datingsphere.top Open in urlscan Pro
91.195.240.123 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jibou22.zestawypremium.pl/
Effective URL:
https://datingsphere.top/18plus/?u=mhwp605&o=f3t0mvz&t=rodat3
Submission: On June 17 via api (June 17th 2024, 12:09:36 am UTC) from US — Scanned from PL

Summary HTTP 34 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 21 domains to perform 34 HTTP transactions. The main IP is 91.195.240.123, located in Germany and belongs to SEDO-AS, DE. The main domain is datingsphere.top.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on March 28th 2024. Valid for: a year.

This is the only time datingsphere.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	172.67.161.75 172.67.161.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
1	89.42.218.87 89.42.218.87	205275 (ROMARG HO...) (ROMARG HOSTING)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.36.133.80 89.36.133.80	34358 (CYBER_FOL...) (CYBER_FOLKS-RO-DC_FLO)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.45.197.162 89.45.197.162	34358 (CYBER_FOL...) (CYBER_FOLKS-RO-DC_FLO)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2	91.195.240.123 91.195.240.123	47846 (SEDO-AS) (SEDO-AS)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
3	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
6	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
34	14

5 172.67.161.75 (United States)

ASN13335 (CLOUDFLARENET, US)

jibou22.zestawypremium.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.42.218.87 (Romania)

ASN205275 (ROMARG HOSTING, RO)
PTR: server-0338.whmpanels.com

marinbadea.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdn.mediacx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.36.133.80 (Romania)

ASN34358 (CYBER_FOLKS-RO-DC_FLO, RO)

informatiaonline.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

www.stiridecluj.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.45.197.162 (Romania)

ASN34358 (CYBER_FOLKS-RO-DC_FLO, RO)

scms.machteamsoft.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.195.240.123 (Germany)

ASN47846 (SEDO-AS, DE)

datingsphere.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

syndicatedsearch.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	syndicatedsearch.goog syndicatedsearch.goog — Cisco Umbrella Rank: 12861	1 KB
5	zestawypremium.pl jibou22.zestawypremium.pl	14 KB
3	sedoparking.com img.sedoparking.com — Cisco Umbrella Rank: 65990	58 KB
2	datingsphere.top datingsphere.top	8 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 11755	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 5354	268 B
1	google.com www.google.com — Cisco Umbrella Rank: 5	72 KB
1	machteamsoft.ro scms.machteamsoft.ro	32 KB
1	stiridecluj.ro www.stiridecluj.ro	40 KB
1	informatiaonline.ro informatiaonline.ro	236 KB
1	mediacx.com cdn.mediacx.com	48 KB
1	marinbadea.ro marinbadea.ro	57 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	872 B
0	youtube.com Failed www.youtube.com Failed
0	xvideos-cdn.com Failed img-egc.xvideos-cdn.com Failed
0	blabla-geboorte.be Failed blabla-geboorte.be Failed
0	pepijnloop.nl Failed pepijnloop.nl Failed
0	intermedian.nl Failed intermedian.nl Failed
0	blogspot.com Failed 1.bp.blogspot.com Failed
0	carteamea.ro Failed carteamea.ro Failed
0	baxagenturen.nl Failed baxagenturen.nl Failed
34	21

	Domain	Requested by
6	syndicatedsearch.goog	www.google.com
5	jibou22.zestawypremium.pl	jibou22.zestawypremium.pl
3	img.sedoparking.com	datingsphere.top
2	datingsphere.top	jibou22.zestawypremium.pl datingsphere.top
2	counter.yadro.ru	1 redirects jibou22.zestawypremium.pl
1	partner.googleadservices.com	www.google.com
1	www.google.com	datingsphere.top
1	scms.machteamsoft.ro	jibou22.zestawypremium.pl
1	www.stiridecluj.ro	jibou22.zestawypremium.pl
1	informatiaonline.ro	jibou22.zestawypremium.pl
1	cdn.mediacx.com	jibou22.zestawypremium.pl
1	marinbadea.ro	jibou22.zestawypremium.pl
1	fonts.googleapis.com	jibou22.zestawypremium.pl
0	www.youtube.com Failed	jibou22.zestawypremium.pl
0	img-egc.xvideos-cdn.com Failed	jibou22.zestawypremium.pl
0	blabla-geboorte.be Failed	jibou22.zestawypremium.pl
0	pepijnloop.nl Failed	jibou22.zestawypremium.pl
0	intermedian.nl Failed	jibou22.zestawypremium.pl
0	1.bp.blogspot.com Failed	jibou22.zestawypremium.pl
0	carteamea.ro Failed	jibou22.zestawypremium.pl
0	baxagenturen.nl Failed	jibou22.zestawypremium.pl
34	21

This site contains links to these domains. Also see Links.

