomenmo.css
Requested by: Host: geneticdisorders.info
URL: https://geneticdisorders.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db1c86edd9027a09a970cda0ef8e0c8114b70241af17dff518d76d9570cea3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geneticdisorders.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 10:47:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 04 Nov 2023 05:52:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UOcNb4Qk7o1lln4azr09MF6NI7I6dEp6VDsjPcgF%2BgeyW0NpH9i5oVsc9nheafviKsBj2h6LHxnR2eYq4Trf7jHHwUFSbyWqGupNjFp9lpUFefsQEHf7CJRU1STl1JUl9rPZgiG2ND5m5iU%2Bvdj%2FHx7C0I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 821484a97fa27738-LHR
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 10:47:21 GMT

GET
H2 200 jquery-3.7.1.min.js Show response
geneticdisorders.info/js/ 85 KB
31 KB 259ms
258ms Script
application/javascript 2606:4700:3033::ac43:a5c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geneticdisorders.info/js/jquery-3.7.1.min.js
Requested by: Host: geneticdisorders.info
URL: https://geneticdisorders.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geneticdisorders.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 10:47:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 04 Nov 2023 05:53:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBBQPCcr%2Fx6jmXo%2FhJ5QZvooPud0Xn%2Blbj%2BOevSWFw%2FSo3NeuqX9IIHEsvMEkg60qQhO0aJsjqKCHhfLDtFoJyaShHZgVOZraorooxzxEftrMhiDb78SeCGDrXRK5E%2BspFhTgT5g1X4cRiIQ0XHzD%2F7Poj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 821484a98fa57738-LHR
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 10:47:21 GMT

GET
H2 200 womenwqo.js Show response
geneticdisorders.info/js/ 321 B
531 B 243ms
242ms Script
application/javascript 2606:4700:3033::ac43:a5c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geneticdisorders.info/js/womenwqo.js
Requested by: Host: geneticdisorders.info
URL: https://geneticdisorders.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06a10eae3241e611510c0f08e8b270bda4e5540d1ee2e59c68e7ab9c90d97245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geneticdisorders.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 10:47:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 04 Nov 2023 05:53:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNr5xWYJu%2FVrQ7%2BdlrYOhM2s5oN5rw2kTtQ46nN7R9LV%2F%2BZwUSMaQ9CcGS2fSnxoasD8%2BZQVbplwHsoBJ%2B7yKCRig6acRFGPBaGDaAKojDM8uRu5L3fWyTRLeqANfths%2F39TJWyyQHQwsdTmAqbz1NwmUMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 821484a98fa67738-LHR
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 10:47:21 GMT

GET
H2 200 nudegirlsin96.js Show response
geneticdisorders.info/js/ 240 B
446 B 266ms
265ms Script
application/javascript 2606:4700:3033::ac43:a5c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geneticdisorders.info/js/nudegirlsin96.js?v=4.53
Requested by: Host: geneticdisorders.info
URL: https://geneticdisorders.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58905fe7f6b0d2050b1d1770c3234c35861dd274b5cc5ad28658d2b5cf7050fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geneticdisorders.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 10:47:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 04 Nov 2023 05:53:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ENRWbCeuEj%2BQVY2fSvCFloIGoAHhS1Vc2z0zbMQnn1MmDvX3qQT24x5dMfmHsaUcSikeha6fXsAEouFeRGgImYvZ%2B8gK2PUEAbH3CgsG%2Bvdg0QWpJ6kt1ZEkmt4cceya4syV7Jc6Y36aq6b77bX%2FKK63bM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 821484a98fab7738-LHR
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 10:47:21 GMT

