www.amoureuxchauds.com Open in urlscan Pro
34.65.131.97 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://strtemizlik.com/
Effective URL:
https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
Submission: On October 01 via automatic, source urlhaus (October 1st 2020, 1:14:04 am UTC)

Summary HTTP 52 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 16 IPs in 7 countries across 15 domains to perform 52 HTTP transactions. The main IP is 34.65.131.97, located in United States and belongs to GOOGLE, US. The main domain is www.amoureuxchauds.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 18th 2020. Valid for: 3 months.

This is the only time www.amoureuxchauds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.124.85.148 185.124.85.148	43260 (AS43260) (AS43260)
3	2606:4700:303... 2606:4700:3037::681f:43e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	184.25.217.253 184.25.217.253	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.111.217.251 104.111.217.251	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2 9	3.125.134.118 3.125.134.118	16509 (AMAZON-02) (AMAZON-02)
1	52.28.200.0 52.28.200.0	16509 (AMAZON-02) (AMAZON-02)
1 1	34.243.194.20 34.243.194.20	16509 (AMAZON-02) (AMAZON-02)
14	34.65.131.97 34.65.131.97	15169 (GOOGLE) (GOOGLE)
10	35.195.163.35 35.195.163.35	15169 (GOOGLE) (GOOGLE)
1	35.227.221.175 35.227.221.175	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
52	16

1 185.124.85.148 (Turkey)

ASN43260 (AS43260, TR)
PTR: web01.bilgehosting.com

strtemizlik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::681f:43e9 (United States)

ASN13335 (CLOUDFLARENET, US)

golead.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.25.217.253 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-25-217-253.deploy.static.akamaitechnologies.com

www.g2a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.251 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-251.deploy.static.akamaitechnologies.com

www.gearbest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.125.134.118 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-134-118.eu-central-1.compute.amazonaws.com

date-till-late.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.200.0 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-200-0.eu-central-1.compute.amazonaws.com

typerock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.194.20 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-194-20.eu-west-1.compute.amazonaws.com

track.clickchewer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 34.65.131.97 (United States)

ASN15169 (GOOGLE, US)
PTR: 97.131.65.34.bc.googleusercontent.com

www.amoureuxchauds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.195.163.35 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 35.163.195.35.bc.googleusercontent.com

recueillirleconsentement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.recueillirleconsentement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.221.175 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 175.221.227.35.bc.googleusercontent.com

static.dating	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	amoureuxchauds.com www.amoureuxchauds.com	411 KB
10	recueillirleconsentement.com recueillirleconsentement.com api.recueillirleconsentement.com	24 KB
9	date-till-late.us 2 redirects date-till-late.us	9 KB
7	google-analytics.com www.google-analytics.com	37 KB
3	doubleclick.net stats.g.doubleclick.net	545 B
3	golead.pl golead.pl	13 KB
2	g2a.com 1 redirects www.g2a.com	1 KB
1	google.de www.google.de	106 B
1	google.com www.google.com	106 B
1	static.dating static.dating	126 KB
1	clickchewer.com 1 redirects track.clickchewer.com	2 KB
1	typerock.com typerock.com	722 B
1	gearbest.com www.gearbest.com
1	strtemizlik.com strtemizlik.com	348 B
0	aliexpress.com Failed best.aliexpress.com Failed
52	15

	Domain	Requested by
14	www.amoureuxchauds.com	date-till-late.us www.amoureuxchauds.com
9	date-till-late.us	2 redirects golead.pl date-till-late.us
8	api.recueillirleconsentement.com	recueillirleconsentement.com
7	www.google-analytics.com	golead.pl www.google-analytics.com www.amoureuxchauds.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	golead.pl	strtemizlik.com golead.pl
2	recueillirleconsentement.com	www.amoureuxchauds.com recueillirleconsentement.com
2	www.g2a.com	1 redirects golead.pl
1	www.google.de	www.amoureuxchauds.com
1	www.google.com	www.amoureuxchauds.com
1	static.dating	www.amoureuxchauds.com
1	track.clickchewer.com	1 redirects
1	typerock.com	date-till-late.us
1	www.gearbest.com	golead.pl
1	strtemizlik.com
0	best.aliexpress.com Failed	golead.pl
52	16

This site contains links to these domains. Also see Links.

Domain
amoureuxchauds.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-08` - `2021-07-08`	a year	crt.sh
www.g2a.com DigiCert SHA2 Extended Validation Server CA	`2019-09-12` - `2021-10-11`	2 years	crt.sh
*.gearbest.com DigiCert SHA2 Secure Server CA	`2020-04-13` - `2021-07-13`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
date-till-late.us Amazon	`2020-05-07` - `2021-06-07`	a year	crt.sh
typerock.com Amazon	`2020-05-07` - `2021-06-07`	a year	crt.sh
amoureuxchauds.com Let's Encrypt Authority X3	`2020-09-18` - `2020-12-17`	3 months	crt.sh
recueillirleconsentement.com Let's Encrypt Authority X3	`2020-10-01` - `2020-12-30`	3 months	crt.sh
static.dating Let's Encrypt Authority X3	`2020-09-04` - `2020-12-03`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
Frame ID: A4B0F75F784DA8B63B39598378C39DCE
Requests: 45 HTTP requests in this frame

Frame: https://www.g2a.com/?gname-not-found
Frame ID: 51FEF23DEB5BF2B526AB9CF74B37CE1B
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.com/?new_site=0&olp=1000018409_f_B&aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=69d07eb278d849ad9dcaec2617b5b214-1601514827052-04930-_d6GDFTu&terminal_id=376fb19aa9f24fca8d6b2c19388fc609
Frame ID: E91CA93C5E1A91AD3E549A0509366B57
Requests: 1 HTTP requests in this frame

Frame: https://www.gearbest.com/?lkid=78540179
Frame ID: CCF3A04184934D9A84C1BB4CE415A2A1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://strtemizlik.com/ Page URL
https://golead.pl/p/tr9n/gHHa/2I0n Page URL
https://date-till-late.us/tds/cpa?tdsId=s8920hlo_r&tds_campaign=s8920hlo&utm_source=int&utm_campaign=c... HTTP 302
https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&t... Page URL
https://date-till-late.us/fg/tds/cpa?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&... HTTP 302
https://date-till-late.us/tds/interlayer?handler=BackofferOnExternalOffer&referer=https%3A%2F%2Ftrack.... Page URL
https://track.clickchewer.com/aff_c?offer_id=3793&aff_id=2562&aff_click_id=67bdad24332b042de30171fb8541a1e... HTTP 302
https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500 Page URL

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

52
Requests

96 %
HTTPS

44 %
IPv6

15
Domains

16
Subdomains

16
IPs

7
Countries

620 kB
Transfer

1007 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://amoureuxchauds.com/agreement?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://amoureuxchauds.com/privacy?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
Title: Privacy

Search URL Search Domain Scan URL

URL: https://amoureuxchauds.com/helpdesk?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
Title: Contact

Search URL Search Domain Scan URL

URL: https://amoureuxchauds.com/conditions?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
Title: Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://strtemizlik.com/ Page URL
https://golead.pl/p/tr9n/gHHa/2I0n Page URL
https://date-till-late.us/tds/cpa?tdsId=s8920hlo_r&tds_campaign=s8920hlo&utm_source=int&utm_campaign=ca539086&utm_content=135500&data2=mlClick-AwmiFsHd&utm_sub=opnfnl&s1=ps HTTP 302
https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a Page URL
https://date-till-late.us/fg/tds/cpa?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&tds_id=s8920hlo_r&tds_oid=a&dci=084edc1bb25423e3cc72749c1361a256108c34b8&tds_host=date-till-late.us&tdsId=s8920hlo_targeting_a&utm_sub=opnfnl&p_tds_cid=&tds_reason=direct HTTP 302
https://date-till-late.us/tds/interlayer?handler=BackofferOnExternalOffer&referer=https%3A%2F%2Ftrack.clickchewer.com%2Faff_c%3Foffer_id%3D3793%26aff_id%3D2562%26aff_click_id%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26aff_sub%3D31c03c89_135500%26tds_cid%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26tds_campaign%3Db3957mar&placement=lp&cid=67bdad24332b042de30171fb8541a1ec72b0baa8&addtl_qs=tds_ac_id%3Ds8920hlo%26tds_host%3Ddate-till-late.us%26p_tds_cid%3D%26utm_campaign%3Dca539086%26utm_source%3Dint%26utm_content%3D135500%26data2%3DmlClick-AwmiFsHd%26s1%3Dps Page URL
https://track.clickchewer.com/aff_c?offer_id=3793&aff_id=2562&aff_click_id=67bdad24332b042de30171fb8541a1ec72b0baa8&aff_sub=31c03c89_135500&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&tds_campaign=b3957mar HTTP 302
https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.g2a.com/n/reflink-381235804a HTTP 302
https://www.g2a.com/?gname-not-found