Domain
www.namesilo.com
www.sedo.com

Subject Issuer	Validity	Valid
zestawypremium.pl GTS CA 1P5	`2024-05-24` - `2024-08-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
www.marinbadea.ro Sectigo RSA Extended Validation Secure Server CA	`2024-05-22` - `2025-05-22`	a year	crt.sh
mediacx.com E1	`2024-04-29` - `2024-07-28`	3 months	crt.sh
informatiaonline.ro R3	`2024-04-26` - `2024-07-25`	3 months	crt.sh
stiridecluj.ro WE1	`2024-06-09` - `2024-09-07`	3 months	crt.sh
acasa.ro R3	`2024-04-29` - `2024-07-28`	3 months	crt.sh
datingsphere.top Encryption Everywhere DV TLS CA - G2	`2024-03-28` - `2025-03-27`	a year	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2023-11-13` - `2024-12-14`	a year	crt.sh
*.googleadservices.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
syndicatedsearch.goog WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://datingsphere.top/18plus/?u=mhwp605&o=f3t0mvz&t=rodat3
Frame ID: 8F22E89D2A7F4C0E38903B8B59748FD3
Requests: 32 HTTP requests in this frame

Frame: https://www.youtube.com/embed/w3wrm3_gXvs?feature=oembed
Frame ID: 8C58DDEC0A369CEEFECA206DE3E0CA0E
Requests: 1 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads/i/iframe.html
Frame ID: E9B08581612EF7A2B3ED04AFE85EFB9F
Requests: 1 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=9330244380&channel=exp-0051%2Cauxa-control-1%2C35961519&client=dp-sedo85_3ph&r=m&hl=pl&ivt=0&rpbu=https%3A%2F%2Fdatingsphere.top%2Fcaf%2F%3Fses%3DY3JlPTE3MTg1ODI5NzEmdGNpZD1kYXRpbmdzcGhlcmUudG9wNjY2ZjdlYmJlZjFmMzQuMTAyMjIzOTMmdGFzaz1zZWFyY2gmZG9tYWluPWRhdGluZ3NwaGVyZS50b3AmYV9pZD0zJnNlc3Npb249OExXY09lc2RXR3FZSmV4LXo0MFg%3D&type=3&uiopt=false&swp=as-drid-2249301175844733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266&client_gdprApplies=1&format=r3%7Cs&nocache=5731718582972242&num=0&output=afd_ads&domain_name=datingsphere.top&v=3&bsl=8&pac=0&u_his=2&u_tz=120&dt=1718582972256&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=985&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&nfp=1&jsv=641883529&rurl=https%3A%2F%2Fdatingsphere.top%2F18plus%2F%3Fu%3Dmhwp605%26o%3Df3t0mvz%26t%3Drodat3&referer=https%3A%2F%2Fjibou22.zestawypremium.pl%2F
Frame ID: 7E2D9B5128FB7537662901E20B2751B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

datingsphere.top - datingsphere Zasoby i informacje.

Page URL History Show full URLs

https://jibou22.zestawypremium.pl/ Page URL
https://datingsphere.top/18plus/?u=mhwp605&o=f3t0mvz&t=rodat3 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

34
Requests

71 %
HTTPS

0 %
IPv6

21
Domains

21
Subdomains

14
IPs

5
Countries

569 kB
Transfer

725 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.namesilo.com/
Title: NameSilo.com

Search URL Search Domain Scan URL

URL: https://www.namesilo.com/domain/search-domains?query=datingsphere.top
Title: find similar names

Search URL Search Domain Scan URL

URL: https://www.sedo.com/services/parking.php3
Title: Sedo Domain Parking

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://jibou22.zestawypremium.pl/ Page URL
https://datingsphere.top/18plus/?u=mhwp605&o=f3t0mvz&t=rodat3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://counter.yadro.ru/hit;rodat3?t14.6;r;s1600*1200*24;uhttps%3A//jibou22.zestawypremium.pl/;hReportera%20fututa%20matusa%20se%20fute%20cu%20nepotu;0.22817365008303203 HTTP 302
https://counter.yadro.ru/hit;rodat3?q;t14.6;r;s1600*1200*24;uhttps%3A//jibou22.zestawypremium.pl/;hReportera%20fututa%20matusa%20se%20fute%20cu%20nepotu;0.22817365008303203

34 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
jibou22.zestawypremium.pl/ 41 KB
11 KB 121ms
81ms Document
text/html 172.67.161.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jibou22.zestawypremium.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 961cd9c8097d3f2548297cd24f1fbbac3998225fc080e9e3d7188462f60038a7

Request headers

Accept-Language: pl-PL,pl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894ecfb0ffa5bbcc-WAW
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 17 Jun 2024 00:09:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RrwpqQv7sGBevO1fkP%2BxDViPIsBSjhBL3D%2Fb1S7qVVu7nfIpkCL%2FRPk4mo1VaD5JbPKYfCGO76AyxsAEFptZ2XH2UKzi%2FGIuWnwnSqAFRJ2vtE2vn1VQKkySxEwg182lpI0VKs7QbzSUOqeP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33

