nataliedate.com Open in urlscan Pro
40.71.11.131 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff...
Submission: On May 15 via manual (May 15th 2022, 7:49:07 pm UTC) from NL — Scanned from NL

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 17 domains to perform 51 HTTP transactions. The main IP is 40.71.11.131, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is nataliedate.com. The Cisco Umbrella rank of the primary domain is 673181.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 2nd 2021. Valid for: a year.

This is the only time nataliedate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	40.71.11.131 40.71.11.131	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
4	23.36.163.241 23.36.163.241	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:401... 2a00:1450:4014:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a01:111:f100... 2a01:111:f100:2000::a83e:3309	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	143.204.215.84 143.204.215.84	16509 (AMAZON-02) (AMAZON-02)
4	20.50.64.7 20.50.64.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
51	20

11 40.71.11.131 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nataliedate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dscdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.163.241 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-241.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4014:80f::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::a (United States)

ASN13335 (CLOUDFLARENET, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:111:f100:2000::a83e:3309 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

monitor.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.84 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-84.fra53.r.cloudfront.net

openfpcdn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.50.64.7 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

datasystem.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	nataliedate.com nataliedate.com — Cisco Umbrella Rank: 673181	4 MB
5	gstatic.com fonts.gstatic.com www.gstatic.com	385 KB
4	azurewebsites.net datasystem.azurewebsites.net	254 B
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	491 B
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3290	71 KB
4	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 11954 monitor.clickcease.com — Cisco Umbrella Rank: 16494	53 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1150	89 KB
3	google.com www.google.com — Cisco Umbrella Rank: 7	2 KB
2	openfpcdn.io 1 redirects openfpcdn.io — Cisco Umbrella Rank: 26955	13 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	114 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 92	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	81 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 8284	549 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 110	15 KB
1	azureedge.net dscdn.azureedge.net — Cisco Umbrella Rank: 565579	2 KB
51	17

	Domain	Requested by
11	nataliedate.com	nataliedate.com
4	datasystem.azurewebsites.net	dscdn.azureedge.net
4	www.facebook.com	nataliedate.com
4	mc.yandex.ru	1 redirects nataliedate.com
4	analytics.tiktok.com	nataliedate.com analytics.tiktok.com
3	www.gstatic.com	www.google.com
3	monitor.clickcease.com	www.clickcease.com
3	www.google.com	nataliedate.com www.gstatic.com
2	openfpcdn.io	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	nataliedate.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	nataliedate.com www.googletagmanager.com
1	fonts.googleapis.com	client
1	www.clickcease.com	nataliedate.com
1	www.google.nl	nataliedate.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	dscdn.azureedge.net	nataliedate.com
51	20

This site contains no links.

Subject Issuer	Validity	Valid
nataliedate.com Go Daddy Secure Certificate Authority - G2	`2021-06-02` - `2022-07-02`	a year	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 05	`2022-05-07` - `2023-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-22` - `2022-05-23`	3 months	crt.sh
*.clickcease.com Go Daddy Secure Certificate Authority - G2	`2021-07-20` - `2022-06-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01	`2022-03-14` - `2023-03-09`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
Frame ID: 42BA8D4C73EF5325647ECA9E1B8D42A0
Requests: 44 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8602DB83180B9D030D5B22BE43F335AD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=%3C%25%3D%20htmlWebpackPlugin.options.google_recaptcha_key%20%25%3E&co=aHR0cHM6Ly9uYXRhbGllZGF0ZS5jb206NDQz&hl=ru&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=normal&cb=fhjyrysjo0dq
Frame ID: 2F7F6B2B6BF4FE5EFE87D760FCAF6673
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сайт знакомств - Natalie Date. Знакомься, флиртуй и найди свою любовь!ShapePath

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

51
Requests

96 %
HTTPS

75 %
IPv6

17
Domains

20
Subdomains

20
IPs

5
Countries

5066 kB
Transfer

14086 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://mc.yandex.ru/watch/56799835?wmode=7&page-url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Futm_source%3Dlospollosmob%26linkid%3D24437%26clickid%3D2eb3df68-514e-4b40-88e8-7e060914fb50%26aff_id%3Dl15788&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhnqrhszc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A601416164941%3Ahid%3A163423998%3Az%3A0%3Ai%3A20220515194858%3Aet%3A1652644139%3Ac%3A1%3Arn%3A658973043%3Arqn%3A1%3Au%3A1652644139213309637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652644137401%3Ads%3A7%2C300%2C99%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1652644139%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%81%D1%82%D0%B2%20-%20Natalie%20Date.%20%D0%97%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%8C%D1%81%D1%8F%2C%20%D1%84%D0%BB%D0%B8%D1%80%D1%82%D1%83%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B8%20%D1%81%D0%B2%D0%BE%D1%8E%20%D0%BB%D1%8E%D0%B1%D0%BE%D0%B2%D1%8C!&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/56799835/1?wmode=7&page-url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Futm_source%3Dlospollosmob%26linkid%3D24437%26clickid%3D2eb3df68-514e-4b40-88e8-7e060914fb50%26aff_id%3Dl15788&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhnqrhszc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A601416164941%3Ahid%3A163423998%3Az%3A0%3Ai%3A20220515194858%3Aet%3A1652644139%3Ac%3A1%3Arn%3A658973043%3Arqn%3A1%3Au%3A1652644139213309637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652644137401%3Ads%3A7%2C300%2C99%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1652644139%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%81%D1%82%D0%B2%20-%20Natalie%20Date.%20%D0%97%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%8C%D1%81%D1%8F%2C%20%D1%84%D0%BB%D0%B8%D1%80%D1%82%D1%83%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B8%20%D1%81%D0%B2%D0%BE%D1%8E%20%D0%BB%D1%8E%D0%B1%D0%BE%D0%B2%D1%8C%21&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 37

https://openfpcdn.io/fingerprintjs/v3 HTTP 302
https://openfpcdn.io/fingerprintjs/v3.3.3/esm.min.js