Request Chain 4

https://s.click.aliexpress.com/e/_d6GDFTu HTTP 302
https://best.aliexpress.com/?new_site=0&olp=1000018409_f_B&aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=69d07eb278d849ad9dcaec2617b5b214-1601514827052-04930-_d6GDFTu&terminal_id=376fb19aa9f24fca8d6b2c19388fc609

Request Chain 11

https://date-till-late.us/tds/cpa?tdsId=s8920hlo_r&tds_campaign=s8920hlo&utm_source=int&utm_campaign=ca539086&utm_content=135500&data2=mlClick-AwmiFsHd&utm_sub=opnfnl&s1=ps HTTP 302
https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a

Request Chain 17

https://date-till-late.us/fg/tds/cpa?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&tds_id=s8920hlo_r&tds_oid=a&dci=084edc1bb25423e3cc72749c1361a256108c34b8&tds_host=date-till-late.us&tdsId=s8920hlo_targeting_a&utm_sub=opnfnl&p_tds_cid=&tds_reason=direct HTTP 302
https://date-till-late.us/tds/interlayer?handler=BackofferOnExternalOffer&referer=https%3A%2F%2Ftrack.clickchewer.com%2Faff_c%3Foffer_id%3D3793%26aff_id%3D2562%26aff_click_id%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26aff_sub%3D31c03c89_135500%26tds_cid%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26tds_campaign%3Db3957mar&placement=lp&cid=67bdad24332b042de30171fb8541a1ec72b0baa8&addtl_qs=tds_ac_id%3Ds8920hlo%26tds_host%3Ddate-till-late.us%26p_tds_cid%3D%26utm_campaign%3Dca539086%26utm_source%3Dint%26utm_content%3D135500%26data2%3DmlClick-AwmiFsHd%26s1%3Dps

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
strtemizlik.com/ 108 B
348 B 182ms
158ms Document
text/html 185.124.85.148
AS43260

General

Check archive.org

Show headers Download Go to

Full URL: http://strtemizlik.com/
Protocol: HTTP/1.1
Server: 185.124.85.148 , Turkey, ASN43260 (AS43260, TR),
Reverse DNS: web01.bilgehosting.com
Software: LiteSpeed / PHP/5.6.40
Resource Hash: 19e3d90b0a1dff1466b9654066122a0838c8d744d2951f1c3f8c3349e6d74c5c

Request headers

Host: strtemizlik.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-powered-by: PHP/5.6.40
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
content-length: 115
date: Thu, 01 Oct 2020 03:10:31 GMT
server: LiteSpeed
connection: Keep-Alive

GET
H2 200 2I0n Show response
golead.pl/p/tr9n/gHHa/ 2 KB
1 KB 192ms
170ms Document
text/html 2606:4700:3037::681f:43e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://golead.pl/p/tr9n/gHHa/2I0n
Requested by: Host: strtemizlik.com
URL: http://strtemizlik.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:43e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfd6dac08ba2bf42da6ca871d3ed8e7e9885c45c9e37d14fcb3d72908555048d

Request headers

:method: GET
:authority: golead.pl
:scheme: https
:path: /p/tr9n/gHHa/2I0n
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://strtemizlik.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://strtemizlik.com/

Response headers

status: 200
date: Thu, 01 Oct 2020 01:13:46 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d3c30c80e845b684c65782aae99225fdb1601514826; expires=Sat, 31-Oct-20 01:13:46 GMT; path=/; domain=.golead.pl; HttpOnly; SameSite=Lax; Secure 71ff54ebddb1e090fbf173d96e2342c8=71ff54ebddb1e090fbf173d96e2342c8; expires=Fri, 01-Oct-2021 01:13:46 GMT; Max-Age=31536000; path=/; httponly
vary: Accept-Encoding
cache-control: no-cache, no-store, private
x-robots-tag: noindex, nofollow
cf-cache-status: DYNAMIC
cf-request-id: 0583520410000005c8c8290200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601514827"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5db252b34ba605c8-FRA
content-encoding: br

GET
H2 200 03032020.min.js Show response
golead.pl/js/ 32 KB
11 KB 12ms
11ms Script
application/javascript 2606:4700:3037::681f:43e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://golead.pl/js/03032020.min.js
Requested by: Host: golead.pl
URL: https://golead.pl/p/tr9n/gHHa/2I0n
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:43e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a0dd05cafdce90b48c1b89ae4d86f1120a0fdc7a9e929edb1ebe0404f663dad

Request headers

Device-Memory: 8
Referer: https://golead.pl/p/tr9n/gHHa/2I0n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6542
status: 200
cf-request-id: 05835204c7000005c8c8295200000001
last-modified: Tue, 03 Mar 2020 10:38:41 GMT
server: cloudflare
etag: W/"5e5e33b1-813d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601514827"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5db252b47d1905c8-FRA

GET
H2

200

/
www.g2a.com/ Frame 51FE
Redirect Chain

https://www.g2a.com/n/reflink-381235804a
https://www.g2a.com/?gname-not-found

0
0

486ms
485ms

Document
text/html

184.25.217.253
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.g2a.com/?gname-not-found

Requested by

Host: golead.pl
URL: https://golead.pl/p/tr9n/gHHa/2I0n

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.25.217.253 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-25-217-253.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.g2a.com
:scheme: https
:path: /?gname-not-found
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://golead.pl/p/tr9n/gHHa/2I0n
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://golead.pl/p/tr9n/gHHa/2I0n

Response headers

status: 200
server: nginx
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
x-download-options: noopen
x-xss-protection: 1; mode=block
cache-control: no-store, must-revalidate, max-age=0
etag: "67362-tNxHcX4lLkxZIp3uirelZuuhQWU"
g2a-dbg: 0
x-backend: am4-new-layout
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
g2a-server: am4-min01
x-akamai-transformed: 9 - 0 pmb=mTOE,3
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 01 Oct 2020 01:13:47 GMT
set-cookie: skc=c996dfd0-c540-4777-9660-be9e77318e2a-1601514827; Expires=Sun Sep 29 01:13:47 2030; Domain=.www.g2a.com; Path=/; Secure; HttpOnly ak_bmsc=DDE4DC8A0BC89353E5B2E71F172447D70214841F8B2800004B2D755FBAB32604~plWQ2j9ncq9sv2NQDdKLaPemeFouMN8ApmluH6a0+Ba7i5mE1wGStawFt6g3eyrefJGRbdE1UaNx6K6xto0GZTf4MCYC9k7SnJS2l8PI7mTiGo+lGj4h4aCydiWVLiEKeqW9sYKF3WqOfxxj7jPqFtN1wAVWOu3ZOA1+Q8ZKgv9kOMdgs9Hfu1X1XQrjMTFu0TvBGDKCIhlzqO4tyOnc79iXILMA0DsqwXn8fA9RAZj4U=; expires=Thu, 01 Oct 2020 03:13:47 GMT; max-age=7200; path=/; domain=.g2a.com; HttpOnly bm_mi=BE45CC7A7774E3611831AAC1F5740E5E~IS8ZuYXN3KkXdVdfWP6F5xL0oWpyWaMn9P71kkSlsWHKz4TVZ+9YUSTMmIhzM8/xL1Fub11Mh91MhLG3CWqEFf4eu2zHezE/izRvPxpmjjWobI/0XegJFmbHoXvadGMSd1zF5nmold/UfRhJpHwIodRM3ukseMTWHuJRUgrwQphu0NbRrzpi8oWmSePAHissFvqW5hAgHBgB6zj/nQcRwg==; Domain=.g2a.com; Path=/; Max-Age=0; HttpOnly bm_sz=AB859050E90D56EF77B97F36B5104FAE~YAAQH4QUAnrFH9V0AQAAUe+44QmGNhMV5Kz7HyzQevRYLwroYz6baMMIxRxrvSOfaLLgV71E3aK8x/in7ySsDG9ysAcU0D85eS1ekZosc/y//exsFO3Rxijs5DboEmw8L286xStnqffAHKyUhEIVWMWk8YfhCD7+QU/W6uVlL0JlGb8b7D37ZlOav7LZ; Domain=.g2a.com; Path=/; Expires=Thu, 01 Oct 2020 05:13:47 GMT; Max-Age=14400; HttpOnly _abck=3F6C4189901F9026E9C0E6FE25304AE5~-1~YAAQH4QUAnvFH9V0AQAAUe+44QTdRhXlQBl5gO5UwRBieiu4s//QwKIn2tsCpnoVhzkFXzH5YGZEPLs8/9ifC5vfe7HA1arynW1goV7WTAQ2I1cQJpIh+szNOVN3+TGTlypnIo7vpkn6UaYMVyAGFz11g0da9wP+qRTR5/DjB6ONzTnf5ba2oU0ABVFCbwJzCr9avCHX3IJ2rJLHpeR2sDQlztcL/WvuWkGATn/Wk8huBmbGiN4Pfez45zqKHNXNHoPWM6/8gDl9WiC+Mx9pNx64hkco0hxsFU9Xs+awRmFfftrSmTFy~-1~-1~-1; Domain=.g2a.com; Path=/; Expires=Fri, 01 Oct 2021 01:13:47 GMT; Max-Age=31536000; Secure