GET
H2 200 css
fonts.googleapis.com/ 4 KB
872 B 423ms
44ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700&subset=latin-ext&ver=1.0.0

Requested by

Host: jibou22.zestawypremium.pl
URL: https://jibou22.zestawypremium.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jibou22.zestawypremium.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jun 2024 00:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jun 2024 00:09:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jun 2024 00:09:31 GMT

GET
H2 200 baba.jpg
marinbadea.ro/wp-content/uploads/2015/11/ 57 KB
57 KB 358ms
155ms Image
image/jpeg 89.42.218.87
ROMARG HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://marinbadea.ro/wp-content/uploads/2015/11/baba.jpg

Requested by

Host: jibou22.zestawypremium.pl
URL: https://jibou22.zestawypremium.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.42.218.87 , Romania, ASN205275 (ROMARG HOSTING, RO),

Reverse DNS

server-0338.whmpanels.com

Software

LiteSpeed /

Resource Hash

8a0feb382c4e6a422bce75eb0f332c4e9fc7a8fb0907ef7921b34759c61020bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jibou22.zestawypremium.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 00:09:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Nov 2015 10:40:46 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 58448
x-xss-protection: 1; mode=block
expires: Mon, 24 Jun 2024 00:09:30 GMT

GET 1288819867.jpg
baxagenturen.nl/jpg/ 0
0

GET 3113734671.jpg
baxagenturen.nl/jpg/ 0
0

GET la-drum-cu-matusa-mea-353x600.jpg
carteamea.ro/wp-content/uploads/2016/02/ 0
0

GET
H3 200 453721_141796322489.jpg
cdn.mediacx.com/cuplari/users/nimages/0/45/372/ 48 KB
48 KB 331ms
288ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mediacx.com/cuplari/users/nimages/0/45/372/453721_141796322489.jpg
Requested by: Host: jibou22.zestawypremium.pl
URL: https://jibou22.zestawypremium.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaf31cbd530e83381191f78f463084df389e802f5acdd3bf4331f749daf9f090

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jibou22.zestawypremium.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 00:09:31 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Dec 2018 09:40:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t8UFWycd59Z%2BB9RPjuIPkK06OYxTM%2B7farpOMyMAxVTwu4BemgBDH2uvaydxP9U0zicauWEERMlf1gSlHX5I%2BrvbtXm43t17hxIwqwCzdOV3JmvP8XUdP89wV4fWd7pyUzo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894ecfb1e8efb193-WAW
alt-svc: h3=":443"; ma=86400
content-length: 48820
expires: Mon, 24 Jun 2024 00:09:31 GMT

GET fullsizephoto1332e69.jpg
1.bp.blogspot.com/-EBq5eoKmW0Y/T-MRwIIEE5I/AAAAAAAAAnY/NZSZb4YVCXw/s1600/ 0
0

GET 2500871498.jpg
intermedian.nl/pics/ 0
0

GET 2975537143.jpg
pepijnloop.nl/img/ 0
0

GET 3959756559.jpg
blabla-geboorte.be/photos/ 0
0

GET
H/1.1 200
OK programator.jpg
informatiaonline.ro/wp-content/uploads/2018/02/ 235 KB
236 KB 347ms
129ms Image
image/jpeg 89.36.133.80
CYBER_FOLKS-RO-DC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://informatiaonline.ro/wp-content/uploads/2018/02/programator.jpg
Requested by: Host: jibou22.zestawypremium.pl
URL: https://jibou22.zestawypremium.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.36.133.80 , Romania, ASN34358 (CYBER_FOLKS-RO-DC_FLO, RO),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: c227983d8255446f3c3e1cb66f905685eb1e09948fedc5e53045f71790637c7e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jibou22.zestawypremium.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 00:08:07 GMT
Last-Modified: Fri, 09 Feb 2018 17:59:00 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5a7de164-3adec"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 241132

GET
H3 200 28b1dbf4990048357887602d1f80b5c1.JPG
www.stiridecluj.ro/files/images/96/ 39 KB
40 KB 246ms
209ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stiridecluj.ro/files/images/96/28b1dbf4990048357887602d1f80b5c1.JPG
Requested by: Host: jibou22.zestawypremium.pl
URL: https://jibou22.zestawypremium.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae07b3f9ec762343cd9b5be9887cebba586c322b98d2a75cfed57046addc8e62

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jibou22.zestawypremium.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 00:09:31 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Dec 2018 20:26:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c06e2f0-9c41"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lXKFlJIGYYYi5n%2BYzotB8hjP072D7dSPMBvzf59xje7IdlyNUQYd1DY7eLbI%2BgwlEbMaJiOQPblNWjawqbJRUxVC8dAXNMX%2Bz04PXDJ47kQJhgqQLSjEZPOTAU5WJzrauu6I41U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 894ecfb1efe7c059-WAW
alt-svc: h3=":443"; ma=86400
content-length: 40001