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request wizard-man Show response
nataliedate.com/ 9 KB
3 KB 406ms
98ms Document
text/html 40.71.11.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 15c5907f16b2876afa859a959c1e9a9a6f99dc6786dbf74089c7a869d0c79193

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache
content-encoding: gzip
content-length: 2998
content-type: text/html
date: Sun, 15 May 2022 19:48:57 GMT
etag: "06a4272944ad81:0"
last-modified: Thu, 07 Apr 2022 15:30:44 GMT
vary: Accept-Encoding

GET
H2 200 analytics.js Show response
dscdn.azureedge.net/ 5 KB
2 KB 196ms
22ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dscdn.azureedge.net/analytics.js
Requested by: Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9d86a6bed6d5a5f1f1accb836f752c39161703e168c153bf99058f911e216795

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:57 GMT
content-encoding: gzip
etag: "80e06d5dd4cd81:0"
last-modified: Sun, 10 Apr 2022 13:15:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: TCP_HIT
content-type: application/x-javascript
x-azure-ref: 0KlmBYgAAAAARxkcXGJyuQbOAks3+UDmrQlJVMzBFREdFMDcxNABlOGY4NzU5Mi03MmQ0LTRmNWItOTZhYy1jMWNmMzIzZjZlYTc=
x-azure-ref-originshield: 0fs2AYgAAAACrZ94rCCfWSbslz4Qy+xYxQU1TMDRFREdFMTkxOQBlOGY4NzU5Mi03MmQ0LTRmNWItOTZhYy1jMWNmMzIzZjZlYTc=
accept-ranges: bytes
content-length: 1689

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 89ms
32ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-150208853-1

Requested by

Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a94d45d68958565140a757b2e1338a19dbc84d38025ea2256c372a8d2a321532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39198
x-xss-protection: 0
last-modified: Sun, 15 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 15 May 2022 19:48:57 GMT

GET
H2 200 styles.css
nataliedate.com/assets/css/ 686 KB
199 KB 96ms
96ms Stylesheet
text/css 40.71.11.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nataliedate.com/assets/css/styles.css?v=ba68e93b
Requested by: Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8a4047b85c41386137cf1a9f6897ccdce9d590a2b774c18e02d86a0bac8e9790

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:57 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 15:30:48 GMT
etag: "0c4a474944ad81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 203840

GET
H2 200 main.js Show response
nataliedate.com/ 8 MB
2 MB 98ms
98ms Script
application/x-javascript 40.71.11.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nataliedate.com/main.js?v=ba68e93b
Requested by: Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9e5b33b5c1b1442901f607d34a539a8b021677e02694eb966c8401f472630fb9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:57 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 15:30:46 GMT
etag: "0977373944ad81:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1696131

GET
H2 200 vendor.js Show response
nataliedate.com/ 337 KB
87 KB 97ms
97ms Script
application/x-javascript 40.71.11.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nataliedate.com/vendor.js?v=ba68e93b
Requested by: Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3bc7028f550b2e502b96f4b5aa5fddf29373c8ffc46b83fafe6f1cfc482d4ee8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:57 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 15:30:46 GMT
etag: "0977373944ad81:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 88991

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 253ms
132ms Script
application/javascript 23.36.163.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0R4NAPURMH959SBQ0HG&lib=ttq
Requested by: Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-241.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 87488e23.86b0eef3
date: Sun, 15 May 2022 19:48:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-221-225-207.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 102,23.36.161.213
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=8, inner; dur=3
content-length: 37173
pragma: no-cache
server: nginx
x-tt-logid: 20220515194855010113007249221E2EDA
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.221.225.207
x-tt-trace-host: 01b2910b19b5b65a223219a5a6f7e7ea5f7f273b2f7fb124bccdf9461c0aa40be1102cb6885188e4d4c2a2c45f3d54109a6a7a7b12bd9b1d7ebc50b169904090fb3a629f087a15dd1cd1368b470e2e282ed84d5540de0cfe6c71d5fe4d372a4508c92e6cde8ed43d84c0f9c5a006811087
expires: Sun, 15 May 2022 19:48:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 81ms
31ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150208853-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 848
date: Sun, 15 May 2022 19:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 15 May 2022 21:34:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-794501839&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150208853-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