Redirect headers

status: 302
content-type: application/json; charset=UTF-8
content-length: 0
location: https://www.g2a.com?gname-not-found
request-id: |f755934b-06a1-4879-86fd-426ba4199e80.UOMordPv_
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 01 Oct 2020 01:13:47 GMT
set-cookie: ak_bmsc=20CB0F99BDF3E40C8E0EB8779472E6A60214841F8B2800004B2D755FE0A7225F~pljJnWsFQzHhco6+G5FThle/10fNmWMF03pxL2s3Qzik20ICJVgcDfmFysqJlNZWRkV2SASYnYDs6Io8huL/fCcW+3W8fdndaSfT7uk3efyHt/wXdN4tY9FxU4+4+wGvBQXsUAsfh0Dc1GxgzDm5or99+2cfOIXQNt9r1c71jJA4GYLFJarNu+vKPAqfML25lJ9ZnumGnBh6sZE58LwyvlCXFIS/LSPBycYrwrHuvnjgw=; expires=Thu, 01 Oct 2020 03:13:47 GMT; max-age=7200; path=/; domain=.g2a.com; HttpOnly bm_sz=1463E962055DFC85ADB16DAD085C0BD1~YAAQH4QUAnjFH9V0AQAAa+244QmIQGnH567ZIho3HJWGS5NnKGMekihHjGVYkKPh2cehYNAY71HgnA0Qs/Y1p9qKFCVysHaYOZUN+x4e8fMjd2qhbE12HFG2/K8pmz+nch/7E4D2mefgYIV1yQVHHkNEZCqoz8ybHeSGuQl0v60JqRf9YFVX4aBtsgNQ; Domain=.g2a.com; Path=/; Expires=Thu, 01 Oct 2020 05:13:47 GMT; Max-Age=14400; HttpOnly _abck=8F2983DD2FDFFAB4F815096039789B28~-1~YAAQH4QUAnnFH9V0AQAAa+244QRlPLDQaAcyofL4n8yVJw2dhmHAO8FvbbgMSVGC2LFisQU7QUHKm7biroR0SgmGhwhghN5YZFF8Clrc6qq5YAE1+gWu6ap5PHNHBNdly8T/mKhFa76hdKU3G3jzsd8PevgNs/f9VJMQKYuqHToK4IG7wPt4oaYVLZH82b3JLE/AOfM6kPtzfpeyzZmJyjKzfQeZESrxEIntxbuGMoHfnzsoMZUZ9+vzla6Hhq1DL8LnJoFJuP9gBWFDPpWCGwJx0AgFuqSdBP0HURpAwoL/K9unWV2Q~-1~-1~-1; Domain=.g2a.com; Path=/; Expires=Fri, 01 Oct 2021 01:13:47 GMT; Max-Age=31536000; Secure

GET

/
best.aliexpress.com/ Frame E91C
Redirect Chain

https://s.click.aliexpress.com/e/_d6GDFTu
https://best.aliexpress.com/?new_site=0&olp=1000018409_f_B&aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=69d07eb278d849ad9dcaec2617b5b214-1601514827052-04930-_d6GDFTu&terminal_id=376fb19...

0
0

GET
H2 200 /
www.gearbest.com/ Frame CCF3 0
0 364ms
288ms Document
text/html 104.111.217.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gearbest.com/?lkid=78540179
Requested by: Host: golead.pl
URL: https://golead.pl/p/tr9n/gHHa/2I0n
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.251 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-251.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: www.gearbest.com
:scheme: https
:path: /?lkid=78540179
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://golead.pl/p/tr9n/gHHa/2I0n
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://golead.pl/p/tr9n/gHHa/2I0n

Response headers

status: 200
content-type: text/html; charset=utf-8
x-amz-id-2: 02AzRg04Ry8V9wly0H9TuAHi8t5H+pVqNPnwmIIWu6h+eWlRA/jJtB07CLvqaIDfq6MSaL+JKSo=
x-amz-request-id: 8FCF221926DF23DC
last-modified: Thu, 01 Oct 2020 01:02:14 GMT
etag: W/"f80f48fe7b6b02897be99f9ca021437a"
access-control-allow-origin: *
access-control-allow-methods: GET, POST
ng-cache: HIT
content-encoding: gzip
content-length: 32290
x-edgeconnect-midmile-rtt: 0 0
x-edgeconnect-origin-mex-latency: 236 236
cache-control: max-age=60
expires: Thu, 01 Oct 2020 01:14:47 GMT
date: Thu, 01 Oct 2020 01:13:47 GMT
vary: Accept-Encoding User-Agent
set-cookie: AKAM_CLIENTID=0a7f0a46c63560c61f063c0e432cefdd; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com AKA_A2=A; expires=Thu, 01-Oct-2020 02:13:47 GMT; path=/; domain=gearbest.com; secure; HttpOnly

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: golead.pl
URL: https://golead.pl/p/tr9n/gHHa/2I0n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://golead.pl/p/tr9n/gHHa/2I0n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 7087
date: Wed, 30 Sep 2020 23:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 01 Oct 2020 01:15:39 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
36 B 41ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=326799411&t=pageview&_s=1&dl=https%3A%2F%2Fgolead.pl%2Fp%2Ftr9n%2FgHHa%2F2I0n&dr=http%3A%2F%2Fstrtemizlik.com%2F&ul=en-us&de=UTF-8&dt=golead.pl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2001444234&gjid=2025578552&cid=631567940.1601514827&tid=UA-110090096-2&_gid=796781054.1601514827&_r=1&_slc=1&z=324044975

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://golead.pl/p/tr9n/gHHa/2I0n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 01:13:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://golead.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect
www.google-analytics.com/ 35 B
426 B 39ms
13ms Other
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://golead.pl/p/tr9n/gHHa/2I0n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 01:13:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://golead.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
82 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-110090096-2&cid=631567940.1601514827&jid=2001444234&gjid=2025578552&_gid=796781054.1601514827&_u=IEBAAEAAAAAAAC~&z=699032908

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://golead.pl/p/tr9n/gHHa/2I0n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Oct 2020 01:13:47 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://golead.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 finger
golead.pl/ 20 B
154 B 119ms
118ms XHR
application/json 2606:4700:3037::681f:43e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://golead.pl/finger
Requested by: Host: golead.pl
URL: https://golead.pl/js/03032020.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:43e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Device-Memory: 8
Referer: https://golead.pl/p/tr9n/gHHa/2I0n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Oct 2020 01:13:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601514827"}],"group":"cf-nel","max_age":604800}
content-type: application/json
status: 200
cache-control: no-cache, private
cf-ray: 5db252b63f4a05c8-FRA
cf-request-id: 05835205e0000005c8c82a1200000001

GET
H2

200

91c11665337210ce9bf0123d58915a74 Show response
date-till-late.us/fg/s/
Redirect Chain

https://date-till-late.us/tds/cpa?tdsId=s8920hlo_r&tds_campaign=s8920hlo&utm_source=int&utm_campaign=ca539086&utm_content=135500&data2=mlClick-AwmiFsHd&utm_sub=opnfnl&s1=ps
https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&...