GET
H3 200 moory2hr.js
geneticdisorders.info/ 217 B
652 B 342ms
342ms XHR
application/javascript 2606:4700:3033::ac43:a5c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geneticdisorders.info/moory2hr.js?qre=7.41&_=1699181242284
Requested by: Host: geneticdisorders.info
URL: https://geneticdisorders.info/js/jquery-3.7.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://geneticdisorders.info/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 10:47:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 31 Oct 2023 18:33:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGz%2F2JxgTbDHI9hfv2KErt9HdCn4Tx8u%2BJn13AQwAGAvLJ%2Bh80EfePY2gHdjK8BJB93%2B0YWM7y5Fs49PYjSSlBKxrgu8yRTWgr0cRArkJz9u9t%2FKmEggRiOm2%2BW0lHzXL8faIPv%2FsZFdIGarcHGhfupq%2B9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 821484ac694f0a50-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 10:47:22 GMT

GET
H2 200 x.php
datingadvicefree.com/ 780 B
905 B 458ms
305ms Document
text/html 2606:4700:3030::ac43:ddf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://datingadvicefree.com/x.php?s=tacf1&id=282016
Requested by: Host: geneticdisorders.info
URL: https://geneticdisorders.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:ddf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://geneticdisorders.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, max-age=0 max-age=600
cf-cache-status: DYNAMIC
cf-ray: 821484af8efe018e-CDG
content-encoding: br
content-type: text/html;charset=UTF-8
date: Sun, 05 Nov 2023 10:47:23 GMT
expires: Sun, 05 Nov 2023 10:57:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLRkEXh4RQ75pZWgT%2B8I2ptoL%2BVG1rK%2BtZkAk%2Fg2JbY6XpLEXAYK2JzB0CypFpBvb7MfFfSxSctdxUIyRfFMJA%2Fo91bOnX7wH5erSwlplWfXnsvRofaLiEBYIQi5LSf2XZkGn1%2BHFpge%2FWFo8val7af%2FAA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 loading.gif
datingadvicefree.com/images/ 3 KB
3 KB 52ms
51ms Image
image/gif 2606:4700:3030::ac43:ddf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datingadvicefree.com/images/loading.gif
Requested by: Host: datingadvicefree.com
URL: https://datingadvicefree.com/x.php?s=tacf1&id=282016
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:ddf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://datingadvicefree.com/x.php?s=tacf1&id=282016
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 10:47:23 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Mar 2023 08:05:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 264500
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yka203Kgq6rfGQ4bT7alJSfYp494So6VsJX6sQtwRRCcIytsyNesV2jXo1A3FECDxD%2FvvoRIpCqGja4mpGfQKUdh56yoZh6VmBYIKFW9m9FsjrFjjz%2BQ%2FMRtLMOf3TOlyW%2BVy4SrhugiY9MV3%2BPrlnNPmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 821484b17a2e018e-CDG
alt-svc: h3=":443"; ma=86400
content-length: 2767
expires: Sat, 02 Dec 2023 09:19:03 GMT

GET
H/1.1

200
OK

cl
go.gkrtmc.com/
Redirect Chain

https://go.gkrtmc.com/aff_c?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst741
https://go.gkrtmc.com/cl?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst741&bofc=aff_c

1 KB
2 KB

31ms
30ms

Document
text/html

172.255.248.125
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://go.gkrtmc.com/cl?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst741&bofc=aff_c

Requested by

Host: datingadvicefree.com
URL: https://datingadvicefree.com/x.php?s=tacf1&id=282016

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

172.255.248.125 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://datingadvicefree.com/x.php?s=tacf1&id=282016
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store no-store, no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Sun, 05 Nov 2023 10:47:23 GMT
ETag: W/"595-1Zkq58eTNnpi7N5VZjluGSk55AI"
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0

Redirect headers

Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 300
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Sun, 05 Nov 2023 10:47:23 GMT
Location: https://go.gkrtmc.com/cl?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst741&bofc=aff_c
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0

GET
H2

200

client Show response
queitho.com/
Redirect Chain

https://go.gkrtmc.com/aff_c?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst741&bofc=aff_c
https://queitho.com/client?camp=s3&aff_id=2&aff_sub=66345&source=mst741&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1