GET
H/1.1 200
OK 652x450_078762-andreea-marin-banica-a-reclamat-o-pe-natalia-mateut-la-cna.jpg
scms.machteamsoft.ro/uploads/photos/652x450/ 32 KB
32 KB 274ms
129ms Image
image/jpeg 89.45.197.162
CYBER_FOLKS-RO-DC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scms.machteamsoft.ro/uploads/photos/652x450/652x450_078762-andreea-marin-banica-a-reclamat-o-pe-natalia-mateut-la-cna.jpg
Requested by: Host: jibou22.zestawypremium.pl
URL: https://jibou22.zestawypremium.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.45.197.162 , Romania, ASN34358 (CYBER_FOLKS-RO-DC_FLO, RO),
Reverse DNS
Software: /
Resource Hash: 82cde0d36b50b5b9539f8e38c752250c0b5b51987b10fa0f9365a2afef6c2e2c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jibou22.zestawypremium.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

magicmarker: 1
date: Sun, 16 Jun 2024 06:20:44 GMT
last-modified: Mon, 12 Aug 2013 21:48:34 GMT
age: 64126
etag: "52095832-8047"
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31246277
connection: close
accept-ranges: bytes
content-length: 32839
x-cache-hits: 1

GET eb85fc949dfbd51f152e5fd9d44fdf77.6.jpg
img-egc.xvideos-cdn.com/videos/thumbslll/eb/85/fc/eb85fc949dfbd51f152e5fd9d44fdf77/ 0
0

GET
H3 200 email-decode.min.js Show response
jibou22.zestawypremium.pl/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 23ms
22ms Script
application/javascript 172.67.161.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jibou22.zestawypremium.pl/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: jibou22.zestawypremium.pl
URL: https://jibou22.zestawypremium.pl/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.161.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jibou22.zestawypremium.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 00:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jun 2024 17:32:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66688a1d-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zvdp%2FehaUL4FdT7oiDVW0QJLF4RlkXXRVwK%2FvK2zoZYihA4cK6zA8tFbIPbKwvYpk5DH8g6UQuz9wxDBf2nJSABUJvXcgx1DmjeOGXiNedq0Gsz9AJQRrodMtkKnZbrZTRiAO4%2BDrJhDdg%2FQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 894ecfb1affcbbcc-WAW
expires: Wed, 19 Jun 2024 00:09:31 GMT

GET
H3 200 yzsdlmk.js Show response
jibou22.zestawypremium.pl/ 1000 B
962 B 98ms
97ms Script
application/javascript 172.67.161.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jibou22.zestawypremium.pl/yzsdlmk.js?0.5286007522146312&q=cmVwb3J0ZXJhIGZ1dHV0YQ==
Requested by: Host: jibou22.zestawypremium.pl
URL: https://jibou22.zestawypremium.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 25e2baac158626e56fe106d8b9dc922627dcb4bc520d5fab2314ec7904a7ffd6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jibou22.zestawypremium.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 00:09:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 17 Jun 2024 00:09:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m3GaT86jCl6bc5%2BtU4Ean7tmps1hs4FyuSM4dz6YoAAQrj30DElwx2SF5Dbyic21hR81wvqm8Rwq4VMH5EzwN%2Bn3bwbCQNtiOUoxODKDgRFiRnSlUD3ukhQ7ZWX2vPm7BVlKyL9LbAE4Y0FS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 894ecfb4297dbbcc-WAW
alt-svc: h3=":443"; ma=86400

GET w3wrm3_gXvs
www.youtube.com/embed/ Frame 8C58 0
0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: pl-PL,pl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit;rodat3
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;rodat3?t14.6;r;s1600*1200*24;uhttps%3A//jibou22.zestawypremium.pl/;hReportera%20fututa%20matusa%20se%20fute%20cu%20nepotu;0.22817365008303203
https://counter.yadro.ru/hit;rodat3?q;t14.6;r;s1600*1200*24;uhttps%3A//jibou22.zestawypremium.pl/;hReportera%20fututa%20matusa%20se%20fute%20cu%20nepotu;0.22817365008303203

205 B
691 B

87ms
86ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;rodat3?q;t14.6;r;s1600*1200*24;uhttps%3A//jibou22.zestawypremium.pl/;hReportera%20fututa%20matusa%20se%20fute%20cu%20nepotu;0.22817365008303203