595f6c38874341b8fa9865d8bf54f3f3f313d77a575d31d256580c17106b43a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42778
x-xss-protection: 0
last-modified: Sun, 15 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 15 May 2022 19:48:58 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 110ms
36ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-794501839&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14849
x-xss-protection: 0
server: cafe
etag: 10272469744856839321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 15 May 2022 19:48:58 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 97ms
28ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1627034014&t=pageview&_s=1&dl=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Futm_source%3Dlospollosmob%26linkid%3D24437%26clickid%3D2eb3df68-514e-4b40-88e8-7e060914fb50%26aff_id%3Dl15788&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%81%D1%82%D0%B2%20-%20Natalie%20Date.%20%D0%97%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%8C%D1%81%D1%8F%2C%20%D1%84%D0%BB%D0%B8%D1%80%D1%82%D1%83%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B8%20%D1%81%D0%B2%D0%BE%D1%8E%20%D0%BB%D1%8E%D0%B1%D0%BE%D0%B2%D1%8C!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=846515792&gjid=1812754556&cid=1607775441.1652644138&tid=UA-150208853-1&_gid=1881120547.1652644138&_r=1&gtm=2ou5b0&z=511781921

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nataliedate.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 15 May 2022 19:48:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nataliedate.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 134ms
134ms Script
application/javascript 23.36.163.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0R4NAPURMH959SBQ0HG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-241.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: ca1be223.86b0f282
date: Sun, 15 May 2022 19:48:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-11.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 107,23.36.161.213
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=13, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 2022051519485801011313504407C2855C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.220.104.11
x-tt-trace-host: 01b2910b19b5b65a223219a5a6f7e7ea5f7f273b2f7fb124bccdf9461c0aa40be1b53ff279b082d1ee19b44ebdbf1563f255540eb39f9ffaab69a5cc36b45c029335eb17948a47aa26ac834930b97e4199ecc818387c96e2a9d7a1d7862e76e3a5c138742192d3f24d1affbada93e0df75
expires: Sun, 15 May 2022 19:48:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 138ms
137ms Script
application/javascript 23.36.163.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C0R4NAPURMH959SBQ0HG&hostname=nataliedate.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0R4NAPURMH959SBQ0HG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-241.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ce96c89c6e5933af0a1657bcbe0eec2236fda942ade068ad77876044e1ece494

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: ca1be529.86b0f3e3
date: Sun, 15 May 2022 19:48:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-11.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 93,23.36.161.213
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=5, inner; dur=2
content-length: 19674
pragma: no-cache
server: nginx
x-tt-logid: 202205151948570101130070762638A840
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.220.104.11
x-tt-trace-host: 01b2910b19b5b65a223219a5a6f7e7ea5f7f273b2f7fb124bccdf9461c0aa40be1b53ff279b082d1ee19b44ebdbf1563f2109a5aa4ea50b40a3a00ef89193efe228c306638b15d4be0d85af2aea62f4568988ff4ff120991deb06c8b1da6157e8584fc5dc171a82833ae2e63fd144352b9
expires: Sun, 15 May 2022 19:48:58 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/794501839/ 3 KB
2 KB 96ms
33ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794501839/?random=1652644138187&cv=9&fst=1652644138187&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Futm_source%3Dlospollosmob%26linkid%3D24437%26clickid%3D2eb3df68-514e-4b40-88e8-7e060914fb50%26aff_id%3Dl15788&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%81%D1%82%D0%B2%20-%20Natalie%20Date.%20%D0%97%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%8C%D1%81%D1%8F%2C%20%D1%84%D0%BB%D0%B8%D1%80%D1%82%D1%83%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B8%20&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd97c19d0aeb9a8bfbd59f02ab15ee19641a49239908553b169a19d75124e058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 May 2022 19:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1194
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 83ms
23ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-150208853-1&cid=1607775441.1652644138&jid=846515792&gjid=1812754556&_gid=1881120547.1652644138&_u=YEBAAUAAAAAAAC~&z=63162555

