urlscan.io logo urlscan.io
SecurityTrails logo

slutsaga.com Open in urlscan Pro
104.21.52.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.tradingnudes.com/c/sMq/Zx/lcUBkpD1Dhj-RdQWJhRnxQ/H/XuBU/F/324a0181
Effective URL: https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Submission: On April 13 via api from BE — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 8 countries across 23 domains to perform 46 HTTP transactions. The main IP is 104.21.52.132, located in and belongs to CLOUDFLARENET, US. The main domain is slutsaga.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 23rd 2023. Valid for: a year.
This is the only time slutsaga.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 91.199.51.171 47544 (IQPL-AS)
1 1 52.86.83.175 14618 (AMAZON-AES)
1 1 213.227.142.34 60781 (LEASEWEB-...)
1 52.201.90.219 14618 (AMAZON-AES)
3 68.169.106.40 30602 (ISPRIME)
1 95.211.229.245 60781 (LEASEWEB-...)
1 136.243.51.205 24940 (HETZNER-AS)
2 66.254.114.89 29789 (REFLECTED)
1 104.19.132.78 13335 (CLOUDFLAR...)
1 139.45.195.8 9002 (RETN-AS)
1 3 52.19.101.114 16509 (AMAZON-02)
1 2 172.255.248.105 7979 (SERVERS-COM)
1 10 104.21.52.132 13335 (CLOUDFLAR...)
1 1 172.67.199.140 13335 (CLOUDFLAR...)
3 142.250.185.202 15169 (GOOGLE)
1 1 44.231.28.218 16509 (AMAZON-02)
1 1 34.215.149.32 16509 (AMAZON-02)
1 1 207.120.33.9 3356 (LEVEL3)
10 207.120.33.41 3356 (LEVEL3)
2 152.199.19.160 ()
1 142.250.185.106 ()
7 104.18.22.52 ()
1 142.250.185.67 ()
46 16
1    91.199.51.171 (Poland)

ASN47544 (IQPL-AS, PL)
PTR: 91-199-51-171.rev.iq.pl
links.tradingnudes.com
1    52.86.83.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-83-175.compute-1.amazonaws.com
go.tradingnudes.com
1    213.227.142.34 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
moartraffic.engine.adglare.net
1    52.201.90.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-90-219.compute-1.amazonaws.com
ads.traffichunt.com
3    68.169.106.40 (United States)

ASN30602 (ISPRIME, US)
syndication.exdynsrv.com
syndication.exoclick.com
syndication.realsrv.com
1    95.211.229.245 (Huizen, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
s.exv6.com
1    136.243.51.205 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.205.51.243.136.clients.your-server.de
tsyndicate.com
2    66.254.114.89 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net
ctrack.trafficjunky.net
1    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
a.mgid.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
3    52.19.101.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-101-114.eu-west-1.compute.amazonaws.com
www.bestadultgame.com
vrmom.track4ref.com
2    172.255.248.105 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)
go.trklinkcm.com
10    104.21.52.132 (None, )

ASN13335 (CLOUDFLARENET, US)
slutsaga.com
1    172.67.199.140 (United States)

ASN13335 (CLOUDFLARENET, US)
slutsaga.com
3    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
1    44.231.28.218 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-28-218.us-west-2.compute.amazonaws.com
hotrtr.com
1    34.215.149.32 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-149-32.us-west-2.compute.amazonaws.com
www.landqck.com
1    207.120.33.9 (United States)

ASN3356 (LEVEL3, US)
actvjoin.com
10    207.120.33.41 (United States)

ASN3356 (LEVEL3, US)
ctntpan.com
2    152.199.19.160 (None, )

ASN- ()
ajax.aspnetcdn.com
1    142.250.185.106 (None, )

ASN- ()
ajax.googleapis.com
7    104.18.22.52 (None, )

ASN- ()
kit.fontawesome.com
ka-p.fontawesome.com
1    142.250.185.67 (None, )

ASN- ()
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
11 slutsaga.com
slutsaga.com
3 MB
10 ctntpan.com
ctntpan.com
38 KB
7 fontawesome.com
kit.fontawesome.com
ka-p.fontawesome.com
124 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
ajax.googleapis.com
89 KB
2 aspnetcdn.com
ajax.aspnetcdn.com
29 KB
2 trklinkcm.com
go.trklinkcm.com
2 KB
2 track4ref.com
vrmom.track4ref.com
2 KB
2 trafficjunky.net
ctrack.trafficjunky.net — Cisco Umbrella Rank: 29277
2 KB
2 tradingnudes.com
links.tradingnudes.com
go.tradingnudes.com
1 KB
1 gstatic.com
fonts.gstatic.com
36 KB
1 actvjoin.com
actvjoin.com — Cisco Umbrella Rank: 446421
602 B
1 landqck.com
www.landqck.com
644 B
1 hotrtr.com
hotrtr.com
704 B
1 bestadultgame.com
www.bestadultgame.com
620 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10781
491 B
1 mgid.com
a.mgid.com — Cisco Umbrella Rank: 22664
402 B
1 tsyndicate.com
tsyndicate.com — Cisco Umbrella Rank: 10717
477 B
1 exv6.com
s.exv6.com — Cisco Umbrella Rank: 337559
446 B
1 realsrv.com
syndication.realsrv.com — Cisco Umbrella Rank: 9131
449 B
1 exoclick.com
syndication.exoclick.com — Cisco Umbrella Rank: 32862
450 B
1 exdynsrv.com
syndication.exdynsrv.com — Cisco Umbrella Rank: 39115
450 B
1 traffichunt.com
ads.traffichunt.com — Cisco Umbrella Rank: 181840
1 KB
1 adglare.net
moartraffic.engine.adglare.net — Cisco Umbrella Rank: 734647
452 B
46 23
Domain Requested by
11 slutsaga.com 2 redirects go.trklinkcm.com
slutsaga.com
10 ctntpan.com slutsaga.com
ctntpan.com
ajax.googleapis.com
6 ka-p.fontawesome.com kit.fontawesome.com
3 fonts.googleapis.com slutsaga.com
ctntpan.com
2 ajax.aspnetcdn.com ctntpan.com
2 go.trklinkcm.com 1 redirects vrmom.track4ref.com
2 vrmom.track4ref.com ads.traffichunt.com
vrmom.track4ref.com
2 ctrack.trafficjunky.net ads.traffichunt.com
1 fonts.gstatic.com fonts.googleapis.com
1 kit.fontawesome.com ctntpan.com
1 ajax.googleapis.com ctntpan.com
1 actvjoin.com 1 redirects
1 www.landqck.com 1 redirects
1 hotrtr.com 1 redirects
1 www.bestadultgame.com 1 redirects
1 my.rtmark.net ads.traffichunt.com
1 a.mgid.com ads.traffichunt.com
1 tsyndicate.com ads.traffichunt.com
1 s.exv6.com ads.traffichunt.com
1 syndication.realsrv.com ads.traffichunt.com
1 syndication.exoclick.com ads.traffichunt.com
1 syndication.exdynsrv.com ads.traffichunt.com
1 ads.traffichunt.com
1 moartraffic.engine.adglare.net 1 redirects
1 go.tradingnudes.com 1 redirects
1 links.tradingnudes.com 1 redirects
46 26

This site contains no links.