Requested by

Host: jibou22.zestawypremium.pl
URL: https://jibou22.zestawypremium.pl/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: pl-PL,pl;q=0.9;q=0.9
Referer: https://jibou22.zestawypremium.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2024 00:09:31 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 205
Expires: Sat, 17 Jun 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Jun 2024 00:09:31 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;rodat3?q;t14.6;r;s1600*1200*24;uhttps%3A//jibou22.zestawypremium.pl/;hReportera%20fututa%20matusa%20se%20fute%20cu%20nepotu;0.22817365008303203
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sat, 17 Jun 2023 21:00:00 GMT

GET
H3 404 wsplfgs.gif
jibou22.zestawypremium.pl/ 209 B
209 B 77ms
76ms Image
text/html 172.67.161.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jibou22.zestawypremium.pl/wsplfgs.gif?ref=&url=https%3A//jibou22.zestawypremium.pl/&scr=1600x1200&q=1718582971&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&0.14374203699105514
Requested by: Host: jibou22.zestawypremium.pl
URL: https://jibou22.zestawypremium.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc8dc4df3d06d6d46bcd84c98679cadecdcefbe81eeff03548d113cb0f6fda50

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jibou22.zestawypremium.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 00:09:31 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OReB9DdOa83qxt1ZSN07osKuOUz2Iq5FxnUFD0Z%2BOBgEktjEHzC86tLXAmD4LkLbeUS6QaxTd%2BatYCFZrj2VSgTQ9C0urxVzl9lL9E4BSh04XUGm6Q13mOuprZlHyn2UyHZYtmJuh9sSuHQX"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 894ecfb4c9c1bbcc-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 fpenqgb.js
jibou22.zestawypremium.pl/ 525 B
777 B 101ms
100ms XHR
application/javascript 172.67.161.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jibou22.zestawypremium.pl/fpenqgb.js?get=1&q=1718582971&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&0.8570588556138679
Requested by: Host: jibou22.zestawypremium.pl
URL: https://jibou22.zestawypremium.pl/yzsdlmk.js?0.5286007522146312&q=cmVwb3J0ZXJhIGZ1dHV0YQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jibou22.zestawypremium.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 00:09:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 17 Jun 2024 00:09:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oot%2BFD5wXXPa0cStY58bf1kaZU3eJb3sqJG4FVEjYQhy08MFVIdXiFzktSePbAmzkKnDEU5aWc9EKmvsLMuhQlOC85H9e2ExrQMspvFMqpPVUlL%2FIEktmm4l07uKDvbrddOZwVmtNVGlM9tp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 894ecfb54a0cbbcc-WAW
alt-svc: h3=":443"; ma=86400

GET
H2 200 Primary Request / Show response
datingsphere.top/18plus/ 23 KB
8 KB 202ms
92ms Document
text/html 91.195.240.123
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datingsphere.top/18plus/?u=mhwp605&o=f3t0mvz&t=rodat3
Requested by: Host: jibou22.zestawypremium.pl
URL: https://jibou22.zestawypremium.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.195.240.123 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash: d3df15ffdd57dd0289f4571732a235445c103d8edbc99ed542b4e09e5297b5cb

Request headers

Accept-Language: pl-PL,pl;q=0.9;q=0.9
Referer: https://jibou22.zestawypremium.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 17 Jun 2024 00:09:32 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 17 Jun 2024 00:09:31 GMT
pragma: no-cache
server: Parking/1.0
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_1VzskZGdC1WCUz16FX/R8+0qCQiG+dIzJiVQM2zPcqyhT3MIk67eeynRFmAI3nNYFScwvxQdC6t/I4TXGSozFQ==
x-cache-miss-from: parking-6887b75b49-xxw28

GET
H3 200 caf.js Show response
www.google.com/adsense/domains/ 186 KB
72 KB 133ms
49ms Script
text/javascript 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true

Requested by

Host: datingsphere.top
URL: https://datingsphere.top/18plus/?u=mhwp605&o=f3t0mvz&t=rodat3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

sffe /

Resource Hash

1ad2be5d27783ef809fe3c6152bb4a1f64078da2ac4a1d23ed1582776b3cb8be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://datingsphere.top/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 00:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "950375218266117542"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://syndicatedsearch.goog>; rel="preconnect"
expires: Mon, 17 Jun 2024 00:09:32 GMT

GET
H2 200 arrows.png
img.sedoparking.com/templates/bg/ 12 KB
13 KB 74ms
21ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sedoparking.com/templates/bg/arrows.png
Requested by: Host: datingsphere.top
URL: https://datingsphere.top/18plus/?u=mhwp605&o=f3t0mvz&t=rodat3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 3059fbd6cd3550047483dca4071c93e5cf4cc79ce8bafc4388166fbc5279644b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://datingsphere.top/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 00:09:32 GMT
x-cf-tsc: 1688391041
x-cf3: H
cf4ttl: 31536000.000
x-cf1: 11696:fD.waw1:cf:nom:cacheN.waw1-01:H
x-cf-reqid: 93399a681206501ef7770175d7d27a93
content-length: 12642
x-cf2: H
last-modified: Mon, 11 Oct 2021 05:39:44 GMT
server: CFS 1124
x-cff: B
content-type: image/png
access-control-allow-origin: *
x-cfhash: "6dc0bad9aa452ff871b282dabd47131e"
cache-control: max-age=604800
cf4age: 0
accept-ranges: bytes
x-cf-rand: 25.925
expires: Mon, 24 Jun 2024 00:09:32 GMT