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nataliedate.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 15 May 2022 19:48:58 GMT
content-type: text/plain
access-control-allow-origin: https://nataliedate.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/794501839/ 42 B
549 B 123ms
49ms Image
image/gif 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/794501839/?random=1652644138187&cv=9&fst=1652641200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Futm_source%3Dlospollosmob%26linkid%3D24437%26clickid%3D2eb3df68-514e-4b40-88e8-7e060914fb50%26aff_id%3Dl15788&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%81%D1%82%D0%B2%20-%20Natalie%20Date.%20%D0%97%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%8C%D1%81%D1%8F%2C%20%D1%84%D0%BB%D0%B8%D1%80%D1%82%D1%83%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B8%20&async=1&fmt=3&is_vtc=1&random=2556883354&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 May 2022 19:48:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/794501839/ 42 B
549 B 99ms
36ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/794501839/?random=1652644138187&cv=9&fst=1652641200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Futm_source%3Dlospollosmob%26linkid%3D24437%26clickid%3D2eb3df68-514e-4b40-88e8-7e060914fb50%26aff_id%3Dl15788&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%81%D1%82%D0%B2%20-%20Natalie%20Date.%20%D0%97%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%8C%D1%81%D1%8F%2C%20%D1%84%D0%BB%D0%B8%D1%80%D1%82%D1%83%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B8%20&async=1&fmt=3&is_vtc=1&random=2556883354&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 May 2022 19:48:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 162 KB
53 KB 114ms
36ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f60126adef3f76bf6db4a26fd70b1c2d7c758d3307866883ac7bcf0a456b9aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 463930
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Apr 2022 08:24:39 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"28691-5dce97dc888a0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kn%2BpdDfs8dmJc%2FzbhJq4U11eur7JziklV5UdrHBrc%2BL2jJQn4KZ5Y0nee76B3se%2BMjNdXds63E0aqsL%2FKza%2FWRA4tyfL0P%2B%2B0y3kopzwYqGCzxxgOTcsvcxJd7krLln1a1PeTMipolL7FJenVaekDI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
cache-control: max-age=2678400
access-control-allow-credentials: true
cf-ray: 70be64e90ab55b74-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
expires: Thu, 09 Jun 2022 10:56:47 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
69 KB 303ms
183ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3e2960274943f152c7bba94592fd461c329312c886a3b41a4b2667f72f54b8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:58 GMT
content-encoding: br
last-modified: Fri, 13 May 2022 14:20:22 GMT
etag: "627e3ef6-1142a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70698
expires: Sun, 15 May 2022 20:48:58 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 70ms
22ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39bdc6630aad3e4c15fd07b777701feb77835acee49601873769082ebc5214b3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: TgiKscIR3nTAdHFlH+uNNMYJ6vJ0XMdNp/FcSdguV1KAQxqwwq54jizTvFG47qec0KnsxZgj9FXaNlWWHgcQIg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 15 May 2022 19:48:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
714 B 151ms
151ms Ping
application/octet-stream 23.36.163.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0R4NAPURMH959SBQ0HG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-241.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nataliedate.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 48369d75.86b0f738
date: Sun, 15 May 2022 19:48:58 GMT
x-cache-remote: TCP_MISS from a23-221-225-237.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 113,23.36.161.213
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=29, inner; dur=14
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022051519485801011313514702B87C5D
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 29,23.221.225.237
x-tt-trace-host: 01b2910b19b5b65a223219a5a6f7e7ea5f7f273b2f7fb124bccdf9461c0aa40be10e280a23e70ec8d94396ef5de6890626cd07c0bc409b56e1a34583708195c95f54b83e619892618b3771dd7e1def860bb9d40156c6ccd60e0e59717627cf11c8b2765ca257b0c2ef3b33f0c8162779ad
expires: Sun, 15 May 2022 19:48:58 GMT

POST
H2 200 statsV2 Show response
monitor.clickcease.com/monitor/api/ 42 B
181 B 300ms
94ms XHR
application/json 2a01:111:f100:2000::a83e:3309
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.clickcease.com/monitor/api/statsV2?type=object
Requested by: Host: www.clickcease.com
URL: https://www.clickcease.com/monitor/stat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:f100:2000::a83e:3309 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e0a51c3902b673d52b9b929d573feeda103fd8f4f3e71361409bf34000718b31

Request headers

Referer: https://nataliedate.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 15 May 2022 19:48:58 GMT
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
vm: 10.1.0.11
content-length: 42
expires: -1

GET
H2

200

1 Show response
mc.yandex.ru/watch/56799835/
Redirect Chain

https://mc.yandex.ru/watch/56799835?wmode=7&page-url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Futm_source%3Dlospollosmob%26linkid%3D24437%26clickid%3D2eb3df68-514e-4b40-88e8-7e060914fb50%26aff_i...
https://mc.yandex.ru/watch/56799835/1?wmode=7&page-url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Futm_source%3Dlospollosmob%26linkid%3D24437%26clickid%3D2eb3df68-514e-4b40-88e8-7e060914fb50%26aff...

357 B
514 B

64ms
63ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/56799835/1?wmode=7&page-url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Futm_source%3Dlospollosmob%26linkid%3D24437%26clickid%3D2eb3df68-514e-4b40-88e8-7e060914fb50%26aff_id%3Dl15788&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhnqrhszc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A601416164941%3Ahid%3A163423998%3Az%3A0%3Ai%3A20220515194858%3Aet%3A1652644139%3Ac%3A1%3Arn%3A658973043%3Arqn%3A1%3Au%3A1652644139213309637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652644137401%3Ads%3A7%2C300%2C99%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1652644139%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%81%D1%82%D0%B2%20-%20Natalie%20Date.%20%D0%97%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%8C%D1%81%D1%8F%2C%20%D1%84%D0%BB%D0%B8%D1%80%D1%82%D1%83%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B8%20%D1%81%D0%B2%D0%BE%D1%8E%20%D0%BB%D1%8E%D0%B1%D0%BE%D0%B2%D1%8C%21&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

966cd8aa00c3dd8de772427859a7ac5c7b77e3967001eb078cb1249a8ec676a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 May 2022 19:48:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 15-May-2022 19:48:59 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nataliedate.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Sun, 15-May-2022 19:48:59 GMT

Redirect headers

pragma: no-cache
date: Sun, 15 May 2022 19:48:58 GMT
last-modified: Sun, 15-May-2022 19:48:58 GMT
location: /watch/56799835/1?wmode=7&page-url=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Futm_source%3Dlospollosmob%26linkid%3D24437%26clickid%3D2eb3df68-514e-4b40-88e8-7e060914fb50%26aff_id%3Dl15788&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhnqrhszc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A601416164941%3Ahid%3A163423998%3Az%3A0%3Ai%3A20220515194858%3Aet%3A1652644139%3Ac%3A1%3Arn%3A658973043%3Arqn%3A1%3Au%3A1652644139213309637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652644137401%3Ads%3A7%2C300%2C99%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1652644139%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%81%D1%82%D0%B2%20-%20Natalie%20Date.%20%D0%97%D0%BD%D0%B0%D0%BA%D0%BE%D0%BC%D1%8C%D1%81%D1%8F%2C%20%D1%84%D0%BB%D0%B8%D1%80%D1%82%D1%83%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B8%20%D1%81%D0%B2%D0%BE%D1%8E%20%D0%BB%D1%8E%D0%B1%D0%BE%D0%B2%D1%8C%21&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://nataliedate.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 15-May-2022 19:48:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 100ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6cc9cb7c4349c1041803bdaac5c1187bd169192c2aa03e1cc8a9647ba2adce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 15 May 2022 17:51:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 15 May 2022 19:49:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 May 2022 19:49:00 GMT