Subject Issuer Validity Valid
traffichunt.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-08-26		 6 months crt.sh
exdynsrv.com
R3		 2023-02-27 -
2023-05-28		 3 months crt.sh
exoclick.com
R3		 2023-02-27 -
2023-05-28		 3 months crt.sh
realsrv.com
R3		 2023-02-27 -
2023-05-28		 3 months crt.sh
exv6.com
R3		 2023-02-27 -
2023-05-28		 3 months crt.sh
tsyndicate.com
R3		 2023-04-12 -
2023-07-11		 3 months crt.sh
*.trafficjunky.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-21 -
2023-11-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
rtmark.net
R3		 2023-02-15 -
2023-05-16		 3 months crt.sh
track.cpamatica.com
R3		 2023-03-06 -
2023-06-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
ctntpan.com
R3		 2023-04-06 -
2023-07-05		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Frame ID: 985C9A418970D453C9A1BB85F692157B
Requests: 24 HTTP requests in this frame

Frame: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Frame ID: 6552CFF186E38390B8D7BD81DF287216
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Slut saga

Page URL History Show full URLs

  1. https://links.tradingnudes.com/c/sMq/Zx/lcUBkpD1Dhj-RdQWJhRnxQ/H/XuBU/F/324a0181 HTTP 302
    https://go.tradingnudes.com/go.php?t=43354&aid=143686&sid=47921_Zone2023_TemplateNRHhgdT3k2&clickid=&hts... HTTP 302
    https://moartraffic.engine.adglare.net/?509367415=&ag_custom_moaraid=143686&ag_custom_moart=50589&ag_custom_moarsid... HTTP 302
    https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1 Page URL
  2. https://www.bestadultgame.com/c/8c2d0aa226bc2952?s1=171_eml_WH_67675&s2=1&s3=Welhello_email_traffic&s6=[em... HTTP 302
    http://vrmom.track4ref.com/redirect/index?type=meta&to=aHR0cDovL3ZybW9tLnRyYWNrNHJlZi5jb20=&data=aHR0cH... Page URL
  3. http://vrmom.track4ref.com/redirect/index?type=meta&to=aHR0cDovL3ZybW9tLnRyYWNrNHJlZi5jb20=&data=aHR0cH... Page URL
  4. https://go.trklinkcm.com/aff_c?offer_id=8150&aff_id=42562&url_id=0&aff_sub5=banner&source=171_eml_WH_... HTTP 302
    https://go.trklinkcm.com/rd.html?go=https%3A%2F%2Fslutsaga.com%2Fjpt%3Fpub_id%3D42562%26cid%3D37_4256... Page URL
  5. https://slutsaga.com/jpt?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=1... HTTP 301
    http://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=... HTTP 301
    https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