1 KB
1 KB

91ms
91ms

Document
text/html

3.125.134.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a
Requested by: Host: golead.pl
URL: https://golead.pl/js/03032020.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.134.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-134-118.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8cd313774383029a19506e1c9568944bb8fb94e2fca3d20b79359ce57016b5c0

Request headers

:method: GET
:authority: date-till-late.us
:scheme: https
:path: /fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://golead.pl/p/tr9n/gHHa/2I0n
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: AWSALB=P65ds8wUdmyCzy6uCJZplSzi6nxw197CDwiorM5MVOrQPAQ04ymmwtRBPJOTmP0ffmbOxjFhoXKTVw0KAwQXAPl/S7/3kqrYn65KjHSEvR3ET1qA4KPUEQkwT/l7; AWSALBCORS=P65ds8wUdmyCzy6uCJZplSzi6nxw197CDwiorM5MVOrQPAQ04ymmwtRBPJOTmP0ffmbOxjFhoXKTVw0KAwQXAPl/S7/3kqrYn65KjHSEvR3ET1qA4KPUEQkwT/l7; dci=084edc1bb25423e3cc72749c1361a256108c34b8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://golead.pl/p/tr9n/gHHa/2I0n

Response headers

status: 200
date: Thu, 01 Oct 2020 01:13:47 GMT
content-type: text/html
server: nginx
set-cookie: AWSALB=GMLX0qf9by0zoYrvFHF5Yo7QX65aghfEcLjLllyJuxJ0GLcqEDPI1omZw7gAMwOSv1UNfESaSX+O7YpJR0bMe0e4sBpnNdWm8NQADZ/bLztKN/IFWPpUo1neaM3u; Expires=Thu, 08 Oct 2020 01:13:47 GMT; Path=/ AWSALBCORS=GMLX0qf9by0zoYrvFHF5Yo7QX65aghfEcLjLllyJuxJ0GLcqEDPI1omZw7gAMwOSv1UNfESaSX+O7YpJR0bMe0e4sBpnNdWm8NQADZ/bLztKN/IFWPpUo1neaM3u; Expires=Thu, 08 Oct 2020 01:13:47 GMT; Path=/; SameSite=None; Secure
accept-ch: UA, Platform, Model, Mobile, Arch
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

status: 302
date: Thu, 01 Oct 2020 01:13:47 GMT
server: nginx
set-cookie: AWSALB=P65ds8wUdmyCzy6uCJZplSzi6nxw197CDwiorM5MVOrQPAQ04ymmwtRBPJOTmP0ffmbOxjFhoXKTVw0KAwQXAPl/S7/3kqrYn65KjHSEvR3ET1qA4KPUEQkwT/l7; Expires=Thu, 08 Oct 2020 01:13:47 GMT; Path=/ AWSALBCORS=P65ds8wUdmyCzy6uCJZplSzi6nxw197CDwiorM5MVOrQPAQ04ymmwtRBPJOTmP0ffmbOxjFhoXKTVw0KAwQXAPl/S7/3kqrYn65KjHSEvR3ET1qA4KPUEQkwT/l7; Expires=Thu, 08 Oct 2020 01:13:47 GMT; Path=/; SameSite=None; Secure dci=084edc1bb25423e3cc72749c1361a256108c34b8; Max-Age=31536000; Domain=.date-till-late.us; Path=/; Expires=Fri, 01 Oct 2021 01:13:47 GMT; Secure; SameSite=None
accept-ch: UA, Platform, Model, Mobile, Arch
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
access-control-allow-origin: *
location: /fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a

GET
H2 200 style.css
date-till-late.us/fg/ 1 KB
920 B 78ms
77ms Stylesheet
text/css 3.125.134.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://date-till-late.us/fg/style.css
Requested by: Host: date-till-late.us
URL: https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.134.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-134-118.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ea929ab07b7bf2a8848a25d3073bbf9b6b6c9bad34196d4f41e7ae5cbd84bc62

Request headers

Referer: https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:47 GMT
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 07:03:33 GMT
server: nginx
etag: W/"4b6-174d8ac6d88"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
status: 200
cache-control: public, max-age=6
accept-ranges: bytes

GET
H2 200 script.js Show response
date-till-late.us/fg/ 1 KB
1018 B 79ms
78ms Script
application/javascript 3.125.134.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://date-till-late.us/fg/script.js
Requested by: Host: date-till-late.us
URL: https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.134.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-134-118.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 25155bd764665f1335dec24598d5a787888b0faf12c5f03ef4fb58891bff430b

Request headers

Referer: https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:47 GMT
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 07:03:33 GMT
server: nginx
etag: W/"4d6-174d8ac6d88"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=6
accept-ranges: bytes

GET
H2 200 t
date-till-late.us/fg/ 35 B
554 B 92ms
91ms Image
image/gif 3.125.134.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://date-till-late.us/fg/t?_=1601514827620
Requested by: Host: date-till-late.us
URL: https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.134.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-134-118.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 01 Oct 2020 01:13:47 GMT
server: nginx
accept-ch: UA, Platform, Model, Mobile, Arch
content-type: image/gif
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 8871b6e5dd5347f70db643ace286f45b
typerock.com/43fbb6270523e1760fa5f0d2579dea07/ 35 B
722 B 157ms
86ms Image
image/gif 52.28.200.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://typerock.com/43fbb6270523e1760fa5f0d2579dea07/8871b6e5dd5347f70db643ace286f45b?tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&dci=084edc1bb25423e3cc72749c1361a256108c34b8
Requested by: Host: date-till-late.us
URL: https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.200.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-200-0.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:47 GMT
server: nginx
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ch: UA, Platform, Model, Mobile, Arch
content-type: image/gif

GET
H2 200 t2
date-till-late.us/fg/ 35 B
551 B 89ms
88ms Image
image/gif 3.125.134.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://date-till-late.us/fg/t2?_=1601514827620
Requested by: Host: date-till-late.us
URL: https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.134.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-134-118.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 01 Oct 2020 01:13:47 GMT
server: nginx
accept-ch: UA, Platform, Model, Mobile, Arch
content-type: image/gif
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

interlayer Show response
date-till-late.us/tds/
Redirect Chain

https://date-till-late.us/fg/tds/cpa?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&tds_...
https://date-till-late.us/tds/interlayer?handler=BackofferOnExternalOffer&referer=https%3A%2F%2Ftrack.clickchewer.com%2Faff_c%3Foffer_id%3D3793%26aff_id%3D2562%26aff_click_id%3D67bdad24332b042de301...

795 B
973 B

86ms
85ms

Document
text/html

3.125.134.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://date-till-late.us/tds/interlayer?handler=BackofferOnExternalOffer&referer=https%3A%2F%2Ftrack.clickchewer.com%2Faff_c%3Foffer_id%3D3793%26aff_id%3D2562%26aff_click_id%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26aff_sub%3D31c03c89_135500%26tds_cid%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26tds_campaign%3Db3957mar&placement=lp&cid=67bdad24332b042de30171fb8541a1ec72b0baa8&addtl_qs=tds_ac_id%3Ds8920hlo%26tds_host%3Ddate-till-late.us%26p_tds_cid%3D%26utm_campaign%3Dca539086%26utm_source%3Dint%26utm_content%3D135500%26data2%3DmlClick-AwmiFsHd%26s1%3Dps
Requested by: Host: date-till-late.us
URL: https://date-till-late.us/fg/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.134.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-134-118.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 75d91efaf2673335460b2bb5b7709108880428db60e29a370b0b8f23ea07c601

Request headers

:method: GET
:authority: date-till-late.us
:scheme: https
:path: /tds/interlayer?handler=BackofferOnExternalOffer&referer=https%3A%2F%2Ftrack.clickchewer.com%2Faff_c%3Foffer_id%3D3793%26aff_id%3D2562%26aff_click_id%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26aff_sub%3D31c03c89_135500%26tds_cid%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26tds_campaign%3Db3957mar&placement=lp&cid=67bdad24332b042de30171fb8541a1ec72b0baa8&addtl_qs=tds_ac_id%3Ds8920hlo%26tds_host%3Ddate-till-late.us%26p_tds_cid%3D%26utm_campaign%3Dca539086%26utm_source%3Dint%26utm_content%3D135500%26data2%3DmlClick-AwmiFsHd%26s1%3Dps
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dci=084edc1bb25423e3cc72749c1361a256108c34b8; AWSALB=AkrJ8GYe6WbFuHXEcARxaWOlYPlbKPWWaKAjJhcV1lN297xYDCr5wjCSJMr4Bjc1Z2i6cPI5Lhd9RMrXhBCU85dEPFf7UmAxQfGuqD0BOQtdVoXQyDseVy9CMA8Y; AWSALBCORS=AkrJ8GYe6WbFuHXEcARxaWOlYPlbKPWWaKAjJhcV1lN297xYDCr5wjCSJMr4Bjc1Z2i6cPI5Lhd9RMrXhBCU85dEPFf7UmAxQfGuqD0BOQtdVoXQyDseVy9CMA8Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://date-till-late.us/fg/s/91c11665337210ce9bf0123d58915a74?utm_campaign=ca539086&utm_source=int&tds_campaign=s8920hlo&s1=ps&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&utm_content=135500&data2=mlClick-AwmiFsHd&__t=1601514827528&__l=60&tds_id=s8920hlo_r&tds_oid=a