4 KB
3 KB

191ms
82ms

Document
text/html

2606:4700:3032::ac43:a9ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://queitho.com/client?camp=s3&aff_id=2&aff_sub=66345&source=mst741&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1

Requested by

Host: go.gkrtmc.com
URL: https://go.gkrtmc.com/cl?offer_id=9949&aff_id=66345&aff_sub5=seo-sem&source=mst741&aff_sub=mst741&bofc=aff_c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da035829fc378118739a26e339b23d28de91ac9cf33af1a88a23422222133b91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://undefined https://openfpcdn.io/fingerprintjs/v4; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://undefined https://openfpcdn.io/fingerprintjs/v4
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.gkrtmc.com/cl?offer_id=10170&aff_id=47487&aff_sub5=seo-sem&source=mst741&aff_sub=66345&bofc=aff_c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400
cache-control: no-store no-store, no-cache
cf-cache-status: DYNAMIC
cf-ray: 821484b42c872a28-CDG
content-encoding: br
content-security-policy: default-src 'self' https://undefined https://openfpcdn.io/fingerprintjs/v4; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://undefined https://openfpcdn.io/fingerprintjs/v4
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Sun, 05 Nov 2023 10:47:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPRDJ6SQlgH3bFWapgtwhmr8X675QdvOlwIbtpiQpVc%2BThNzT9wNz28hLn%2F0V6pY%2BBZW2AUe3AV%2FVwVLA6t5tqQj7P5SywADXOs2GmPfab%2BvGOvPwfYSHOq6cdHS3WwfAP4U4hBpPtIq0w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

Redirect headers

Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 372
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Sun, 05 Nov 2023 10:47:23 GMT
Location: https://queitho.com/client?camp=s3&aff_id=2&aff_sub=66345&source=mst741&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0

POST
H2 201 visit
queitho.com/ 739 B
1 KB 68ms
68ms Fetch
application/json 2606:4700:3032::ac43:a9ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://queitho.com/visit?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=s3&p_camp=&bstep=&sid=&efcn=custom-unknown&cntp=custom-unknown&sch=&scw=&vph=&vpw=&lt=

Requested by

Host: queitho.com
URL: https://queitho.com/client?camp=s3&aff_id=2&aff_sub=66345&source=mst741&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Nov 2023 10:47:23 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
content-length: 739
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"2e3-PMMis0h7taeV7Qz1zOLQR49R77Y"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHPF4rM40kKLYvjgfzsziDX5gIejomOiowv9cWeJHjpeZs0IumEM%2BIN5WKY%2FTY1Tv3H3%2BfESdVmkm7dMb%2B3ngwzbfg8Nv1ZTOdrdFgNudTh9JB%2FP5SZv1KkKHejfsdJrJn%2BJTEbZcv3D%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-store, no-cache
cf-ray: 821484b4fdda2a28-CDG

POST
H2 201 fl
queitho.com/ 375 B
708 B 65ms
65ms Fetch
application/json 2606:4700:3032::ac43:a9ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://queitho.com/fl?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=&sid=s3&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=

Requested by

Host: queitho.com
URL: https://queitho.com/client?camp=s3&aff_id=2&aff_sub=66345&source=mst741&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Nov 2023 10:47:23 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
content-length: 375
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"177-PtGZWR7G5K0y7i+twIvjS2xTBMw"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmgGLJmBWmoVb2B2YoWYr3ekUnmkwafKyh4YNR65%2Fu61XxAHHSQMaN8x8S%2Bci%2FBFO%2BFUDPgmwU0hyZa28unRqD6dmmWyiEL8BpYIE%2B%2FjCsuSz460L%2Bo7rZhrTGgjlAbKzA9udSl13nruGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-store, no-cache
cf-ray: 821484b56ec22a28-CDG