96 %
HTTPS

0 %
IPv6

23
Domains

26
Subdomains

16
IPs

8
Countries

3607 kB
Transfer

4703 kB
Size

36
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.tradingnudes.com/c/sMq/Zx/lcUBkpD1Dhj-RdQWJhRnxQ/H/XuBU/F/324a0181 HTTP 302
    https://go.tradingnudes.com/go.php?t=43354&aid=143686&sid=47921_Zone2023_TemplateNRHhgdT3k2&clickid=&hts_id= HTTP 302
    https://moartraffic.engine.adglare.net/?509367415=&ag_custom_moaraid=143686&ag_custom_moart=50589&ag_custom_moarsid=47921_Zone2023_TemplateNRHhgdT3k2&ag_custom_moarclickid=&ag_custom_moarhtsid=479a4899-7724-44d9-b59a-fdfe879d4a1b&ag_custom_moarpid=&ag_custom_moaruserid=&ag_custom_moarhx=&xk=10c13060aa3aead63c7539ad2e63e9c2&bn=38&gu=http%3A%2F%2Fgo.tradingnudes.com%2Fgo.php%3Ft%3D43354%26aid%3D143686%26sid%3D47921_Zone2023_TemplateNRHhgdT3k2%26clickid%3D%26hts_id%3D479a4899-7724-44d9-b59a-fdfe879d4a1b&i18n_country=PL&hts_id=479a4899-7724-44d9-b59a-fdfe879d4a1b HTTP 302
    https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1 Page URL
  2. https://www.bestadultgame.com/c/8c2d0aa226bc2952?s1=171_eml_WH_67675&s2=1&s3=Welhello_email_traffic&s6=[email] HTTP 302
    http://vrmom.track4ref.com/redirect/index?type=meta&to=aHR0cDovL3ZybW9tLnRyYWNrNHJlZi5jb20=&data=aHR0cHM6Ly9nby50cmtsaW5rY20uY29tL2FmZl9jP29mZmVyX2lkPTgxNTAmYWZmX2lkPTQyNTYyJnVybF9pZD0wJmFmZl9zdWI1PWJhbm5lciZzb3VyY2U9MTcxX2VtbF9XSF82NzY3NSZjbGlja19pZD1pY2hlYzY0Mzc5MmU1MDAwMDZhZGU=&action=action_tmp Page URL
  3. http://vrmom.track4ref.com/redirect/index?type=meta&to=aHR0cDovL3ZybW9tLnRyYWNrNHJlZi5jb20=&data=aHR0cHM6Ly9nby50cmtsaW5rY20uY29tL2FmZl9jP29mZmVyX2lkPTgxNTAmYWZmX2lkPTQyNTYyJnVybF9pZD0wJmFmZl9zdWI1PWJhbm5lciZzb3VyY2U9MTcxX2VtbF9XSF82NzY3NSZjbGlja19pZD1pY2hlYzY0Mzc5MmU1MDAwMDZhZGU=&action=action_final Page URL
  4. https://go.trklinkcm.com/aff_c?offer_id=8150&aff_id=42562&url_id=0&aff_sub5=banner&source=171_eml_WH_67675&click_id=ichec643792e500006ade HTTP 302
    https://go.trklinkcm.com/rd.html?go=https%3A%2F%2Fslutsaga.com%2Fjpt%3Fpub_id%3D42562%26cid%3D37_42562_8150_479bc85167943d73ef60edf837a6d4e5%26source%3D171_eml_WH_67675 Page URL
  5. https://slutsaga.com/jpt?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675 HTTP 301
    http://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675 HTTP 301
    https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://links.tradingnudes.com/c/sMq/Zx/lcUBkpD1Dhj-RdQWJhRnxQ/H/XuBU/F/324a0181 HTTP 302
  • https://go.tradingnudes.com/go.php?t=43354&aid=143686&sid=47921_Zone2023_TemplateNRHhgdT3k2&clickid=&hts_id= HTTP 302
  • https://moartraffic.engine.adglare.net/?509367415=&ag_custom_moaraid=143686&ag_custom_moart=50589&ag_custom_moarsid=47921_Zone2023_TemplateNRHhgdT3k2&ag_custom_moarclickid=&ag_custom_moarhtsid=479a4899-7724-44d9-b59a-fdfe879d4a1b&ag_custom_moarpid=&ag_custom_moaruserid=&ag_custom_moarhx=&xk=10c13060aa3aead63c7539ad2e63e9c2&bn=38&gu=http%3A%2F%2Fgo.tradingnudes.com%2Fgo.php%3Ft%3D43354%26aid%3D143686%26sid%3D47921_Zone2023_TemplateNRHhgdT3k2%26clickid%3D%26hts_id%3D479a4899-7724-44d9-b59a-fdfe879d4a1b&i18n_country=PL&hts_id=479a4899-7724-44d9-b59a-fdfe879d4a1b HTTP 302
  • https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
Request Chain 10
  • https://www.bestadultgame.com/c/8c2d0aa226bc2952?s1=171_eml_WH_67675&s2=1&s3=Welhello_email_traffic&s6=[email] HTTP 302
  • http://vrmom.track4ref.com/redirect/index?type=meta&to=aHR0cDovL3ZybW9tLnRyYWNrNHJlZi5jb20=&data=aHR0cHM6Ly9nby50cmtsaW5rY20uY29tL2FmZl9jP29mZmVyX2lkPTgxNTAmYWZmX2lkPTQyNTYyJnVybF9pZD0wJmFmZl9zdWI1PWJhbm5lciZzb3VyY2U9MTcxX2VtbF9XSF82NzY3NSZjbGlja19pZD1pY2hlYzY0Mzc5MmU1MDAwMDZhZGU=&action=action_tmp
Request Chain 12
  • https://go.trklinkcm.com/aff_c?offer_id=8150&aff_id=42562&url_id=0&aff_sub5=banner&source=171_eml_WH_67675&click_id=ichec643792e500006ade HTTP 302
  • https://go.trklinkcm.com/rd.html?go=https%3A%2F%2Fslutsaga.com%2Fjpt%3Fpub_id%3D42562%26cid%3D37_42562_8150_479bc85167943d73ef60edf837a6d4e5%26source%3D171_eml_WH_67675
Request Chain 17
  • https://hotrtr.com/cr.php?cid=920&ACT=69324&TRK=42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675 HTTP 302
  • https://www.landqck.com/ep.php/JK-prmagms:76265/69324:42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150 HTTP 302
  • https://actvjoin.com/signup/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff HTTP 302
  • https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
link
ads.traffichunt.com/adx-dir-d/
Redirect Chain
  • https://links.tradingnudes.com/c/sMq/Zx/lcUBkpD1Dhj-RdQWJhRnxQ/H/XuBU/F/324a0181
  • https://go.tradingnudes.com/go.php?t=43354&aid=143686&sid=47921_Zone2023_TemplateNRHhgdT3k2&clickid=&hts_id=
  • https://moartraffic.engine.adglare.net/?509367415=&ag_custom_moaraid=143686&ag_custom_moart=50589&ag_custom_moarsid=47921_Zone2023_TemplateNRHhgdT3k2&ag_custom_moarclickid=&ag_custom_moarhtsid=479a...
  • https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.90.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-90-219.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 13 Apr 2023 05:28:04 GMT
expires
Sat, 1 May 2020 12:00:00 GMT
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
pragma
no-cache
server
nginx
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, CSRFToken, Authorization
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, no-transform, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
content-type
text/html;charset=UTF-8
date
Thu, 13 Apr 2023 05:28:03 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
link
<//moartraffic.cdn.adglare.net>; rel=dns-prefetch
location
https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
pragma
no-store, no-cache
tag.php
syndication.exdynsrv.com/ 		0
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.exdynsrv.com/tag.php?goal=80e0f2352f868abb3e8fe7238c6103ac
Requested by
Host: ads.traffichunt.com
URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.106.40 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ads.traffichunt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 05:28:04 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Robots-Tag
noindex, follow
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tag.php
syndication.exoclick.com/ 		0
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.exoclick.com/tag.php?goal=80e0f2352f868abb3e8fe7238c6103ac
Requested by
Host: ads.traffichunt.com
URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.106.40 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ads.traffichunt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 05:28:04 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Robots-Tag
noindex, follow
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tag.php
syndication.realsrv.com/ 		0
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.realsrv.com/tag.php?goal=80e0f2352f868abb3e8fe7238c6103ac
Requested by
Host: ads.traffichunt.com
URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.106.40 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ads.traffichunt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 05:28:04 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Robots-Tag
noindex, follow
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tag.php
s.exv6.com/ 		0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.exv6.com/tag.php?goal=80e0f2352f868abb3e8fe7238c6103ac
Requested by
Host: ads.traffichunt.com
URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.245 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ads.traffichunt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 05:28:04 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Robots-Tag
noindex, follow
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
8f67f609-c7a5-4451-8dfd-1c7a87401456
tsyndicate.com/api/v1/retargeting/set/ 		35 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsyndicate.com/api/v1/retargeting/set/8f67f609-c7a5-4451-8dfd-1c7a87401456?tracking=1
Requested by
Host: ads.traffichunt.com
URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.51.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.205.51.243.136.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ads.traffichunt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 05:28:04 GMT
server
nginx
x-api-version
1
vary
*
report-to
{ "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type
text/plain; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag
none, noindex, nofollow
content-length
35
x-request-id
51afe8b4e5acf55d
expires
0
ctrack
ctrack.trafficjunky.net/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ctrack.trafficjunky.net/ctrack?action=list&type=add&id=1&context=lwpsite&cookiename=lwp2&age=545600&maxcookiecount=10
Requested by
Host: ads.traffichunt.com
URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.89 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty /
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ads.traffichunt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 05:28:04 GMT
server
openresty
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET,POST
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
35
x-request-id
643792E4-42FE725901BB1D2252-CDBBE8A1
expires
Sun, 22 Jan 1984 03:00:00 GMT
ctrack
ctrack.trafficjunky.net/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ctrack.trafficjunky.net/ctrack?action=list&type=add&id=1&context=dtrtsite2&cookiename=lwp2n&age=545600&maxcookiecount=10
Requested by
Host: ads.traffichunt.com
URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.89 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty /
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ads.traffichunt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 05:28:04 GMT
server
openresty
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET,POST
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
35
x-request-id
643792E4-42FE725901BBC9B66-D2103C2C
expires
Sun, 22 Jan 1984 03:00:00 GMT
1x1.gif
a.mgid.com/ 		43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=185805&type=c&g=x&t=x&tg=&v=1&r=
Requested by
Host: ads.traffichunt.com
URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ads.traffichunt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7b714db3d8b734c8-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
content-type
image/gif
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=sync&lr=1&partner=191294ad7c1a7cc77a282c2a7f4404ec12e53bd2de18b9da2ed86be6bd0547dd
Requested by
Host: ads.traffichunt.com
URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ads.traffichunt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
index
vrmom.track4ref.com/redirect/
Redirect Chain
  • https://www.bestadultgame.com/c/8c2d0aa226bc2952?s1=171_eml_WH_67675&s2=1&s3=Welhello_email_traffic&s6=[email]
  • http://vrmom.track4ref.com/redirect/index?type=meta&to=aHR0cDovL3ZybW9tLnRyYWNrNHJlZi5jb20=&data=aHR0cHM6Ly9nby50cmtsaW5rY20uY29tL2FmZl9jP29mZmVyX2lkPTgxNTAmYWZmX2lkPTQyNTYyJnVybF9pZD0wJmFmZl9zdWI1...
777 B
933 B 		Document
General
Check archive.org
Download Go to
Full URL
http://vrmom.track4ref.com/redirect/index?type=meta&to=aHR0cDovL3ZybW9tLnRyYWNrNHJlZi5jb20=&data=aHR0cHM6Ly9nby50cmtsaW5rY20uY29tL2FmZl9jP29mZmVyX2lkPTgxNTAmYWZmX2lkPTQyNTYyJnVybF9pZD0wJmFmZl9zdWI1PWJhbm5lciZzb3VyY2U9MTcxX2VtbF9XSF82NzY3NSZjbGlja19pZD1pY2hlYzY0Mzc5MmU1MDAwMDZhZGU=&action=action_tmp
Requested by
Host: ads.traffichunt.com
URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
Protocol
HTTP/1.1
Server
52.19.101.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-101-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.traffichunt.com/adx-dir-d/link?aid=7308005&nid=3&imp=1&w=1&h=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Connection
keep-alive
Content-Length
777
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Apr 2023 05:28:05 GMT
Server
nginx