Response headers

status: 200
date: Thu, 01 Oct 2020 01:13:48 GMT
content-type: text/html
server: nginx
set-cookie: AWSALB=vJoqz9ZRvtNfnYkgOBFJQgSwPcwjahWje1Nt9lLLupLMGGAQbRSpqpgV//zF8vnMmmj2fyoLDh5jsAZDMKY/Scn+TZNRDToeSMwHQAhNLlSjXMNv299U3qTJB7RJ; Expires=Thu, 08 Oct 2020 01:13:48 GMT; Path=/ AWSALBCORS=vJoqz9ZRvtNfnYkgOBFJQgSwPcwjahWje1Nt9lLLupLMGGAQbRSpqpgV//zF8vnMmmj2fyoLDh5jsAZDMKY/Scn+TZNRDToeSMwHQAhNLlSjXMNv299U3qTJB7RJ; Expires=Thu, 08 Oct 2020 01:13:48 GMT; Path=/; SameSite=None; Secure
accept-ch: UA, Platform, Model, Mobile, Arch
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

status: 302
date: Thu, 01 Oct 2020 01:13:48 GMT
location: https://date-till-late.us/tds/interlayer?handler=BackofferOnExternalOffer&referer=https%3A%2F%2Ftrack.clickchewer.com%2Faff_c%3Foffer_id%3D3793%26aff_id%3D2562%26aff_click_id%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26aff_sub%3D31c03c89_135500%26tds_cid%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26tds_campaign%3Db3957mar&placement=lp&cid=67bdad24332b042de30171fb8541a1ec72b0baa8&addtl_qs=tds_ac_id%3Ds8920hlo%26tds_host%3Ddate-till-late.us%26p_tds_cid%3D%26utm_campaign%3Dca539086%26utm_source%3Dint%26utm_content%3D135500%26data2%3DmlClick-AwmiFsHd%26s1%3Dps
server: nginx
set-cookie: AWSALB=AkrJ8GYe6WbFuHXEcARxaWOlYPlbKPWWaKAjJhcV1lN297xYDCr5wjCSJMr4Bjc1Z2i6cPI5Lhd9RMrXhBCU85dEPFf7UmAxQfGuqD0BOQtdVoXQyDseVy9CMA8Y; Expires=Thu, 08 Oct 2020 01:13:47 GMT; Path=/ AWSALBCORS=AkrJ8GYe6WbFuHXEcARxaWOlYPlbKPWWaKAjJhcV1lN297xYDCr5wjCSJMr4Bjc1Z2i6cPI5Lhd9RMrXhBCU85dEPFf7UmAxQfGuqD0BOQtdVoXQyDseVy9CMA8Y; Expires=Thu, 08 Oct 2020 01:13:47 GMT; Path=/; SameSite=None; Secure dci=084edc1bb25423e3cc72749c1361a256108c34b8; Max-Age=31536000; Domain=.date-till-late.us; Path=/; Expires=Fri, 01 Oct 2021 01:13:48 GMT; Secure; SameSite=None
accept-ch: UA, Platform, Model, Mobile, Arch
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2 200 mtu-integration.js Show response
date-till-late.us/ 4 KB
2 KB 78ms
78ms Script
application/javascript 3.125.134.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://date-till-late.us/mtu-integration.js
Requested by: Host: date-till-late.us
URL: https://date-till-late.us/tds/interlayer?handler=BackofferOnExternalOffer&referer=https%3A%2F%2Ftrack.clickchewer.com%2Faff_c%3Foffer_id%3D3793%26aff_id%3D2562%26aff_click_id%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26aff_sub%3D31c03c89_135500%26tds_cid%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26tds_campaign%3Db3957mar&placement=lp&cid=67bdad24332b042de30171fb8541a1ec72b0baa8&addtl_qs=tds_ac_id%3Ds8920hlo%26tds_host%3Ddate-till-late.us%26p_tds_cid%3D%26utm_campaign%3Dca539086%26utm_source%3Dint%26utm_content%3D135500%26data2%3DmlClick-AwmiFsHd%26s1%3Dps
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.134.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-134-118.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 53cecb6be58650103848b99f7baf48d1fbbf4491100536852d521f80328a66a5

Request headers

Referer: https://date-till-late.us/tds/interlayer?handler=BackofferOnExternalOffer&referer=https%3A%2F%2Ftrack.clickchewer.com%2Faff_c%3Foffer_id%3D3793%26aff_id%3D2562%26aff_click_id%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26aff_sub%3D31c03c89_135500%26tds_cid%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26tds_campaign%3Db3957mar&placement=lp&cid=67bdad24332b042de30171fb8541a1ec72b0baa8&addtl_qs=tds_ac_id%3Ds8920hlo%26tds_host%3Ddate-till-late.us%26p_tds_cid%3D%26utm_campaign%3Dca539086%26utm_source%3Dint%26utm_content%3D135500%26data2%3DmlClick-AwmiFsHd%26s1%3Dps
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:48 GMT
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 07:03:33 GMT
server: nginx
etag: W/"e00-174d8ac6d88"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=6
accept-ranges: bytes

GET
H2

200

Primary Request landing2 Show response
www.amoureuxchauds.com/
Redirect Chain

https://track.clickchewer.com/aff_c?offer_id=3793&aff_id=2562&aff_click_id=67bdad24332b042de30171fb8541a1ec72b0baa8&aff_sub=31c03c89_135500&tds_cid=67bdad24332b042de30171fb8541a1ec72b0baa8&tds_camp...
https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

17 KB
4 KB

365ms
272ms

Document
text/html

34.65.131.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Requested by

Host: date-till-late.us
URL: https://date-till-late.us/mtu-integration.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.65.131.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

97.131.65.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) / PHP/7.2.33

Resource Hash

a35bbe3d83217318f6a79bcbbae7b1af3534ad87ff649bf6357498897e59777a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.amoureuxchauds.com
:scheme: https
:path: /landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://date-till-late.us/tds/interlayer?handler=BackofferOnExternalOffer&referer=https%3A%2F%2Ftrack.clickchewer.com%2Faff_c%3Foffer_id%3D3793%26aff_id%3D2562%26aff_click_id%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26aff_sub%3D31c03c89_135500%26tds_cid%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26tds_campaign%3Db3957mar&placement=lp&cid=67bdad24332b042de30171fb8541a1ec72b0baa8&addtl_qs=tds_ac_id%3Ds8920hlo%26tds_host%3Ddate-till-late.us%26p_tds_cid%3D%26utm_campaign%3Dca539086%26utm_source%3Dint%26utm_content%3D135500%26data2%3DmlClick-AwmiFsHd%26s1%3Dps
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://date-till-late.us/tds/interlayer?handler=BackofferOnExternalOffer&referer=https%3A%2F%2Ftrack.clickchewer.com%2Faff_c%3Foffer_id%3D3793%26aff_id%3D2562%26aff_click_id%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26aff_sub%3D31c03c89_135500%26tds_cid%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26tds_campaign%3Db3957mar&placement=lp&cid=67bdad24332b042de30171fb8541a1ec72b0baa8&addtl_qs=tds_ac_id%3Ds8920hlo%26tds_host%3Ddate-till-late.us%26p_tds_cid%3D%26utm_campaign%3Dca539086%26utm_source%3Dint%26utm_content%3D135500%26data2%3DmlClick-AwmiFsHd%26s1%3Dps

Response headers

status: 200
server: nginx/1.10.3 (Ubuntu)
date: Thu, 01 Oct 2020 01:13:48 GMT
content-type: text/html;charset=UTF-8
content-length: 3759
x-powered-by: PHP/7.2.33
x-host: amoureuxchauds.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 130787227
age: 0
x-cache: MISS
accept-ranges: bytes
via: 1.1 varnish (Varnish/6.0), 1.1 google
alt-svc: clear
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