GET
H2 200 NameSiloLogo.png
img.sedoparking.com/templates/bg/ 30 KB
30 KB 75ms
22ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sedoparking.com/templates/bg/NameSiloLogo.png
Requested by: Host: datingsphere.top
URL: https://datingsphere.top/18plus/?u=mhwp605&o=f3t0mvz&t=rodat3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 4bbc784f1808bf25b1be7a0309b9e0b7ccd2c48e77ddcb270b67f18c7af55d9f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://datingsphere.top/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 00:09:32 GMT
x-cf-tsc: 1711092084
x-cf3: H
cf4ttl: 29723652.000
x-cf1: 11696:fD.waw1:nom:cacheN.waw1-01:H
x-cf-reqid: 243e0764015159593f532acea83852f7
content-length: 30661
x-cf2: H
last-modified: Mon, 27 Feb 2023 08:54:36 GMT
server: CFS 1124
x-cff: B
content-type: image/png
access-control-allow-origin: *
cf4age: 1812348
accept-ranges: bytes
x-cf-rand: 52.005

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 386 B
268 B 88ms
43ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=datingsphere.top&client=dp-sedo85_3ph&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6ee76f015b2c24a7152782eb186c4cb8a87c3cebbbbc22af5ac70cfe5a1821a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://datingsphere.top/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 00:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 iframe.html
syndicatedsearch.goog/afs/ads/i/ Frame E9B0 0
0 434ms
43ms Document
text/html 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://syndicatedsearch.goog/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-0u2YGeYMaCi4Mvska0Fh2Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: pl-PL,pl;q=0.9;q=0.9
Referer: https://datingsphere.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 726
content-security-policy: script-src 'nonce-0u2YGeYMaCi4Mvska0Fh2Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jun 2024 00:09:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 12 Mar 2024 06:00:00 GMT
pragma: no-cache
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads
syndicatedsearch.goog/afs/ Frame 7E2D 0
0 488ms
109ms Document
text/html 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=9330244380&channel=exp-0051%2Cauxa-control-1%2C35961519&client=dp-sedo85_3ph&r=m&hl=pl&ivt=0&rpbu=https%3A%2F%2Fdatingsphere.top%2Fcaf%2F%3Fses%3DY3JlPTE3MTg1ODI5NzEmdGNpZD1kYXRpbmdzcGhlcmUudG9wNjY2ZjdlYmJlZjFmMzQuMTAyMjIzOTMmdGFzaz1zZWFyY2gmZG9tYWluPWRhdGluZ3NwaGVyZS50b3AmYV9pZD0zJnNlc3Npb249OExXY09lc2RXR3FZSmV4LXo0MFg%3D&type=3&uiopt=false&swp=as-drid-2249301175844733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266&client_gdprApplies=1&format=r3%7Cs&nocache=5731718582972242&num=0&output=afd_ads&domain_name=datingsphere.top&v=3&bsl=8&pac=0&u_his=2&u_tz=120&dt=1718582972256&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=985&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&nfp=1&jsv=641883529&rurl=https%3A%2F%2Fdatingsphere.top%2F18plus%2F%3Fu%3Dmhwp605%26o%3Df3t0mvz%26t%3Drodat3&referer=https%3A%2F%2Fjibou22.zestawypremium.pl%2F

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

gws /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-iG7beMCZnKORn-SE7Lrtyw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Accept-Language: pl-PL,pl;q=0.9;q=0.9
Referer: https://datingsphere.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 3018
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-iG7beMCZnKORn-SE7Lrtyw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Mon, 17 Jun 2024 00:09:32 GMT
expires: Mon, 17 Jun 2024 00:09:32 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H2 200 tsc.php Show response
datingsphere.top/search/ 0
37 B 49ms
49ms XHR
text/html 91.195.240.123
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datingsphere.top/search/tsc.php?200=NTc5ODg2MjA4&21=MTQ2LjcwLjg1LjE3NQ==&681=MTcxODU4Mjk3MWM3YjYxYjZjYmU4NmY5MTdiN2E1M2YzMjlkMTc4MTlm&crc=b036637b01fa00060805cab9b08064e89c4fa1b9&cv=1
Requested by: Host: datingsphere.top
URL: https://datingsphere.top/18plus/?u=mhwp605&o=f3t0mvz&t=rodat3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.195.240.123 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://datingsphere.top/18plus/?u=mhwp605&o=f3t0mvz&t=rodat3
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 00:09:32 GMT
x-cache-miss-from: parking-6887b75b49-xqwnz
server: Parking/1.0
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 sedo_logo.png
img.sedoparking.com/templates/logos/ 15 KB
15 KB 22ms
21ms Other
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sedoparking.com/templates/logos/sedo_logo.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://datingsphere.top/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 00:09:32 GMT
x-cf-tsc: 1702133682
x-cf3: H
cf4ttl: 30844582.000
x-cf1: 11696:fD.waw1:cf:nom:cacheN.waw1-01:H
x-cf-reqid: a2eb2ea6ddf30e54b38dd9b1580213cc
content-length: 15086
x-cf2: H
last-modified: Mon, 11 Jan 2021 07:44:34 GMT
server: CFS 1124
x-cff: B
content-type: image/png
access-control-allow-origin: *
x-cfhash: "def00c11b1596db4efee6a9fbe64fc27"
cache-control: max-age=604800
cf4age: 691417
accept-ranges: bytes
expires: Mon, 24 Jun 2024 00:09:32 GMT