Redirect headers

content-length
334
content-type
text/html; charset=utf-8
date
Thu, 13 Apr 2023 05:28:05 GMT
location
http://vrmom.track4ref.com/redirect/index?type=meta&to=aHR0cDovL3ZybW9tLnRyYWNrNHJlZi5jb20=&data=aHR0cHM6Ly9nby50cmtsaW5rY20uY29tL2FmZl9jP29mZmVyX2lkPTgxNTAmYWZmX2lkPTQyNTYyJnVybF9pZD0wJmFmZl9zdWI1PWJhbm5lciZzb3VyY2U9MTcxX2VtbF9XSF82NzY3NSZjbGlja19pZD1pY2hlYzY0Mzc5MmU1MDAwMDZhZGU=&action=action_tmp
server
nginx
index
vrmom.track4ref.com/redirect/ 		501 B
657 B 		Document
General
Check archive.org
Download Go to
Full URL
http://vrmom.track4ref.com/redirect/index?type=meta&to=aHR0cDovL3ZybW9tLnRyYWNrNHJlZi5jb20=&data=aHR0cHM6Ly9nby50cmtsaW5rY20uY29tL2FmZl9jP29mZmVyX2lkPTgxNTAmYWZmX2lkPTQyNTYyJnVybF9pZD0wJmFmZl9zdWI1PWJhbm5lciZzb3VyY2U9MTcxX2VtbF9XSF82NzY3NSZjbGlja19pZD1pY2hlYzY0Mzc5MmU1MDAwMDZhZGU=&action=action_final
Requested by
Host: vrmom.track4ref.com
URL: http://vrmom.track4ref.com/redirect/index?type=meta&to=aHR0cDovL3ZybW9tLnRyYWNrNHJlZi5jb20=&data=aHR0cHM6Ly9nby50cmtsaW5rY20uY29tL2FmZl9jP29mZmVyX2lkPTgxNTAmYWZmX2lkPTQyNTYyJnVybF9pZD0wJmFmZl9zdWI1PWJhbm5lciZzb3VyY2U9MTcxX2VtbF9XSF82NzY3NSZjbGlja19pZD1pY2hlYzY0Mzc5MmU1MDAwMDZhZGU=&action=action_tmp
Protocol
HTTP/1.1
Server
52.19.101.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-101-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
http://vrmom.track4ref.com/redirect/index?type=meta&to=aHR0cDovL3ZybW9tLnRyYWNrNHJlZi5jb20=&data=aHR0cHM6Ly9nby50cmtsaW5rY20uY29tL2FmZl9jP29mZmVyX2lkPTgxNTAmYWZmX2lkPTQyNTYyJnVybF9pZD0wJmFmZl9zdWI1PWJhbm5lciZzb3VyY2U9MTcxX2VtbF9XSF82NzY3NSZjbGlja19pZD1pY2hlYzY0Mzc5MmU1MDAwMDZhZGU=&action=action_tmp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Connection
keep-alive
Content-Length
501
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Apr 2023 05:28:05 GMT
Server
nginx
rd.html
go.trklinkcm.com/
Redirect Chain
  • https://go.trklinkcm.com/aff_c?offer_id=8150&aff_id=42562&url_id=0&aff_sub5=banner&source=171_eml_WH_67675&click_id=ichec643792e500006ade
  • https://go.trklinkcm.com/rd.html?go=https%3A%2F%2Fslutsaga.com%2Fjpt%3Fpub_id%3D42562%26cid%3D37_42562_8150_479bc85167943d73ef60edf837a6d4e5%26source%3D171_eml_WH_67675
329 B
566 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.trklinkcm.com/rd.html?go=https%3A%2F%2Fslutsaga.com%2Fjpt%3Fpub_id%3D42562%26cid%3D37_42562_8150_479bc85167943d73ef60edf837a6d4e5%26source%3D171_eml_WH_67675
Requested by
Host: vrmom.track4ref.com
URL: http://vrmom.track4ref.com/redirect/index?type=meta&to=aHR0cDovL3ZybW9tLnRyYWNrNHJlZi5jb20=&data=aHR0cHM6Ly9nby50cmtsaW5rY20uY29tL2FmZl9jP29mZmVyX2lkPTgxNTAmYWZmX2lkPTQyNTYyJnVybF9pZD0wJmFmZl9zdWI1PWJhbm5lciZzb3VyY2U9MTcxX2VtbF9XSF82NzY3NSZjbGlja19pZD1pY2hlYzY0Mzc5MmU1MDAwMDZhZGU=&action=action_final
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.255.248.105 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://vrmom.track4ref.com/redirect/index?type=meta&to=aHR0cDovL3ZybW9tLnRyYWNrNHJlZi5jb20=&data=aHR0cHM6Ly9nby50cmtsaW5rY20uY29tL2FmZl9jP29mZmVyX2lkPTgxNTAmYWZmX2lkPTQyNTYyJnVybF9pZD0wJmFmZl9zdWI1PWJhbm5lciZzb3VyY2U9MTcxX2VtbF9XSF82NzY3NSZjbGlja19pZD1pY2hlYzY0Mzc5MmU1MDAwMDZhZGU=&action=action_final
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 13 Apr 2023 05:28:05 GMT
ETag
W/"61168831-149"
Last-Modified
Fri, 13 Aug 2021 14:56:49 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Length
332
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Apr 2023 05:28:05 GMT
Location
/rd.html?go=https%3A%2F%2Fslutsaga.com%2Fjpt%3Fpub_id%3D42562%26cid%3D37_42562_8150_479bc85167943d73ef60edf837a6d4e5%26source%3D171_eml_WH_67675
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Primary Request /
slutsaga.com/jpt/
Redirect Chain
  • https://slutsaga.com/jpt?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
  • http://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
  • https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Requested by
Host: go.trklinkcm.com
URL: https://go.trklinkcm.com/rd.html?go=https%3A%2F%2Fslutsaga.com%2Fjpt%3Fpub_id%3D42562%26cid%3D37_42562_8150_479bc85167943d73ef60edf837a6d4e5%26source%3D171_eml_WH_67675
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8efa0b7ba0b9430c13878f7848a66b762cc98bc9c19bc416837d328d39c89df