Redirect headers

Server: nginx
Date: Thu, 01 Oct 2020 01:13:48 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 306
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
tracking_id: 102c341607cdce5b646a425ce4cb73
Location: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
Set-Cookie: enc_aff_session_3793=ENC03bdfd0d1f12ec79ddc9e46ed9a2f4823421cec4dbc1edd92b6cbf54e92e93d7bd2c9a8efafdf999364e10821b0841c512e120f29bfec9138b3f0d892afb5079841e933a3b5ab0e95291edf771a03970c9ebb0e8fa7cc5f4059229d591995f08e8edf664ba3ba2d748ec0c0fbdc4e2fd7b8bbd97c0db1978adc097d96be4d8664872bc64b04e0f95f5006471a108508301ee36bd116b0c5e9d380e19847393c29b20d4afdaf98ca44d140c1594c6ef78dccd6b3ce962e1d162691e90f581f30f20a4c5789a439d3ac325eea06bbb88da70d13e5cf0919fbb9ba56f74ecaf1658570f72b460eca69560f25f08161016b3806b1ae5ac3ef7b26e4278d5110878c722441b787dbe8c2c7a3b32c9eff7b27544d3069b69220f878257606ce8787bbfc66298d0207e120e29de6a6e03d63886e814e23baf8989650f6a4f73702813fba395bca701b49e7405183bc83b587e98888ec1f29bc025ac7a60c3f83733e0f72434da2eb958579c27fe216bb8ac2a1afdb5c56952a2492b0baba4909af5e48ff94c5c9147ef3d61dd146c172c93996d33a04c12340073faedc9022e045951e85beed723d7341c99a7f40343158c41e0fa0be13dea155267a0c7fa53bbc814c99e2d7fe0db; expires=Sat, 31 Oct 2020 01:13:48 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sat, 26 Aug 2023 11:53:48 GMT; path=/; SameSite=None; Secure
P3P: CP="NOI CUR OUR NOR INT"
Access-Control-Allow-Origin: *
X-Request-Id: cfa4b4a086bf3c11d8b00ef9351fe048
Access-Control-Allow-Headers: Tune-SDK-Version

GET
H2 200 landing2.css
www.amoureuxchauds.com/landers/css/ 29 KB
5 KB 55ms
54ms Stylesheet
text/css 34.65.131.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amoureuxchauds.com/landers/css/landing2.css

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.65.131.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

97.131.65.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) / PHP/7.2.33

Resource Hash

fccd53cf3f832213c2fce8257028a53e1fb801a2af2a8889e3fad23a9bef61fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-powered-by: PHP/7.2.33
x-cache: HIT
status: 200
x-host: amoureuxchauds.com
alt-svc: clear
content-length: 4747
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
x-varnish: 130542074 126835220
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: text/css;charset=UTF-8

GET
H2 200 pornhub.css
www.amoureuxchauds.com/landers/css/theme/ 9 KB
2 KB 56ms
55ms Stylesheet
text/css 34.65.131.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amoureuxchauds.com/landers/css/theme/pornhub.css

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.65.131.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

97.131.65.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) / PHP/7.2.33

Resource Hash

75347c27f3342e2a411ac9bb78150e8fe20070314a6e025b68a1cd377da14cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-powered-by: PHP/7.2.33
x-cache: HIT
status: 200
x-host: amoureuxchauds.com
alt-svc: clear
content-length: 1613
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
x-varnish: 171967573 119005605
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: text/css;charset=UTF-8

GET
H2 200 fontawesome-all.min.css
www.amoureuxchauds.com/landers/css/ 50 KB
11 KB 72ms
71ms Stylesheet
text/css 34.65.131.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amoureuxchauds.com/landers/css/fontawesome-all.min.css

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.65.131.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

97.131.65.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
status: 200
alt-svc: clear
content-length: 10650
last-modified: Fri, 11 Sep 2020 08:05:41 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5f5b2fd5-c970"
strict-transport-security: max-age=63072000;
x-varnish: 172098014 163576167
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: text/css

GET
H2 200 loading.gif
www.amoureuxchauds.com/landers/images/logos/ 3 KB
3 KB 52ms
52ms Image
image/gif 34.65.131.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.amoureuxchauds.com/landers/images/logos/loading.gif

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.65.131.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

97.131.65.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:48 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
status: 200
alt-svc: clear
content-length: 2892
last-modified: Fri, 11 Sep 2020 08:05:41 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5f5b2fd5-b4c"
strict-transport-security: max-age=63072000;
x-varnish: 172066921 168379672
cache-control: max-age=300
accept-ranges: bytes
content-type: image/gif

GET
H2 200 vendor.js Show response
www.amoureuxchauds.com/landers/js/ 121 KB
43 KB 55ms
54ms Script
application/javascript 34.65.131.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amoureuxchauds.com/landers/js/vendor.js

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.65.131.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

97.131.65.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

81203ed8e39c0a0c6b37473475a299749c284984c2316b8c501b1eec779f2f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
status: 200
alt-svc: clear
content-length: 43541
last-modified: Fri, 11 Sep 2020 08:05:47 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5f5b2fdb-1e2ae"
strict-transport-security: max-age=63072000;
x-varnish: 209177188 206088395
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 fa-solid-900.woff2
www.amoureuxchauds.com/landers/webfonts/ 90 KB
90 KB 54ms
54ms Font
application/octet-stream 34.65.131.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amoureuxchauds.com/landers/webfonts/fa-solid-900.woff2

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landers/css/fontawesome-all.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.65.131.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

97.131.65.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.amoureuxchauds.com
Referer: https://www.amoureuxchauds.com/landers/css/fontawesome-all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:48 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
status: 200
alt-svc: clear
content-length: 91792
last-modified: Fri, 11 Sep 2020 08:05:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5f5b2fd6-16690"
strict-transport-security: max-age=63072000;
x-varnish: 130787232 127735029
cache-control: max-age=300
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 cc.js Show response
recueillirleconsentement.com/ 117 KB
14 KB 145ms
75ms Script
application/javascript 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recueillirleconsentement.com/cc.js?wId=53Paie8KARDP1kFcHMhD08&domain=amoureuxchauds.com&languageCode=fr&languageTerritory=FR&sessionId=d1290afe61a14d33b882593e6a1bea13

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

089429399b84925317f116f07b973b9bd835bc5421b6c49bbd3c9372f730661e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
status: 200
strict-transport-security: max-age=63072000;
content-length: 14077

GET
H2 200 landing2.js Show response
www.amoureuxchauds.com/landers/js/ 46 KB
13 KB 54ms
53ms Script
application/javascript 34.65.131.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amoureuxchauds.com/landers/js/landing2.js

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.65.131.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

97.131.65.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

74659d9d9efceb0d08490ffacf4b7277fda4ccc3fe138dacfe57fd30f3c6d078

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
status: 200
alt-svc: clear
content-length: 12801
last-modified: Fri, 11 Sep 2020 08:05:47 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5f5b2fdb-b8f4"
strict-transport-security: max-age=63072000;
x-varnish: 130351093 127679052
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landers/js/landing2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 2408
date: Thu, 01 Oct 2020 00:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 01 Oct 2020 02:33:41 GMT

GET
H2 200 fr-fr2.json Show response
static.dating/lander/translations/ 125 KB
126 KB 83ms
27ms XHR
application/octet-stream 35.227.221.175
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dating/lander/translations/fr-fr2.json
Requested by: Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landers/js/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.221.175 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.221.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bbdf0af3591511937ca0dfd95e08c9ef0ed4674fe04c3ec2c79e4b86919f6afe

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:02:27 GMT
age: 682
x-guploader-uploadid: ABg5-UxsTInRZtlCRRxCmNAE2N3XLWvirsCts-Ubp5GqTHCfoGm9U4Z07RT635A0CNt1h8-lnfu-6_Y0qt4z8Aan_jjl9rhW4A
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 128038
last-modified: Mon, 31 Aug 2020 14:58:05 GMT
server: UploadServer
etag: "edf91417fae000a55185d82a6ed2a650"
x-goog-hash: crc32c=W+SfjQ==, md5=7fkUF/rgAKVRhdgqbtKmUA==
x-goog-generation: 1598885885922930
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 128038
accept-ranges: bytes
content-type: application/octet-stream
expires: Thu, 01 Oct 2020 02:02:27 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
72 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=196339448&t=pageview&_s=1&dl=https%3A%2F%2Fwww.amoureuxchauds.com%2Flanding2%3Fcat%3Dmilf%26pt1%3D102c341607cdce5b646a425ce4cb73%26pi%3D2562%26pe%3D31c03c89_135500&dr=https%3A%2F%2Fdate-till-late.us%2Ftds%2Finterlayer%3Fhandler%3DBackofferOnExternalOffer%26referer%3Dhttps%253A%252F%252Ftrack.clickchewer.com%252Faff_c%253Foffer_id%253D3793%2526aff_id%253D2562%2526aff_click_id%253D67bdad24332b042de30171fb8541a1ec72b0baa8%2526aff_sub%253D31c03c89_135500%2526tds_cid%253D67bdad24332b042de30171fb8541a1ec72b0baa8%2526tds_campaign%253Db3957mar%26placement%3Dlp%26cid%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26addtl_qs%3Dtds_ac_id%253Ds8920hlo%2526tds_host%253Ddate-till-late.us%2526p_tds_cid%253D%2526utm_campaign%253Dca539086%2526utm_source%253Dint%2526utm_content%253D135500%2526data2%253DmlClick-AwmiFsHd%2526s1%253Dps&ul=en-us&de=UTF-8&dt=amoureuxchauds.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABEAAAAC~&jid=580417899&gjid=694651648&cid=1878767444.1601514829&tid=UA-132064855-2&_gid=410199852.1601514829&_r=1&_slc=1&z=1612191748