POST
H2 204 visits
nataliedate.com/api/track/ 0
0 663ms
663ms Fetch 40.71.11.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nataliedate.com/api/track/visits
Requested by: Host: nataliedate.com
URL: https://nataliedate.com/main.js?v=ba68e93b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Sun, 15 May 2022 19:49:00 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,PATCH
access-control-allow-origin: https://nataliedate.com
access-control-expose-headers: bk-rct,bk-rct-l,bk-rct-m,sentry-trace
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers,ProfileId,visit-token,Authorization,Access-Control-Allow-Origin,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,bk-rct,bk-rct-l,bk-rct-m,mst,sentry-trace
expires: -1

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 916 B
605 B 108ms
46ms Script
text/javascript 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onrecapLoadedCallback&render=explicit&hl=ru

Requested by

Host: nataliedate.com
URL: https://nataliedate.com/main.js?v=ba68e93b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b6994072f9eb1bc9ece8015b456a1a1eef45e4fbba62b82ab09b6a2a919d9a92

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:49:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Sun, 15 May 2022 19:49:00 GMT

GET
H3 200 572044484240425 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 57ms
28ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/572044484240425?v=2.9.59&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

14278a54ec0a51baa931fc40490654d1f2b86dc2831dceb197bcad14fe7dfd66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89274
x-xss-protection: 0
pragma: public
x-fb-debug: qQPiJTsA3/63R2hXrgBMl4Xn3HFjC6iNu+R5awup4A6APDmUObTWW8BRb3cJKPefBwPGarVMj5uYQz6IbXFYEw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 15 May 2022 19:49:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 logo_w_300.png
nataliedate.com/assets/img/ 4 KB
4 KB 94ms
93ms Image
image/png 40.71.11.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nataliedate.com/assets/img/logo_w_300.png
Requested by: Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e1441e1e0b308a0f6ada2628722d49323f122f4b2a4627b6a9e01b4c6acc86b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:59 GMT
last-modified: Thu, 07 Apr 2022 15:31:01 GMT
accept-ranges: bytes
etag: "f21dc27c944ad81:0"
content-length: 3689
content-type: image/png

GET
H2 200 enter.png
nataliedate.com/assets/img/ 310 B
399 B 94ms
93ms Image
image/png 40.71.11.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nataliedate.com/assets/img/enter.png
Requested by: Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6a0a6eec3618e411227a68187e5117c6bce304d425625f9d64b6211feb27a38b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:59 GMT
last-modified: Thu, 07 Apr 2022 15:30:59 GMT
accept-ranges: bytes
etag: "5e14807b944ad81:0"
content-length: 310
content-type: image/png

GET
H2 200 gif-image-man-new2.gif
nataliedate.com/assets/img/ 701 KB
702 KB 96ms
96ms Image
image/gif 40.71.11.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nataliedate.com/assets/img/gif-image-man-new2.gif
Requested by: Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b0aaea6781ef41ac65f788c9341d269690b58dd96320fe49857efac61e57e3a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:59 GMT
last-modified: Thu, 07 Apr 2022 15:31:00 GMT
accept-ranges: bytes
etag: "4b391b7c944ad81:0"
content-length: 717848
content-type: image/gif

GET
H2 200 wizard_bg_new.jpg
nataliedate.com/assets/img/ 1 MB
1 MB 95ms
95ms Image
image/jpeg 40.71.11.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nataliedate.com/assets/img/wizard_bg_new.jpg
Requested by: Host: nataliedate.com
URL: https://nataliedate.com/assets/css/styles.css?v=ba68e93b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dbc8e3bdb6f19da716689911c4c0b9d4a7a2d1c326ebf17dfc93fe8884d4fef3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/assets/css/styles.css?v=ba68e93b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:59 GMT
last-modified: Thu, 07 Apr 2022 15:31:05 GMT
accept-ranges: bytes
etag: "2096df7e944ad81:0"
content-length: 1531589
content-type: image/jpeg

GET
H2 200 PTSansRegularCyr.woff2
nataliedate.com/assets/fonts/ 25 KB
25 KB 94ms
93ms Font
application/font-woff2 40.71.11.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nataliedate.com/assets/fonts/PTSansRegularCyr.woff2
Requested by: Host: nataliedate.com
URL: https://nataliedate.com/assets/css/styles.css?v=ba68e93b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a2d1e593286d963a1bb1f9ce468c35b1f3022dfb77c7b7f6de5fa3f5accc5eeb

Request headers

Referer: https://nataliedate.com/assets/css/styles.css?v=ba68e93b
Origin: https://nataliedate.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:59 GMT
last-modified: Thu, 07 Apr 2022 15:30:56 GMT
etag: "ea3a8479944ad81:0"
access-control-allow-methods: GET,POST,PUT,DELETE,PATCH
content-type: application/font-woff2
access-control-allow-origin: https://nataliedate.com
access-control-expose-headers: bk-rct,bk-rct-l,bk-rct-m,sentry-trace
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Headers,ProfileId,visit-token,Authorization,Access-Control-Allow-Origin,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,bk-rct,bk-rct-l,bk-rct-m,mst,sentry-trace
content-length: 25420