Request headers

Referer
https://go.trklinkcm.com/rd.html?go=https%3A%2F%2Fslutsaga.com%2Fjpt%3Fpub_id%3D42562%26cid%3D37_42562_8150_479bc85167943d73ef60edf837a6d4e5%26source%3D171_eml_WH_67675
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b714dbe4c5134e0-WAW
content-encoding
br
content-type
text/html
date
Thu, 13 Apr 2023 05:28:06 GMT
last-modified
Mon, 08 Aug 2022 10:12:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAFbt1gxRtV%2F1oANDgAZboFxqKGJjeAShnTMzK%2FuqdL%2FCkdSeien5VbpPWwBkO%2BbHUhib2SsSul2JkPKwhNwesvUvluLjwtPuIxZuFvsAKg5p9%2FLjwiyOVfgjHQQEVE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
7b714dbe0a2935cd-WAW
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 13 Apr 2023 05:28:06 GMT
Expires
Thu, 13 Apr 2023 06:28:06 GMT
Location
https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnDl%2Bd92zgJIV4gSVNnHq4kud4i78hf%2Fh6%2FMFK3hF98az4vpPEHmw6NPv0Vchkq4hRhud9QYtRWupw1YtiJ2ZWjs9%2Fao1ebrkIiwUl4LqOiofUrwsqkCjRQrBSI0GEw%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
slutsaga.com/jpt/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://slutsaga.com/jpt/assets/css/style.css
Requested by
Host: slutsaga.com
URL: https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8c4c4320b3ba4350117fba65419424084fc81e8915d177150110789042dd80

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Aug 2022 10:12:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15434216
etag
W/"62f0e187-1c35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BrbZMjUZ4AVhwIqzo4%2BeCO5uFi7Nmgw1bkG%2BryN%2BzCNVqiQzPZL5lPrmNMBRjyBNapg1nCzKCFaCotNrMviG80nnNGY3X6vvS1IazJ2gOibjYy4AhHmhKA4SPPY%2BCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7b714dbf2b59347f-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		3 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@400;700&display=swap
Requested by
Host: slutsaga.com
URL: https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
9e03c614944ab099e931cc2d83610c70cd44829fb6e54abaf8bab811cbbeeaa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://slutsaga.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Apr 2023 05:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 04:11:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Apr 2023 05:28:06 GMT
main.js
slutsaga.com/jpt/scripts/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slutsaga.com/jpt/scripts/main.js
Requested by
Host: slutsaga.com
URL: https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c08e163290aa8dc4b697016164a84d7503e19fadc1038fcc83dca71087bedbae

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Aug 2022 10:12:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6174349
etag
W/"62f0e187-344f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TtsdjsQEQ4%2B4VGKEizFCuNP9nfnSooGpjhC7wnGVeoOk%2BEpXJwKcpentRT0J4ATC6pPBs8LCdSSl3ENAaW4THUOPUBAbQBH97fHjWyO8XzeklHQn2oiwZFdIRNgpWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7b714dbf3b62347f-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
slutsaga.com/jpt/assets/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slutsaga.com/jpt/assets/images/logo.png
Requested by
Host: slutsaga.com
URL: https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f324267d001ef6eeb495e75e3abac0fa963c59437364d67ce098fb57a1d4452a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6617061
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16633
last-modified
Mon, 08 Aug 2022 10:12:14 GMT
server
cloudflare
etag
"62f0e17e-40f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJkEFCL74t%2F4bHTtemeLsWWpem3OGU1WrQ82dshJlAiA%2BjfadJcr2jwfqwSJhW9bwwl%2BZn4szcukDDWVJEtDPeHPJGVdhau3CQuAYiOM1FwiqrvlAgTPKy09r%2BBuJMs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7b714dbf4b69347f-WAW
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
ctntpan.com/8ebfe1ea39135fb3/ Frame 6552
Redirect Chain
  • https://hotrtr.com/cr.php?cid=920&ACT=69324&TRK=42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675
  • https://www.landqck.com/ep.php/JK-prmagms:76265/69324:42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150
  • https://actvjoin.com/signup/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ0412...
  • https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675...
29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Requested by
Host: slutsaga.com
URL: https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.41 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
adce70021de95197cb996f62fcb2c6617671cf07438949a57bea7aea3c83a4d2

Request headers

Referer
https://slutsaga.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 13 Apr 2023 05:28:09 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
section-io-cache
Miss
section-io-id
d3960b01807cf8a9c1660bd0edfdb250
vary
Accept-Encoding
via
1.1 varnish-977b4d767-f225t (Varnish/7.2)
x-varnish
1115007

Redirect headers

age
0
cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 13 Apr 2023 05:28:08 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
section-io-cache
Miss
section-io-id
2f18407fb6fe2a284051247e8de6d7cc
via
1.1 varnish-977b4d767-f225t (Varnish/7.2)
x-varnish
1769652
bg-sound.mp3
slutsaga.com/jpt/assets/audio/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://slutsaga.com/jpt/assets/audio/bg-sound.mp3
Requested by
Host: slutsaga.com
URL: https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07ce2e3f1909f1e1bac6bc8c36bb7b8ddda60c9a13ff647f4cd0b1f3708d8e73

Request headers

Referer
https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Accept-Encoding
identity;q=1, *;q=0
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 13 Apr 2023 05:28:06 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Aug 2022 10:12:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
430
etag
"62f0e17e-199b46"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCVhirqxg3NmCOFw1R9gy8lP8w5hoiEREODSG5dM%2BEEZIun2KPVn2vqpiba3ZP5QxVuKBvJ94oL%2Bg%2BZ3t4yIIVVUgSXnE8YAZ%2BfwlBxB99aS%2FVH2fiuewAFq%2BS2x8KU%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 0-1678149/1678150
cache-control
max-age=14400
cf-ray
7b714dc12c68347f-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1678150
click.wav
slutsaga.com/jpt/assets/audio/ 		237 KB
238 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://slutsaga.com/jpt/assets/audio/click.wav
Requested by
Host: slutsaga.com
URL: https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe535fd085fe27f4397e2e6ab2e5798f66636f1d7244b559018aed85fa99348b