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 01:13:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.amoureuxchauds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
26 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=196339448&t=pageview&_s=1&dl=https%3A%2F%2Fwww.amoureuxchauds.com%2Flanding2%3Fcat%3Dmilf%26pt1%3D102c341607cdce5b646a425ce4cb73%26pi%3D2562%26pe%3D31c03c89_135500&dr=https%3A%2F%2Fdate-till-late.us%2Ftds%2Finterlayer%3Fhandler%3DBackofferOnExternalOffer%26referer%3Dhttps%253A%252F%252Ftrack.clickchewer.com%252Faff_c%253Foffer_id%253D3793%2526aff_id%253D2562%2526aff_click_id%253D67bdad24332b042de30171fb8541a1ec72b0baa8%2526aff_sub%253D31c03c89_135500%2526tds_cid%253D67bdad24332b042de30171fb8541a1ec72b0baa8%2526tds_campaign%253Db3957mar%26placement%3Dlp%26cid%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26addtl_qs%3Dtds_ac_id%253Ds8920hlo%2526tds_host%253Ddate-till-late.us%2526p_tds_cid%253D%2526utm_campaign%253Dca539086%2526utm_source%253Dint%2526utm_content%253D135500%2526data2%253DmlClick-AwmiFsHd%2526s1%253Dps&ul=en-us&de=UTF-8&dt=amoureuxchauds.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABEAAAAC~&jid=1183877201&gjid=111262255&cid=1878767444.1601514829&tid=UA-132064855-5&_gid=410199852.1601514829&_r=1&_slc=1&z=989077206

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 01:13:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.amoureuxchauds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
26 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=196339448&t=pageview&_s=1&dl=https%3A%2F%2Fwww.amoureuxchauds.com%2Flanding2%3Fcat%3Dmilf%26pt1%3D102c341607cdce5b646a425ce4cb73%26pi%3D2562%26pe%3D31c03c89_135500&dr=https%3A%2F%2Fdate-till-late.us%2Ftds%2Finterlayer%3Fhandler%3DBackofferOnExternalOffer%26referer%3Dhttps%253A%252F%252Ftrack.clickchewer.com%252Faff_c%253Foffer_id%253D3793%2526aff_id%253D2562%2526aff_click_id%253D67bdad24332b042de30171fb8541a1ec72b0baa8%2526aff_sub%253D31c03c89_135500%2526tds_cid%253D67bdad24332b042de30171fb8541a1ec72b0baa8%2526tds_campaign%253Db3957mar%26placement%3Dlp%26cid%3D67bdad24332b042de30171fb8541a1ec72b0baa8%26addtl_qs%3Dtds_ac_id%253Ds8920hlo%2526tds_host%253Ddate-till-late.us%2526p_tds_cid%253D%2526utm_campaign%253Dca539086%2526utm_source%253Dint%2526utm_content%253D135500%2526data2%253DmlClick-AwmiFsHd%2526s1%253Dps&ul=en-us&de=UTF-8&dt=amoureuxchauds.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABEAAAAC~&jid=791945320&gjid=360013567&cid=1878767444.1601514829&tid=UA-131056979-7&_gid=410199852.1601514829&_r=1&_slc=1&z=754255868

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 01:13:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.amoureuxchauds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 set01_01.jpg
www.amoureuxchauds.com/landers/images/sets/milf/default/ 48 KB
48 KB 57ms
54ms Image
image/jpeg 34.65.131.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.amoureuxchauds.com/landers/images/sets/milf/default/set01_01.jpg?geo=fr

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.65.131.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

97.131.65.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

906936ed4ce6cb2fbf024f65e50a69b58e12422120cc7d9ecf0d6259da974240

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:49 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
status: 200
alt-svc: clear
content-length: 49122
last-modified: Fri, 11 Sep 2020 08:05:41 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5f5b2fd5-bfe2"
strict-transport-security: max-age=63072000;
x-varnish: 209301514 206024321
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 set02_01.jpg
www.amoureuxchauds.com/landers/images/sets/milf/default/ 28 KB
28 KB 62ms
59ms Image
image/jpeg 34.65.131.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.amoureuxchauds.com/landers/images/sets/milf/default/set02_01.jpg?geo=fr

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.65.131.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

97.131.65.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

5cd4e7b91f31009cba3ed052e6fadde1e5011756119ace23ccb526adf164fb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:49 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
status: 200
alt-svc: clear
content-length: 28487
last-modified: Fri, 11 Sep 2020 08:05:41 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5f5b2fd5-6f47"
strict-transport-security: max-age=63072000;
x-varnish: 208888751 206024572
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 set03_01.jpg
www.amoureuxchauds.com/landers/images/sets/milf/default/ 48 KB
48 KB 57ms
55ms Image
image/jpeg 34.65.131.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.amoureuxchauds.com/landers/images/sets/milf/default/set03_01.jpg?geo=fr

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.65.131.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

97.131.65.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

86943b8924beb2866da2217e56461d97e246817361528d16dfa96af03d3c4a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:49 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
status: 200
alt-svc: clear
content-length: 49116
last-modified: Fri, 11 Sep 2020 08:05:41 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5f5b2fd5-bfdc"
strict-transport-security: max-age=63072000;
x-varnish: 209177190 205995275
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 set01_02.jpg
www.amoureuxchauds.com/landers/images/sets/milf/default/ 43 KB
43 KB 54ms
52ms Image
image/jpeg 34.65.131.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.amoureuxchauds.com/landers/images/sets/milf/default/set01_02.jpg?geo=fr

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.65.131.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

97.131.65.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

7802ee99bec40d78a20fb6d0855a8d848cac2e52ff5368cb5309db77463e3f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:49 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
status: 200
alt-svc: clear
content-length: 43583
last-modified: Fri, 11 Sep 2020 08:05:41 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5f5b2fd5-aa3f"
strict-transport-security: max-age=63072000;
x-varnish: 172098016 168580384
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 set02_02.jpg
www.amoureuxchauds.com/landers/images/sets/milf/default/ 28 KB
28 KB 57ms
55ms Image
image/jpeg 34.65.131.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.amoureuxchauds.com/landers/images/sets/milf/default/set02_02.jpg?geo=fr

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.65.131.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

97.131.65.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9f26f33a35299754588c3af5dbab72b1c3d5570a67d564191e80eccc859d18f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:49 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
status: 200
alt-svc: clear
content-length: 28198
last-modified: Fri, 11 Sep 2020 08:05:41 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5f5b2fd5-6e26"
strict-transport-security: max-age=63072000;
x-varnish: 208815483 205715240
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 set03_02.jpg
www.amoureuxchauds.com/landers/images/sets/milf/default/ 44 KB
44 KB 60ms
59ms Image
image/jpeg 34.65.131.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.amoureuxchauds.com/landers/images/sets/milf/default/set03_02.jpg?geo=fr

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.65.131.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

97.131.65.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a8450befaa42cf4bb52df86fcbed761c8fdfbf4836ec0d0d41dc7aa5c7a70638

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:49 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
status: 200
alt-svc: clear
content-length: 44997
last-modified: Fri, 11 Sep 2020 08:05:41 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5f5b2fd5-afc5"
strict-transport-security: max-age=63072000;
x-varnish: 172066923 166518363
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
26 B 45ms
17ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-132064855-2&cid=1878767444.1601514829&jid=580417899&gjid=694651648&_gid=410199852.1601514829&_u=KEBAAEAAEAAAAC~&z=971554916

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Oct 2020 01:13:49 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.amoureuxchauds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 43ms
17ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-132064855-5&cid=1878767444.1601514829&jid=1183877201&gjid=111262255&_gid=410199852.1601514829&_u=KEDAAEABEAAAAC~&z=1592998205

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Oct 2020 01:13:49 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.amoureuxchauds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 19ms
17ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-132064855-5&cid=1878767444.1601514829&jid=1183877201&_u=KEDAAEABEAAAAC~&z=1166857531