GET
H2 204 gen_204
syndicatedsearch.goog/afs/ 0
212 B 433ms
53ms Image
text/html 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=ct32uc1sasdk&aqid=vH5vZtiaKpiojuwPpZGB0AE&psid=9330244380&pbt=bs&adbx=513.328125&adby=134.625&adbh=650&adbw=573&adbah=178%2C226%2C226&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=641883529&csala=18%7C0%7C499%7C108%7C16&lle=0&ifv=1&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-PDQktHtq-OxSfzbqsKfb-A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://datingsphere.top/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-PDQktHtq-OxSfzbqsKfb-A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Mon, 17 Jun 2024 00:09:34 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 gen_204
syndicatedsearch.goog/afs/ 0
509 B 432ms
53ms Image
text/html 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=qjdync9xrnmi&aqid=vH5vZtiaKpiojuwPpZGB0AE&pbt=bs&adbx=650&adby=807.625&adbh=16&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=641883529&csala=4%7C0%7C513%7C108%7C16&lle=0&ifv=1&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-OZuOGy3Jed2-6bnjSxNH9A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://datingsphere.top/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-OZuOGy3Jed2-6bnjSxNH9A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Mon, 17 Jun 2024 00:09:34 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 gen_204
syndicatedsearch.goog/afs/ 0
210 B 55ms
53ms Image
text/html 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=v3fehplz9zv&aqid=vH5vZtiaKpiojuwPpZGB0AE&psid=9330244380&pbt=bv&adbx=513.328125&adby=134.625&adbh=650&adbw=573&adbah=178%2C226%2C226&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=641883529&csala=18%7C0%7C499%7C108%7C16&lle=0&ifv=1&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-JALsX4B3X2tHvau2ciw5Mg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://datingsphere.top/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-JALsX4B3X2tHvau2ciw5Mg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Mon, 17 Jun 2024 00:09:34 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 gen_204
syndicatedsearch.goog/afs/ 0
211 B 52ms
52ms Image
text/html 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=5ineu6ii8erc&aqid=vH5vZtiaKpiojuwPpZGB0AE&pbt=bv&adbx=650&adby=807.625&adbh=16&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=641883529&csala=4%7C0%7C513%7C108%7C16&lle=0&ifv=1&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-vZBJ1_SQalrvKdndeMM8cg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://datingsphere.top/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-vZBJ1_SQalrvKdndeMM8cg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Mon, 17 Jun 2024 00:09:34 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: baxagenturen.nl
URL: https://baxagenturen.nl/jpg/1288819867.jpg

Domain: baxagenturen.nl
URL: https://baxagenturen.nl/jpg/3113734671.jpg

Domain: carteamea.ro
URL: https://carteamea.ro/wp-content/uploads/2016/02/la-drum-cu-matusa-mea-353x600.jpg

Domain: 1.bp.blogspot.com
URL: https://1.bp.blogspot.com/-EBq5eoKmW0Y/T-MRwIIEE5I/AAAAAAAAAnY/NZSZb4YVCXw/s1600/fullsizephoto1332e69.jpg

Domain: intermedian.nl
URL: https://intermedian.nl/pics/2500871498.jpg

Domain: pepijnloop.nl
URL: https://pepijnloop.nl/img/2975537143.jpg

Domain: blabla-geboorte.be
URL: https://blabla-geboorte.be/photos/3959756559.jpg

Domain: img-egc.xvideos-cdn.com
URL: https://img-egc.xvideos-cdn.com/videos/thumbslll/eb/85/fc/eb85fc949dfbd51f152e5fd9d44fdf77/eb85fc949dfbd51f152e5fd9d44fdf77.6.jpg

Domain: www.youtube.com
URL: https://www.youtube.com/embed/w3wrm3_gXvs?feature=oembed