Request headers

Referer
https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Accept-Encoding
identity;q=1, *;q=0
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 13 Apr 2023 05:28:06 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 08 Aug 2022 10:12:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62f0e17e-3b498"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OPko2O8rtvV5tcQsTxBYq5%2Bb%2BnNkDDqV9K2g1IJeOemsJLdr0BdDXcX%2Bf1DqI1KCTNHqL19hB%2BEOWJpQYDcV%2FJ1E0lfT1dT%2ButXlhVvMZctxiD1bbIzMdYg9Fu1KZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
Content-Range
bytes 0-242839/242840
cf-ray
7b714dc12c6a347f-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
242840
1.mp4
slutsaga.com/jpt/assets/video/ 		244 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://slutsaga.com/jpt/assets/video/1.mp4
Requested by
Host: slutsaga.com
URL: https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Accept-Encoding
identity;q=1, *;q=0
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 13 Apr 2023 05:28:06 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 08 Aug 2022 10:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62f0e17f-18c1eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLXhG7v%2FLBxQUl%2Fr600%2FunoutI8hJd4qy%2F5obwv2IbwBgoqPkYhsEKG4HKqckvKkrbQBTNUgo7n6hcKLz3uWtTHjDNsk%2BV5WkxJ3x0iAOPo4yVMXdvXoQv3kC0quPj4%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 0-1622506/1622507
cache-control
max-age=14400
cf-ray
7b714dc12c6b347f-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1622507
1.mp4
slutsaga.com/jpt/assets/video/ 		16 KB
17 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://slutsaga.com/jpt/assets/video/1.mp4
Requested by
Host: slutsaga.com
URL: https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ea0017493428d9a88faa800d4c6fd06d718cbc7ca7c0575c45c432894830270

Request headers

Referer
https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Accept-Encoding
identity;q=1, *;q=0
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=1605632-

Response headers

date
Thu, 13 Apr 2023 05:28:07 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Aug 2022 10:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"62f0e17f-18c1eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnjwYkaJY2IVquyhP%2B9mUle92qLv1rJ80fnIGpiYwUMMRt5DtN5cbdhik506qBaOWZfFeNu1IAWLipK%2BpQiJLxc5r0866WD59OYCDIks5iWMAJdvXy59a8jyTrCBs4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 1605632-1622506/1622507
cache-control
max-age=14400
cf-ray
7b714dc40df7347f-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
16875
1.mp4
slutsaga.com/jpt/assets/video/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://slutsaga.com/jpt/assets/video/1.mp4
Requested by
Host: slutsaga.com
URL: https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1353ffd840b2e3974565277bd920411c75866313c896dd1535f37062354e7ed4

Request headers

Referer
https://slutsaga.com/jpt/?pub_id=42562&cid=37_42562_8150_479bc85167943d73ef60edf837a6d4e5&source=171_eml_WH_67675
Accept-Encoding
identity;q=1, *;q=0
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=229376-

Response headers

date
Thu, 13 Apr 2023 05:28:08 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Aug 2022 10:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"62f0e17f-18c1eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUEPXfuyCaogtUJDTSeQT6YtPT6yLMw9Z%2FdOgSspeZz4AptWXfCGrnQ2hm%2F8CcSH6TNiZjeFhhbgF%2BA61A7yRKwqW%2Fe%2Bm1iboN1GfJh%2B81QooStL5GXcO%2BEJ%2FGaV6nU%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 229376-1622506/1622507
cache-control
max-age=14400
cf-ray
7b714dcdbb37347f-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1393131
bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/ Frame 6552 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: ctntpan.com
URL: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 -, , ASN (),
Reverse DNS
Software
ECAcc (wmi/FEF5) /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2967299
x-cache
HIT
content-length
19629
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:18 GMT
server
ECAcc (wmi/FEF5)
etag
"0e914f2cb33d21:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
icon
fonts.googleapis.com/ Frame 6552 		569 B
462 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: ctntpan.com
URL: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Apr 2023 05:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 05:28:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Apr 2023 05:28:09 GMT
epcsaga.css
ctntpan.com/common_tpls/compactML/css/ Frame 6552 		48 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ctntpan.com/common_tpls/compactML/css/epcsaga.css
Requested by
Host: ctntpan.com
URL: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.41 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
305b2f24f5db510cefc66379c6f994d685062156c020a921b4a38bb49b5ac040

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:09 GMT
content-encoding
gzip
section-io-cache-id
4e86146fed2cd99867a5d0b9665964b9
last-modified
Sat, 04 Dec 2021 17:36:33 GMT
age
1466
etag
W/"61aba721-be1c"
vary
Accept-Encoding
content-type
text/css
x-varnish
295442 1278289
via
1.1 varnish-977b4d767-f225t (Varnish/7.2)
accept-ranges
bytes
section-io-cache
Hit
section-io-id
7ca9d023696a46a504bebede94da9586
content-length
8761
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 6552 		86 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: ctntpan.com
URL: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ctntpan.com/
Origin
https://ctntpan.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 10 Apr 2023 08:47:59 GMT
x-content-type-options
nosniff
age
247211
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88145
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Apr 2024 08:47:59 GMT
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/ Frame 6552 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
Requested by
Host: ctntpan.com
URL: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 -, , ASN (),
Reverse DNS
Software
ECAcc (wmi/FEC2) /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ctntpan.com/
Origin
https://ctntpan.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3555590
x-cache
HIT
content-length
9839
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:09:59 GMT
server
ECAcc (wmi/FEC2)
etag
"80bdc1e6cb33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
b314bdf1b3.js
kit.fontawesome.com/ Frame 6552 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/b314bdf1b3.js
Requested by
Host: ctntpan.com
URL: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
564b7f49d93c4cee5c7bce3293e60fba9de0450e7131005928d68b6a796745c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://ctntpan.com/
Origin
https://ctntpan.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:10 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
60
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
7b714dd6ee483557-WAW
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F1KZlRvyYCe_tlwyQD_D
form_support.js
ctntpan.com/common_tpls/js/ Frame 6552 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntpan.com/common_tpls/js/form_support.js?v=1101202201
Requested by
Host: ctntpan.com
URL: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.41 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:09 GMT
via
1.1 varnish-977b4d767-f225t (Varnish/7.2)
section-io-cache-id
66afb998d5b2b16fa5213e1086ae71d6
last-modified
Fri, 18 Nov 2022 21:23:38 GMT
age
1602
etag
W/"6377f7da-ed7"
vary
Accept-Encoding
x-varnish
1344029 131085
content-type
application/javascript
content-encoding
gzip
section-io-cache
Hit
section-io-id
387b623c6c35abb5d9cb65005ac59712
validate_form_v2.js
ctntpan.com/common_tpls/js/ Frame 6552 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntpan.com/common_tpls/js/validate_form_v2.js?jsv=33
Requested by
Host: ctntpan.com
URL: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.41 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
82541640f7edc753be5fb44d233216f5906f8f6ebc7200a02f229e263997b0ef