GET
H2 200 PTSansRegular.woff2
nataliedate.com/assets/fonts/ 44 KB
44 KB 94ms
94ms Font
application/font-woff2 40.71.11.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nataliedate.com/assets/fonts/PTSansRegular.woff2
Requested by: Host: nataliedate.com
URL: https://nataliedate.com/assets/css/styles.css?v=ba68e93b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 143c5c0124d14b936536af0c656e10aebbc2bb832563f00137f7e9c717195df1

Request headers

Referer: https://nataliedate.com/assets/css/styles.css?v=ba68e93b
Origin: https://nataliedate.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:48:59 GMT
last-modified: Thu, 07 Apr 2022 15:30:55 GMT
etag: "df3e879944ad81:0"
access-control-allow-methods: GET,POST,PUT,DELETE,PATCH
content-type: application/font-woff2
access-control-allow-origin: https://nataliedate.com
access-control-expose-headers: bk-rct,bk-rct-l,bk-rct-m,sentry-trace
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Headers,ProfileId,visit-token,Authorization,Access-Control-Allow-Origin,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,bk-rct,bk-rct-l,bk-rct-m,mst,sentry-trace
content-length: 45052

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 86ms
32ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nataliedate.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:32:51 GMT
x-content-type-options: nosniff
age: 346569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 19:32:51 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ 24 KB
24 KB 98ms
47ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nataliedate.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:33:13 GMT
x-content-type-options: nosniff
age: 346547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 19:33:13 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
160 B 60ms
60ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:49:00 GMT
last-modified: Fri, 13 May 2022 14:20:22 GMT
etag: "627e3ef6-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 15 May 2022 20:49:00 GMT

GET
H2 200 recaptcha__ru.js Show response
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ 396 KB
147 KB 96ms
31ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__ru.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onrecapLoadedCallback&render=explicit&hl=ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee6ee869c1bf38e8e09f98c4a1d5f42fbff0d5026d71f44c7e69335734548f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nataliedate.com/
Origin: https://nataliedate.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 03:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 149485
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 May 2023 03:04:58 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 70ms
22ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=572044484240425&ev=PageView&dl=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Futm_source%3Dlospollosmob%26linkid%3D24437%26clickid%3D2eb3df68-514e-4b40-88e8-7e060914fb50%26aff_id%3Dl15788&rl=&if=false&ts=1652644140319&sw=1600&sh=1200&v=2.9.59&r=stable&ec=0&o=30&fbp=fb.1.1652644140318.368556804&it=1652644140081&coo=false&rqm=GET

Requested by

Host: nataliedate.com
URL: https://nataliedate.com/wizard-man?utm_source=lospollosmob&linkid=24437&clickid=2eb3df68-514e-4b40-88e8-7e060914fb50&aff_id=l15788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:49:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 15 May 2022 19:49:00 GMT

GET
H2

200

esm.min.js Show response
openfpcdn.io/fingerprintjs/v3.3.3/
Redirect Chain

https://openfpcdn.io/fingerprintjs/v3
https://openfpcdn.io/fingerprintjs/v3.3.3/esm.min.js

31 KB
12 KB

22ms
22ms

Script
text/javascript

143.204.215.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://openfpcdn.io/fingerprintjs/v3.3.3/esm.min.js

Protocol

Server

143.204.215.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-84.fra53.r.cloudfront.net

Software

CloudFront /

Resource Hash

66ca1643eabf887594645c58317ad8c2d37b8cb7e9266a9a7a0f54dd826162c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 14:57:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: CloudFront
age: 4078314
etag: W/"okl+saWiuE9FSJqFFzOOURi4+hA"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30842085
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-amz-cf-id: sfa6hiqVlGKCr8CnVtn_kI92LPDLj3_uI5yPLcMhZbO4CMNc7xJgTQ==
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)

Redirect headers

date: Sun, 15 May 2022 18:53:32 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
server: CloudFront
age: 3328
location: /fingerprintjs/v3.3.3/esm.min.js
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: public, max-age=612904, s-maxage=3476
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: AH9eEykwCh_m969n6RYzFf51rrAv_cOEEIy_57AxcsTWQ_K7dXQq5Q==

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 42ms
21ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=572044484240425&ev=PageView&dl=https%3A%2F%2Fnataliedate.com%2Fwizard-man%23!%2Fhistory&rl=&if=false&ts=1652644140746&sw=1600&sh=1200&v=2.9.59&r=stable&ec=1&o=30&fbp=fb.1.1652644140318.368556804&it=1652644140081&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:49:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 15 May 2022 19:49:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 43ms
21ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=572044484240425&ev=PageView&dl=https%3A%2F%2Fnataliedate.com%2Fwizard-man%3Futm_source%3Dlospollosmob%26linkid%3D24437%26clickid%3D2eb3df68-514e-4b40-88e8-7e060914fb50%26aff_id%3Dl15788&rl=&if=false&ts=1652644140746&sw=1600&sh=1200&v=2.9.59&r=stable&ec=2&o=30&fbp=fb.1.1652644140318.368556804&it=1652644140081&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nataliedate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:49:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 15 May 2022 19:49:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8602 0
15 B 20ms
20ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://nataliedate.com
Referer: https://nataliedate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://nataliedate.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 15 May 2022 19:49:00 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 204 push
datasystem.azurewebsites.net/fingerprints/ Frame 0
0 249ms
33ms Preflight 20.50.64.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://datasystem.azurewebsites.net/fingerprints/push
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.64.7 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nataliedate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://nataliedate.com
date: Sun, 15 May 2022 19:49:01 GMT
server: Microsoft-IIS/10.0
vary: Origin
x-powered-by: ASP.NET