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 01:13:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 19ms
18ms Image
image/gif 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-132064855-5&cid=1878767444.1601514829&jid=1183877201&_u=KEDAAEABEAAAAC~&z=1166857531

Requested by

Host: www.amoureuxchauds.com
URL: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 01:13:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 collector
api.recueillirleconsentement.com/consent/ Frame 0
0 101ms
30ms Other
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recueillirleconsentement.com/consent/collector
Protocol: H2
Server: 35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 35.163.195.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.amoureuxchauds.com
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.amoureuxchauds.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type

GET
H2 200 cc.css
recueillirleconsentement.com/ 24 KB
4 KB 30ms
29ms Stylesheet
text/css 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recueillirleconsentement.com/cc.css

Requested by

Host: recueillirleconsentement.com
URL: https://recueillirleconsentement.com/cc.js?wId=53Paie8KARDP1kFcHMhD08&domain=amoureuxchauds.com&languageCode=fr&languageTerritory=FR&sessionId=d1290afe61a14d33b882593e6a1bea13

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

609cd9b4c6bca52121089a59922f3cf45504d53ed82e4ad8144d403c3ac87359

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 01:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 May 2019 05:11:03 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5ea8-588595c2a195e-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 3808

POST
H2 200 collector Show response
api.recueillirleconsentement.com/consent/ 4 KB
4 KB 51ms
50ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recueillirleconsentement.com/consent/collector

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

7dd1bc81c516c3c646fe2344c9e3eca21303200eae9c859f1064b9699c007166

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Oct 2020 01:13:49 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
status: 200
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.amoureuxchauds.com
access-control-allow-credentials: true
content-length: 4103

OPTIONS
H2 200 loadSegment
api.recueillirleconsentement.com/consent/ Frame 0
0 27ms
27ms Other
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recueillirleconsentement.com/consent/loadSegment
Protocol: H2
Server: 35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 35.163.195.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.amoureuxchauds.com
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.amoureuxchauds.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type

POST
H2 200 loadSegment Show response
api.recueillirleconsentement.com/consent/ 367 B
583 B 32ms
32ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recueillirleconsentement.com/consent/loadSegment

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

559e62a076a110ae71f6742f2b89a4610ba160b905bf2f577e3125fc0c5aece2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Oct 2020 01:13:49 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
status: 200
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.amoureuxchauds.com
access-control-allow-credentials: true
content-length: 367

OPTIONS
H2 200 loadSegment
api.recueillirleconsentement.com/consent/ Frame 0
0 28ms
27ms Other
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recueillirleconsentement.com/consent/loadSegment
Protocol: H2
Server: 35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 35.163.195.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.amoureuxchauds.com
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.amoureuxchauds.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type

POST
H2 200 loadSegment Show response
api.recueillirleconsentement.com/consent/ 1003 B
1 KB 31ms
31ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recueillirleconsentement.com/consent/loadSegment

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

2a1e15cc8fdbe5496400fe90ba44e4781dc022d181c816573ff43a1fd7f4eb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Oct 2020 01:13:49 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
status: 200
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.amoureuxchauds.com
access-control-allow-credentials: true
content-length: 1003

OPTIONS
H2 200 confirmExplicit
api.recueillirleconsentement.com/consent/ Frame 0
0 28ms
28ms Other
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recueillirleconsentement.com/consent/confirmExplicit
Protocol: H2
Server: 35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 35.163.195.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.amoureuxchauds.com
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.amoureuxchauds.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type

POST
H2 200 confirmExplicit Show response
api.recueillirleconsentement.com/consent/ 0
214 B 46ms
46ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recueillirleconsentement.com/consent/confirmExplicit

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amoureuxchauds.com/landing2?cat=milf&pt1=102c341607cdce5b646a425ce4cb73&pi=2562&pe=31c03c89_135500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Oct 2020 01:13:49 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
status: 200
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.amoureuxchauds.com
access-control-allow-credentials: true
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: best.aliexpress.com
URL: https://best.aliexpress.com/?new_site=0&olp=1000018409_f_B&aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=69d07eb278d849ad9dcaec2617b5b214-1601514827052-04930-_d6GDFTu&terminal_id=376fb19aa9f24fca8d6b2c19388fc609

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amoureuxchauds.com/	1970-01-19 12:51:54	Name: _gat_c Value: 1
.amoureuxchauds.com/	1970-01-19 12:51:54	Name: _gat_b Value: 1
.amoureuxchauds.com/	1970-01-19 12:51:54	Name: _gat_a Value: 1
.amoureuxchauds.com/	1970-01-19 12:53:21	Name: _gid Value: GA1.2.410199852.1601514829
.amoureuxchauds.com/	1970-01-20 06:23:06	Name: _ga Value: GA1.2.1878767444.1601514829

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.recueillirleconsentement.com
best.aliexpress.com
date-till-late.us
golead.pl
recueillirleconsentement.com
static.dating
stats.g.doubleclick.net
strtemizlik.com
track.clickchewer.com
typerock.com
www.amoureuxchauds.com
www.g2a.com
www.gearbest.com
www.google-analytics.com
www.google.com
www.google.de
best.aliexpress.com
104.111.217.251
184.25.217.253
185.124.85.148
2606:4700:3037::681f:43e9
2a00:1450:4001:819::2003
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9a
2a00:1450:400c:c0c::9d
3.125.134.118
34.243.194.20
34.65.131.97
35.195.163.35
35.227.221.175
52.28.200.0
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
089429399b84925317f116f07b973b9bd835bc5421b6c49bbd3c9372f730661e
19e3d90b0a1dff1466b9654066122a0838c8d744d2951f1c3f8c3349e6d74c5c
25155bd764665f1335dec24598d5a787888b0faf12c5f03ef4fb58891bff430b
2a1e15cc8fdbe5496400fe90ba44e4781dc022d181c816573ff43a1fd7f4eb86
4a0dd05cafdce90b48c1b89ae4d86f1120a0fdc7a9e929edb1ebe0404f663dad
53cecb6be58650103848b99f7baf48d1fbbf4491100536852d521f80328a66a5
559e62a076a110ae71f6742f2b89a4610ba160b905bf2f577e3125fc0c5aece2
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e
5cd4e7b91f31009cba3ed052e6fadde1e5011756119ace23ccb526adf164fb76
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
609cd9b4c6bca52121089a59922f3cf45504d53ed82e4ad8144d403c3ac87359
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74659d9d9efceb0d08490ffacf4b7277fda4ccc3fe138dacfe57fd30f3c6d078
75347c27f3342e2a411ac9bb78150e8fe20070314a6e025b68a1cd377da14cb0
75d91efaf2673335460b2bb5b7709108880428db60e29a370b0b8f23ea07c601
7802ee99bec40d78a20fb6d0855a8d848cac2e52ff5368cb5309db77463e3f66
7dd1bc81c516c3c646fe2344c9e3eca21303200eae9c859f1064b9699c007166
81203ed8e39c0a0c6b37473475a299749c284984c2316b8c501b1eec779f2f3c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86943b8924beb2866da2217e56461d97e246817361528d16dfa96af03d3c4a98
8cd313774383029a19506e1c9568944bb8fb94e2fca3d20b79359ce57016b5c0
906936ed4ce6cb2fbf024f65e50a69b58e12422120cc7d9ecf0d6259da974240
9f26f33a35299754588c3af5dbab72b1c3d5570a67d564191e80eccc859d18f6
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3
a35bbe3d83217318f6a79bcbbae7b1af3534ad87ff649bf6357498897e59777a
a8450befaa42cf4bb52df86fcbed761c8fdfbf4836ec0d0d41dc7aa5c7a70638
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bbdf0af3591511937ca0dfd95e08c9ef0ed4674fe04c3ec2c79e4b86919f6afe
cfd6dac08ba2bf42da6ca871d3ed8e7e9885c45c9e37d14fcb3d72908555048d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea929ab07b7bf2a8848a25d3073bbf9b6b6c9bad34196d4f41e7ae5cbd84bc62
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fccd53cf3f832213c2fce8257028a53e1fb801a2af2a8889e3fad23a9bef61fa

www.amoureuxchauds.com Open in urlscan Pro 34.65.131.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

96 %HTTPS

44 %IPv6

15 Domains

16 Subdomains

16 IPs

7 Countries

620 kBTransfer

1007 kBSize

5 Cookies

4 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.amoureuxchauds.com Open in urlscan Pro
34.65.131.97 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

96 %
HTTPS

44 %
IPv6

15
Domains

16
Subdomains

16
IPs

7
Countries

620 kB
Transfer

1007 kB
Size

5
Cookies

52 HTTP transactions
0 data transactions