GET
H3 200 Primary Request / Show response
queitho.com/lands/adult/3/ 8 KB
2 KB 62ms
61ms Document
text/html 2606:4700:3032::ac43:a9ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Requested by: Host: queitho.com
URL: https://queitho.com/client?camp=s3&aff_id=2&aff_sub=66345&source=mst741&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 692c5ec43a9da07576846f521ee6b07cf0877643bf472c685d4b860cc4994e2b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache
cf-cache-status: DYNAMIC
cf-ray: 821484b63968b930-AMS
content-encoding: br
content-type: text/html
date: Sun, 05 Nov 2023 10:47:23 GMT
last-modified: Thu, 12 Oct 2023 11:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=of5qR5ktvchBMaVhpIf7kLvEnCqgWN5Vsc1BQMpDw8feZLrpHbkJ9wbokekwjBS6fFeWY0S%2FMeXMEUaMdbBvsSjTrJOdzpAOdu84ChbjQxYMpQ4G4dq8JaJDWZ08EBlyXnOiiBk2RVYszw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 main.css
queitho.com/lands/adult/3/ 17 KB
4 KB 113ms
112ms Stylesheet
text/css 2606:4700:3032::ac43:a9ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://queitho.com/lands/adult/3/main.css
Requested by: Host: queitho.com
URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa9900b9bf020eede06bb0fdeb24986923b453bf8deaa23798ce7197c10d372b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 10:47:24 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 31 Jul 2023 14:41:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64c7c82d-4594"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYPCWO%2F3%2F4uIStjFXEJRhmlVLO6l%2Fl6zF1DHNC3lbQM%2Bu6JPwzlQxHfSikesNH%2Fbbyj0iyj3QDImJgKluuuwrMmDOecZfL4nPz69jihy27kT8dAUk8mPJjfXL1XZZgcIAwxs06mIN0wq2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-store, no-cache
cf-ray: 821484b6ea6cb930-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
30 KB 83ms
21ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: queitho.com
URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://queitho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 23:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30211
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 23:22:42 GMT

GET
H3 200 default-eight.js Show response
queitho.com/lands/js/ 106 KB
15 KB 74ms
73ms Script
application/javascript 2606:4700:3032::ac43:a9ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://queitho.com/lands/js/default-eight.js
Requested by: Host: queitho.com
URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82960acde1990cb5fe04eb5a54c1f0b7b62d499950f1f5d5406f6191d4bf5362

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 10:47:24 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 31 Jul 2023 14:41:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64c7c82d-1a7c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nwVZ1xIe4VxmPvwRriZO5zYlmxb0bzBp%2FGn7jlzYwc2k04TByhy8ZHYTtK8tYaR5dBlR2Y9kMD1Yme4kLbdZCVSF5l9lkSScuBgCSR7ixfKm0i36Jk7CpnB31WZ%2F8N0ntq35Yh%2B8d7osA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache
cf-ray: 821484b6ea6db930-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 question-gatherer.js Show response
queitho.com/lands/js/ 1 KB
894 B 71ms
70ms Script
application/javascript 2606:4700:3032::ac43:a9ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://queitho.com/lands/js/question-gatherer.js
Requested by: Host: queitho.com
URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20034db9adbfa753533c632802b887dfcdccb6b4030a06dfa29f0780459216a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 10:47:24 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 12 Oct 2023 11:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6527d24d-4db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeSVPbI%2BzvYbA%2Byj%2BMsEQb3wwFakMAUfTf%2BCy%2BV%2FDYJKYkaiJPHsSYJ%2Bb10AMpR8TVkY4PibqXScOKrZNt0RHkBzYYDXEahoh3yuLnY%2F7aXx9Ejbv%2FXHVnTJeTwN0jIGYg5C3YQHNPvUUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache
cf-ray: 821484b6ea70b930-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 track-logic.js Show response
queitho.com/lands/js/ 3 KB
1 KB 113ms
113ms Script
application/javascript 2606:4700:3032::ac43:a9ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://queitho.com/lands/js/track-logic.js
Requested by: Host: queitho.com
URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c241799490f857fd9456bc94dc6cac632bfa3d7d3ce84f87e3ce33999d7f2ffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 10:47:24 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Fri, 27 Oct 2023 08:29:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"653b74f7-be3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EexrfKox6J6ge6x9fRizhCmMmS7BDU8dbScAs73sosx%2BZeg8n%2FJW6C5KS1fngnATlKRRLtbPWJMkbud2dSy0peEOcjHXAtOz5MK5nRAh7JPt3z7D2KyI72a4yus6CaTkfXp7GHr5yxqhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache
cf-ray: 821484b6ea75b930-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 js.js Show response
queitho.com/lands/adult/3/ 2 KB
1022 B 73ms
72ms Script
application/javascript 2606:4700:3032::ac43:a9ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://queitho.com/lands/adult/3/js.js
Requested by: Host: queitho.com
URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc10a476dcc3ccfddfb06b82d411d96a069bb7b1df5d5a0e3d49133cada15021