POST
H2 204 push
datasystem.azurewebsites.net/fingerprints/ 0
0 68ms
66ms Fetch 20.50.64.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://datasystem.azurewebsites.net/fingerprints/push
Requested by: Host: dscdn.azureedge.net
URL: https://dscdn.azureedge.net/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.64.7 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://nataliedate.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://nataliedate.com
date: Sun, 15 May 2022 19:49:01 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Origin

POST
H2 200 redirect Show response
datasystem.azurewebsites.net/visits/ 30 B
254 B 40ms
38ms Fetch
application/json 20.50.64.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://datasystem.azurewebsites.net/visits/redirect
Requested by: Host: dscdn.azureedge.net
URL: https://dscdn.azureedge.net/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.64.7 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: af59b6a5ddbcdbc45d55918228f081b4ec612ea80f32bcf4cd12add77fd802ec

Request headers

Referer: https://nataliedate.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 15 May 2022 19:49:01 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nataliedate.com
access-control-allow-credentials: true

OPTIONS
H2 204 redirect
datasystem.azurewebsites.net/visits/ Frame 0
0 247ms
32ms Preflight 20.50.64.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://datasystem.azurewebsites.net/visits/redirect
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.64.7 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nataliedate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://nataliedate.com
date: Sun, 15 May 2022 19:49:01 GMT
server: Microsoft-IIS/10.0
vary: Origin
x-powered-by: ASP.NET

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 2F7F 7 KB
1 KB 3473ms
3473ms Document
text/html 2a00:1450:4014:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=%3C%25%3D%20htmlWebpackPlugin.options.google_recaptcha_key%20%25%3E&co=aHR0cHM6Ly9uYXRhbGllZGF0ZS5jb206NDQz&hl=ru&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=normal&cb=fhjyrysjo0dq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__ru.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

39fc1deecccd1447247109be9cdff73f4a6b452e5ff25598f2f29f9444662e30

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-py9c2t1P6PCjJO0RtNznfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nataliedate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1033
content-security-policy: script-src 'report-sample' 'nonce-py9c2t1P6PCjJO0RtNznfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 15 May 2022 19:49:04 GMT
expires: Sun, 15 May 2022 19:49:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 204 entry2
monitor.clickcease.com/V2/recorder/ Frame 0
0 3097ms
3097ms Preflight 2a01:111:f100:2000::a83e:3309
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.clickcease.com/V2/recorder/entry2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:f100:2000::a83e:3309 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nataliedate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
date: Sun, 15 May 2022 19:49:04 GMT
server: Kestrel
vm: 10.1.0.11

POST
H2 200 entry2 Show response
monitor.clickcease.com/V2/recorder/ 120 B
208 B 725ms
353ms Fetch
text/plain 2a01:111:f100:2000::a83e:3309
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://monitor.clickcease.com/V2/recorder/entry2

Requested by

Host: www.clickcease.com
URL: https://www.clickcease.com/monitor/stat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:f100:2000::a83e:3309 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

581c6124918cdf2f5e2932982fb6aa26f19af8f4d6e6005d81a5a382a0bd727c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://nataliedate.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=2592000
server: Kestrel
vm: 10.1.0.11
date: Sun, 15 May 2022 19:49:05 GMT
content-type: text/plain; charset=utf-8

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame 2F7F 51 KB
24 KB 68ms
20ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=%3C%25%3D%20htmlWebpackPlugin.options.google_recaptcha_key%20%25%3E&co=aHR0cHM6Ly9uYXRhbGllZGF0ZS5jb206NDQz&hl=ru&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=normal&cb=fhjyrysjo0dq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 10:08:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 May 2023 10:08:58 GMT