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:09 GMT
via
1.1 varnish-977b4d767-f225t (Varnish/7.2)
section-io-cache-id
906fd1757b033355f3fb2c721f4f8d74
last-modified
Mon, 13 Feb 2023 23:40:03 GMT
age
1595
etag
W/"63eaca53-63ed"
vary
Accept-Encoding
x-varnish
1148282 196658
content-type
application/javascript
content-encoding
gzip
section-io-cache
Hit
section-io-id
33e5501ff9fba9f5edae84479b158cc5
css2
fonts.googleapis.com/ Frame 6552 		5 KB
647 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Muli:wght@200;300;400;500;700&display=swap
Requested by
Host: ctntpan.com
URL: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
536e094c4107b058cde5ca4cc2418470cf21b4aa107087a75f88557096011ec8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Apr 2023 05:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 05:28:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Apr 2023 05:28:09 GMT
email.png
ctntpan.com/common_tpls/images/icons/ Frame 6552 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ctntpan.com/common_tpls/images/icons/email.png
Requested by
Host: ctntpan.com
URL: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.41 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:10 GMT
via
1.1 varnish-977b4d767-f225t (Varnish/7.2)
section-io-cache-id
10f367ff6ae2acc4b636244719cd4e71
last-modified
Mon, 21 Aug 2017 19:32:05 GMT
age
1596
etag
"599b3535-4e6"
x-varnish
1344042 229408
content-type
image/png
accept-ranges
bytes
section-io-cache
Hit
section-io-id
9458c679f592bf638e6285ee32ec0049
content-length
1254
password.png
ctntpan.com/common_tpls/images/icons/ Frame 6552 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ctntpan.com/common_tpls/images/icons/password.png
Requested by
Host: ctntpan.com
URL: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.41 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:11 GMT
via
1.1 varnish-977b4d767-f225t (Varnish/7.2)
section-io-cache-id
2ea5c6a5eb31a013f419a10df451a712
last-modified
Tue, 22 Aug 2017 16:34:59 GMT
age
1596
etag
"599c5d33-5ac"
x-varnish
393803 524299
content-type
image/png
accept-ranges
bytes
section-io-cache
Hit
section-io-id
f4fa8af337d4e92cb1fcd8f84ad88483
content-length
1452
fname.png
ctntpan.com/common_tpls/images/icons/ Frame 6552 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ctntpan.com/common_tpls/images/icons/fname.png
Requested by
Host: ctntpan.com
URL: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.41 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:11 GMT
via
1.1 varnish-977b4d767-f225t (Varnish/7.2)
section-io-cache-id
337ef1a81a4380d9828159c90809ebf0
last-modified
Tue, 28 Nov 2017 20:52:02 GMT
age
1609
etag
"5a1dcc72-671"
x-varnish
1344043 19
content-type
image/png
accept-ranges
bytes
section-io-cache
Hit
section-io-id
f44612add4a97ca708c6874eb0ee25dc
content-length
1649
address.png
ctntpan.com/common_tpls/images/icons/ Frame 6552 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ctntpan.com/common_tpls/images/icons/address.png
Requested by
Host: ctntpan.com
URL: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.41 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:11 GMT
via
1.1 varnish-977b4d767-f225t (Varnish/7.2)
section-io-cache-id
f9ae01a7a6de5b94b6b3bfb6d2c29faf
last-modified
Mon, 21 Aug 2017 19:32:05 GMT
age
1607
etag
"599b3535-48f"
x-varnish
393804 31
content-type
image/png
accept-ranges
bytes
section-io-cache
Hit
section-io-id
5c614b6921787a5256b61b1dc034e6eb
content-length
1167
iframeResizer.contentWindow.min.js
ctntpan.com/common_tpls/js/ Frame 6552 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntpan.com/common_tpls/js/iframeResizer.contentWindow.min.js
Requested by
Host: ctntpan.com
URL: https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.41 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:10 GMT
via
1.1 varnish-977b4d767-f225t (Varnish/7.2)
section-io-cache-id
3ac374b5b3a51be5674486301630ed91
last-modified
Thu, 04 Feb 2016 15:06:03 GMT
age
1596
etag
W/"56b368db-3445"
vary
Accept-Encoding
x-varnish
131743 524294
content-type
application/javascript
content-encoding
gzip
section-io-cache
Hit
section-io-id
60e1253701a647b85df38d4be17f0f5e
pro.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 6552 		315 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b314bdf1b3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
789214
etag
"610ae215-d3b2"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7b714ddc8a033557-WAW
content-length
54194
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 6552 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b314bdf1b3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
789214
etag
"610ae215-1062"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7b714ddc8a013557-WAW
content-length
4194
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 6552 		27 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b314bdf1b3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
789214
etag
"610ae215-a2b"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7b714ddc8a043557-WAW
content-length
2603
pro.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 6552 		315 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b314bdf1b3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
789214
etag
"610ae215-d3b2"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7b714ddc89fe3557-WAW
content-length
54194
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 6552 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b314bdf1b3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
789214
etag
"610ae215-1062"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7b714ddc89ff3557-WAW
content-length
4194
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 6552 		27 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b314bdf1b3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ctntpan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 05:28:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
789214
etag
"610ae215-a2b"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7b714ddc8a003557-WAW
content-length
2603
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://slutsaga.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:35:12 GMT
x-content-type-options
nosniff
age
154379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35904
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:34:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:35:12 GMT
/
ctntpan.com/acct/trk/ Frame 6552 		21 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ctntpan.com/acct/trk/?rtid=91721989877
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.41 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
60ea1d3ced0122097ea588d15475054de54139ddac2db26f397f16e5b5abc555

Request headers

Accept
*/*
Referer
https://ctntpan.com/8ebfe1ea39135fb3/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47495-1004556.42562.37_42562_8150_479bc85167943d73ef60edf837a6d4e5.171_eml_WH_67675.MNlZ041219687.8150&lang=pl&f_color=ffffff&epcCID=Zc2em5HfS3d8CdhaWbGbVbG2jcD0e1E0G&rtid=91721989877
X-Requested-With
XMLHttpRequest
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 05:28:11 GMT
via
1.1 varnish-977b4d767-f225t (Varnish/7.2)
age
0
content-type
text/json;charset=UTF-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish
1049304
cache-control
no-store, no-cache, must-revalidate
section-io-cache
Miss
section-io-id
5e7b3221b8ec00522f2c70614ddc5505
content-length
21
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| playAudio function| playClickSound function| pauseAudio function| setTimer function| changeVideo function| setVideo function| setVH function| nextStep function| showStep function| hideStep function| getVideoPlay function| getVideoStart function| getVideoAppears