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 10:47:24 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 12 Oct 2023 11:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6527d24d-649"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUrn8WTOkoSpZn%2BEWnm9fYUyllNxIi%2Bv6XnLbIWlUCGAtGwUqwWcYCbGkPLenDqPwSm5t%2BVZed6Ub2shwl5L65YC%2Bl4SHPGbCQNtaObxfShDy74wQQjSOE46IDiIbQW4w1TT1OYhxCw9YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache
cf-ray: 821484b6ea78b930-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 717 B
779 B 84ms
31ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&subset=latin-ext

Requested by

Host: queitho.com
URL: https://queitho.com/lands/adult/3/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://queitho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Nov 2023 10:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Nov 2023 10:47:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Nov 2023 10:47:24 GMT

GET
H3 200 1.jpg
queitho.com/lands/adult/3/ 452 KB
452 KB 61ms
60ms Image
image/jpeg 2606:4700:3032::ac43:a9ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://queitho.com/lands/adult/3/1.jpg
Requested by: Host: queitho.com
URL: https://queitho.com/lands/adult/3/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1888b272b99043d11cdd13f23dc9311f0176222d695074b2cdb6349dd50cd4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://queitho.com/lands/adult/3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 10:47:24 GMT
cf-cache-status: BYPASS
last-modified: Mon, 31 Jul 2023 08:41:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64c773a0-70e13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyxRCw4hZSBmTZplPqiRYH%2F8OUz%2FIOZkBeCbFydWexscy4R%2BGNGfQH0ktlaTj0gbL8Rx0Nd3laVCs9pHXYnBzNEm%2BV8HuYetKBCSweIbP7DUVXQe7n%2Fstafus8F7Dx%2B5Q7zCIcpk9kHXPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-store, no-cache
accept-ranges: bytes
cf-ray: 821484b82c97b930-AMS
alt-svc: h3=":443"; ma=86400
content-length: 462355

GET
H3 200 pattern.png
queitho.com/lands/adult/3/ 3 KB
3 KB 53ms
52ms Image
image/png 2606:4700:3032::ac43:a9ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://queitho.com/lands/adult/3/pattern.png
Requested by: Host: queitho.com
URL: https://queitho.com/lands/adult/3/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://queitho.com/lands/adult/3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 10:47:24 GMT
cf-cache-status: BYPASS
last-modified: Mon, 31 Jul 2023 08:41:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64c773a0-af1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1r5rvhk%2FmLbVmqysQ%2FKSFH6O7wyKoY%2B6F%2BWnuw1hEr0uHAl5vaYKTsEyp2HJEn%2BN29Ybltphn5F8h4nMdou2GhmAb0kNH9CDcbWzNqKZbEjiq2f4OhAJKOhYo3P3NJHNOlf1I1zBtPb3Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache
accept-ranges: bytes
cf-ray: 821484b82c9ab930-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2801