GET
H3 200 recaptcha__ru.js Show response
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame 2F7F 396 KB
146 KB 78ms
30ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__ru.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee6ee869c1bf38e8e09f98c4a1d5f42fbff0d5026d71f44c7e69335734548f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 03:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 149485
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 May 2023 03:04:58 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nataliedate.com/	1970-01-20 05:13:40	Name: _gcl_au Value: 1.1.860880181.1652644138
.nataliedate.com/	1970-01-20 20:35:16	Name: _ga Value: GA1.2.1607775441.1652644138
.nataliedate.com/	1970-01-20 03:05:30	Name: _gid Value: GA1.2.1881120547.1652644138
.nataliedate.com/	1970-01-20 03:04:04	Name: _gat_gtag_UA_150208853_1 Value: 1
.doubleclick.net/	1970-01-20 03:04:05	Name: test_cookie Value: CheckForPermission
.tiktok.com/	1970-01-20 12:25:40	Name: _ttp Value: 29DOM80l8sST2NDwaDhgBIaEipo
.nataliedate.com/	1970-01-20 12:25:40	Name: _tt_enable_cookie Value: 1
.nataliedate.com/	1970-01-20 12:25:40	Name: _ttp Value: 9033f288-8ab2-4bbd-94a4-d09fb85d4821
.nataliedate.com/	1970-01-20 11:49:40	Name: _ym_uid Value: 1652644139213309637
.nataliedate.com/	1970-01-20 11:49:40	Name: _ym_d Value: 1652644139
.yandex.ru/	1970-01-20 11:49:40	Name: yandexuid Value: 1494295091652644138
.yandex.ru/	1970-01-20 11:49:40	Name: yuidss Value: 1494295091652644138
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 556858491652644138
.yandex.ru/	1970-01-23 18:40:04	Name: i Value: jEKHJIomIgWHcMTUOCmpkRt7zCjDP0ukeBTwKw/WhzycKWIH6d6V15fypTlI+X9RmPr2kzW5asURw+MSziN0+JoUMnM=
.yandex.ru/	1970-01-20 11:49:40	Name: ymex Value: 1684180138.yrts.1652644138#1684180138.yrtsi.1652644138
.nataliedate.com/	1970-01-20 05:13:40	Name: _fbp Value: fb.1.1652644140318.368556804
.nataliedate.com/	1970-01-20 03:05:16	Name: _ym_isad Value: 2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
connect.facebook.net
datasystem.azurewebsites.net
dscdn.azureedge.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.ru
monitor.clickcease.com
nataliedate.com
openfpcdn.io
stats.g.doubleclick.net
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.184.226
143.204.215.84
20.50.64.7
23.36.163.241
2620:1ec:46::45
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:812::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9a
2a00:1450:4014:80f::2004
2a01:111:f100:2000::a83e:3309
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3121::a
40.71.11.131
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14278a54ec0a51baa931fc40490654d1f2b86dc2831dceb197bcad14fe7dfd66
143c5c0124d14b936536af0c656e10aebbc2bb832563f00137f7e9c717195df1
15c5907f16b2876afa859a959c1e9a9a6f99dc6786dbf74089c7a869d0c79193
39bdc6630aad3e4c15fd07b777701feb77835acee49601873769082ebc5214b3
39fc1deecccd1447247109be9cdff73f4a6b452e5ff25598f2f29f9444662e30
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
3bc7028f550b2e502b96f4b5aa5fddf29373c8ffc46b83fafe6f1cfc482d4ee8
3e2960274943f152c7bba94592fd461c329312c886a3b41a4b2667f72f54b8fa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
581c6124918cdf2f5e2932982fb6aa26f19af8f4d6e6005d81a5a382a0bd727c
595f6c38874341b8fa9865d8bf54f3f3f313d77a575d31d256580c17106b43a9
66ca1643eabf887594645c58317ad8c2d37b8cb7e9266a9a7a0f54dd826162c0
6a0a6eec3618e411227a68187e5117c6bce304d425625f9d64b6211feb27a38b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8a4047b85c41386137cf1a9f6897ccdce9d590a2b774c18e02d86a0bac8e9790
924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402
966cd8aa00c3dd8de772427859a7ac5c7b77e3967001eb078cb1249a8ec676a3
9d86a6bed6d5a5f1f1accb836f752c39161703e168c153bf99058f911e216795
9e5b33b5c1b1442901f607d34a539a8b021677e02694eb966c8401f472630fb9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2d1e593286d963a1bb1f9ce468c35b1f3022dfb77c7b7f6de5fa3f5accc5eeb
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a94d45d68958565140a757b2e1338a19dbc84d38025ea2256c372a8d2a321532
af59b6a5ddbcdbc45d55918228f081b4ec612ea80f32bcf4cd12add77fd802ec
b0aaea6781ef41ac65f788c9341d269690b58dd96320fe49857efac61e57e3a7
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b6994072f9eb1bc9ece8015b456a1a1eef45e4fbba62b82ab09b6a2a919d9a92
c6cc9cb7c4349c1041803bdaac5c1187bd169192c2aa03e1cc8a9647ba2adce5
ce96c89c6e5933af0a1657bcbe0eec2236fda942ade068ad77876044e1ece494
dbc8e3bdb6f19da716689911c4c0b9d4a7a2d1c326ebf17dfc93fe8884d4fef3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0a51c3902b673d52b9b929d573feeda103fd8f4f3e71361409bf34000718b31
e1441e1e0b308a0f6ada2628722d49323f122f4b2a4627b6a9e01b4c6acc86b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee6ee869c1bf38e8e09f98c4a1d5f42fbff0d5026d71f44c7e69335734548f7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f60126adef3f76bf6db4a26fd70b1c2d7c758d3307866883ac7bcf0a456b9aa5
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fd97c19d0aeb9a8bfbd59f02ab15ee19641a49239908553b169a19d75124e058

nataliedate.com Open in urlscan Pro 40.71.11.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

96 %HTTPS

75 %IPv6

17 Domains

20 Subdomains

20 IPs

5 Countries

5066 kBTransfer

14086 kBSize

17 Cookies

0 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nataliedate.com Open in urlscan Pro
40.71.11.131 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

96 %
HTTPS

75 %
IPv6

17
Domains

20
Subdomains

20
IPs

5
Countries

5066 kB
Transfer

14086 kB
Size

17
Cookies

51 HTTP transactions
0 data transactions