36 Cookies

Domain/Path Name / Value
links.tradingnudes.com/ Name: TEMP_DATA
Value: d4c20f8e-86e8-4172-b435-9bc2f463d798
links.tradingnudes.com/ Name: esg1
Value: sMq/Zx/lcUBkpD1Dhj-RdQWJhRnxQ/H/XuBU/F/ebb84712
.tradingnudes.com/ Name: bdreff
Value: NONE
.tradingnudes.com/ Name: tour
Value: 50589
.tradingnudes.com/ Name: affsubid
Value: 143686-47921_Zone2023_TemplateNRHhgdT3k2
.tradingnudes.com/ Name: bdvisit
Value: 143686
.tradingnudes.com/ Name: bdcounter
Value: 1
.tradingnudes.com/ Name: xk
Value: 10c13060aa3aead63c7539ad2e63e9c2
ads.traffichunt.com/ Name: new_adx_profile_guid
Value: 397e23b5-ed5e-42d6-b7ba-98fba982e2a5
ads.traffichunt.com/ Name: new_3.adx_rt_0
Value: 540
ads.traffichunt.com/ Name: new_3.adx_daily_rt_0
Value: 540
ads.traffichunt.com/ Name: 3.adx_daily_rt_0
Value: 540
ads.traffichunt.com/ Name: 3.adx_rt_0
Value: 540
ads.traffichunt.com/ Name: adx_profile_guid
Value: 397e23b5-ed5e-42d6-b7ba-98fba982e2a5
.trafficjunky.net/ Name: tj_UUID
Value: 1d514c0e8b1648ceb53d291fe5a42f1f
.trafficjunky.net/ Name: tj_UUID_v2
Value: 1d514c0e-8b16-48ce-b53d-291fe5a42f1f
.trafficjunky.net/ Name: dcb281caf556711610d4c0a233a03a0c
Value: 1
.exv6.com/ Name: goals
Value: a%3A1%3A%7Bi%3A32532%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-04-13%22%3B%7D%7D
.trafficjunky.net/ Name: c955155862c7d96aeb8ac1509b6c71b9
Value: 1
my.rtmark.net/ Name: ID
Value: 983aa52dda1b4c9ca4ebdaed3cd88f04
tsyndicate.com/ Name: ts_rt_8f67f609-c7a5-4451-8dfd-1c7a87401456
Value: AOnICTNmTRo3Z3rECAg=
.mgid.com/ Name: __cf_bm
Value: M1zp7dDq3o4w7pQj2HsrFWbg3q2NmAx4DG6gYXYl9Uc-1681363684-0-AXb5LiTyPdg+Kv+F/qrYoUamt+UezP27r/i/khHxyFKB0vqUaORavOqg7WxXe02tlgPfkCq3c8OlJDfK1idAaSI=
.exdynsrv.com/ Name: goals
Value: a%3A1%3A%7Bi%3A32532%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-04-13%22%3B%7D%7D
.exoclick.com/ Name: goals
Value: a%3A1%3A%7Bi%3A32532%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-04-13%22%3B%7D%7D
.realsrv.com/ Name: goals
Value: a%3A1%3A%7Bi%3A32532%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-04-13%22%3B%7D%7D
www.bestadultgame.com/ Name: unique_id
Value: 643792e500075fc2
www.bestadultgame.com/ Name: unique_id2
Value: 643792e50007683c
www.bestadultgame.com/ Name: tid
Value: ichec643792e500006ade
.go.trklinkcm.com/ Name: language
Value: pl
.go.trklinkcm.com/ Name: 8150
Value: 37_42562_8150_479bc85167943d73ef60edf837a6d4e5
.go.trklinkcm.com/ Name: op_8150
Value: 0
.go.trklinkcm.com/ Name: user_id
Value: e461dc5a-ac98-4fc1-8023-4abefd491aa6_94bd95d41c6be727719f204c080db2ee
hotrtr.com/ Name: AWSALBCORS
Value: sIcLCTGsLG4NhZpG2gjmBvfFvkvehNPzk5y/JI4xaFgoirfUQSUcLRps2tXLIzizB/ePvOHCHSUIoNMRGWeXja1/JQhx3Z1a7UiCDQR7iGU3wjirQUy0nizfYSv5
www.landqck.com/ Name: AWSALBCORS
Value: LpnCN22+QoRYQblsM6dNLC+0aQf0sIXx//2CtAHFpjDSmDvTaq4qVnQJkn7HXMe9y6sHpV8W5YA0tBI0nH91k4Uabpop8lEGtQB5MT82BAOhRrUNAQS9HPCIKAhN
actvjoin.com/ Name: PHPSESSID
Value: 39a40a4ce551e246f590c1a1197d72de
ctntpan.com/ Name: PHPSESSID
Value: 79e58b5e93f7d511ad78dd32fdedb401

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
actvjoin.com
ads.traffichunt.com
ajax.aspnetcdn.com
ajax.googleapis.com
ctntpan.com
ctrack.trafficjunky.net
fonts.googleapis.com
fonts.gstatic.com
go.tradingnudes.com
go.trklinkcm.com
hotrtr.com
ka-p.fontawesome.com
kit.fontawesome.com
links.tradingnudes.com
moartraffic.engine.adglare.net
my.rtmark.net
s.exv6.com
slutsaga.com
syndication.exdynsrv.com
syndication.exoclick.com
syndication.realsrv.com
tsyndicate.com
vrmom.track4ref.com
www.bestadultgame.com
www.landqck.com
104.18.22.52
104.19.132.78
104.21.52.132
136.243.51.205
139.45.195.8
142.250.185.106
142.250.185.202
142.250.185.67
152.199.19.160
172.255.248.105
172.67.199.140
207.120.33.41
207.120.33.9
213.227.142.34
34.215.149.32
44.231.28.218
52.19.101.114
52.201.90.219
52.86.83.175
66.254.114.89
68.169.106.40
91.199.51.171
95.211.229.245
07ce2e3f1909f1e1bac6bc8c36bb7b8ddda60c9a13ff647f4cd0b1f3708d8e73
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1353ffd840b2e3974565277bd920411c75866313c896dd1535f37062354e7ed4
305b2f24f5db510cefc66379c6f994d685062156c020a921b4a38bb49b5ac040
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
4ea0017493428d9a88faa800d4c6fd06d718cbc7ca7c0575c45c432894830270
536e094c4107b058cde5ca4cc2418470cf21b4aa107087a75f88557096011ec8
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
564b7f49d93c4cee5c7bce3293e60fba9de0450e7131005928d68b6a796745c7
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
60ea1d3ced0122097ea588d15475054de54139ddac2db26f397f16e5b5abc555
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb
7c8c4c4320b3ba4350117fba65419424084fc81e8915d177150110789042dd80
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
82541640f7edc753be5fb44d233216f5906f8f6ebc7200a02f229e263997b0ef
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
9e03c614944ab099e931cc2d83610c70cd44829fb6e54abaf8bab811cbbeeaa8
a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
adce70021de95197cb996f62fcb2c6617671cf07438949a57bea7aea3c83a4d2
b8efa0b7ba0b9430c13878f7848a66b762cc98bc9c19bc416837d328d39c89df
c08e163290aa8dc4b697016164a84d7503e19fadc1038fcc83dca71087bedbae
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d
f324267d001ef6eeb495e75e3abac0fa963c59437364d67ce098fb57a1d4452a
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
fe535fd085fe27f4397e2e6ab2e5798f66636f1d7244b559018aed85fa99348b