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-21 06:08:27	Name: FTID Value: 1cRtwx1fVE8p1cRtwx002Vyb
.yadro.ru/	1970-01-21 06:08:27	Name: VID Value: 3I8DVj3FQG8p1cRtwx0025vd
.datingsphere.top/	1970-01-21 06:44:38	Name: __gsas Value: ID=cae5dcf5546f9c47:T=1718582972:RT=1718582972:S=ALNI_MYtBTuzmxzGWlSvoivLNMlapJqfrQ

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://jibou22.zestawypremium.pl/ Message: Mixed Content: The page at 'https://jibou22.zestawypremium.pl/' was loaded over HTTPS, but requested an insecure element 'http://marinbadea.ro/wp-content/uploads/2015/11/baba.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://jibou22.zestawypremium.pl/ Message: Mixed Content: The page at 'https://jibou22.zestawypremium.pl/' was loaded over HTTPS, but requested an insecure element 'http://carteamea.ro/wp-content/uploads/2016/02/la-drum-cu-matusa-mea-353x600.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://pepijnloop.nl/img/2975537143.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://blabla-geboorte.be/photos/3959756559.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://jibou22.zestawypremium.pl/(Line 1029) Message: Mixed Content: The page at 'https://jibou22.zestawypremium.pl/' was loaded over HTTPS, but requested an insecure element 'http://marinbadea.ro/wp-content/uploads/2015/11/baba.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://jibou22.zestawypremium.pl/(Line 1029) Message: Mixed Content: The page at 'https://jibou22.zestawypremium.pl/' was loaded over HTTPS, but requested an insecure element 'http://carteamea.ro/wp-content/uploads/2016/02/la-drum-cu-matusa-mea-353x600.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://jibou22.zestawypremium.pl/wsplfgs.gif?ref=&url=https%3A//jibou22.zestawypremium.pl/&scr=1600x1200&q=1718582971&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&0.14374203699105514 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
baxagenturen.nl
blabla-geboorte.be
carteamea.ro
cdn.mediacx.com
counter.yadro.ru
datingsphere.top
fonts.googleapis.com
img-egc.xvideos-cdn.com
img.sedoparking.com
informatiaonline.ro
intermedian.nl
jibou22.zestawypremium.pl
marinbadea.ro
partner.googleadservices.com
pepijnloop.nl
scms.machteamsoft.ro
syndicatedsearch.goog
www.google.com
www.stiridecluj.ro
www.youtube.com
1.bp.blogspot.com
baxagenturen.nl
blabla-geboorte.be
carteamea.ro
img-egc.xvideos-cdn.com
intermedian.nl
pepijnloop.nl
www.youtube.com
142.250.185.110
142.250.185.228
142.250.186.106
142.250.186.98
172.67.161.75
188.114.96.3
188.114.97.3
205.234.175.175
88.212.201.204
89.36.133.80
89.42.218.87
89.45.197.162
91.195.240.123
1ad2be5d27783ef809fe3c6152bb4a1f64078da2ac4a1d23ed1582776b3cb8be
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25e2baac158626e56fe106d8b9dc922627dcb4bc520d5fab2314ec7904a7ffd6
3059fbd6cd3550047483dca4071c93e5cf4cc79ce8bafc4388166fbc5279644b
4bbc784f1808bf25b1be7a0309b9e0b7ccd2c48e77ddcb270b67f18c7af55d9f
6ee76f015b2c24a7152782eb186c4cb8a87c3cebbbbc22af5ac70cfe5a1821a5
82cde0d36b50b5b9539f8e38c752250c0b5b51987b10fa0f9365a2afef6c2e2c
8a0feb382c4e6a422bce75eb0f332c4e9fc7a8fb0907ef7921b34759c61020bb
95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4
961cd9c8097d3f2548297cd24f1fbbac3998225fc080e9e3d7188462f60038a7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
aaf31cbd530e83381191f78f463084df389e802f5acdd3bf4331f749daf9f090
ae07b3f9ec762343cd9b5be9887cebba586c322b98d2a75cfed57046addc8e62
c227983d8255446f3c3e1cb66f905685eb1e09948fedc5e53045f71790637c7e
c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586
d3df15ffdd57dd0289f4571732a235445c103d8edbc99ed542b4e09e5297b5cb
dc8dc4df3d06d6d46bcd84c98679cadecdcefbe81eeff03548d113cb0f6fda50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

datingsphere.top Open in urlscan Pro 91.195.240.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

71 %HTTPS

0 %IPv6

21 Domains

21 Subdomains

14 IPs

5 Countries

569 kBTransfer

725 kBSize

3 Cookies

3 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

3 Cookies

datingsphere.top Open in urlscan Pro
91.195.240.123 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

71 %
HTTPS

0 %
IPv6

21
Domains

21
Subdomains

14
IPs

5
Countries

569 kB
Transfer

725 kB
Size

3
Cookies

34 HTTP transactions
1 data transactions