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 83ms
22ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://queitho.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 03:38:46 GMT
x-content-type-options: nosniff
age: 284918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 03:38:46 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go.gkrtmc.com/	1970-01-20 16:42:53	Name: language Value: de
.go.gkrtmc.com/	1970-01-20 16:42:53	Name: 9949 Value: 37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1
.go.gkrtmc.com/	1970-01-20 16:42:53	Name: op_9949 Value: 0
.go.gkrtmc.com/	1970-01-21 01:35:41	Name: user_id Value: c353dd71-24fa-4ad4-8ddb-611dcaf93350_328406eee47f3f337c3de27cc5c88273
.queitho.com/	1970-01-20 16:42:53	Name: browserLanguage Value: de
.queitho.com/	1970-01-21 01:35:41	Name: userId Value: 7a7ef5e6-1ad7-47f1-a7de-e075024df4d0_6d97d78c468a92ea0ae14e895f257277

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://queitho.com/lands/adult/3/?aff_id=2&aff_sub=66345&aff_sub2=seo-sem&click_id=37_66345_9949_3368bbec9d3c1c46b8fb05ce1f9052f1&source=mst741&ttype=direct&camp=f25&sl_cid=0318c9ff-17d8-41f6-8d94-a665e9e16105_9ba715d54992e9171ad66c6a28790bf2&p_camp=&bstep=0&sid=s3&fnlid=257&efcn=4g&cntp=custom-unknown&sch=1200&scw=1600&vph=1200&vpw=1600&ref=&lt=0(Line 5) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
datingadvicefree.com
fonts.googleapis.com
fonts.gstatic.com
geneticdisorders.info
go.gkrtmc.com
queitho.com
172.255.248.125
2606:4700:3030::ac43:ddf5
2606:4700:3032::ac43:a9ed
2606:4700:3033::ac43:a5c4
2a00:1450:4001:808::200a
2a00:1450:4001:811::2003
2a00:1450:4001:828::200a
06a10eae3241e611510c0f08e8b270bda4e5540d1ee2e59c68e7ab9c90d97245
1ae2fa0e10c930da6edb4439b99725ed4eddc1df67dc02b22e471aeb8503d3c2
3055991fe47ba0bf13e7bd5665c503b97f5ede3d85f9a92d101451f34fe28aa8
3db1c86edd9027a09a970cda0ef8e0c8114b70241af17dff518d76d9570cea3d
58905fe7f6b0d2050b1d1770c3234c35861dd274b5cc5ad28658d2b5cf7050fc
5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004
692c5ec43a9da07576846f521ee6b07cf0877643bf472c685d4b860cc4994e2b
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
82960acde1990cb5fe04eb5a54c1f0b7b62d499950f1f5d5406f6191d4bf5362
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
aa9900b9bf020eede06bb0fdeb24986923b453bf8deaa23798ce7197c10d372b
c1888b272b99043d11cdd13f23dc9311f0176222d695074b2cdb6349dd50cd4c
c241799490f857fd9456bc94dc6cac632bfa3d7d3ce84f87e3ce33999d7f2ffa
da035829fc378118739a26e339b23d28de91ac9cf33af1a88a23422222133b91
dc10a476dcc3ccfddfb06b82d411d96a069bb7b1df5d5a0e3d49133cada15021
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
f20034db9adbfa753533c632802b887dfcdccb6b4030a06dfa29f0780459216a
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

queitho.com Open in urlscan Pro 2606:4700:3032::ac43:a9ed Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

86 %IPv6

6 Domains

7 Subdomains

7 IPs

3 Countries

583 kBTransfer

819 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

6 Cookies

1 Console Messages

Indicators

queitho.com Open in urlscan Pro
2606:4700:3032::ac43:a9ed Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

583 kB
Transfer

819 kB
Size

6
Cookies

24 HTTP transactions
0 data transactions