ameliadreams.com Open in urlscan Pro
172.67.203.58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.www.xnx.dog/
Effective URL:
https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12...
Submission: On December 28 via api (December 28th 2024, 7:45:23 am UTC) from US — Scanned from CA

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 28 domains to perform 54 HTTP transactions. The main IP is 172.67.203.58, located in United States and belongs to CLOUDFLARENET, US. The main domain is ameliadreams.com.
TLS certificate: Issued by WE1 on November 24th 2024. Valid for: 3 months.

This is the only time ameliadreams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2600:3c00::f0... 2600:3c00::f03c:94ff:fe10:f38	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	173.194.66.147 173.194.66.147	15169 (GOOGLE) (GOOGLE)
1	172.217.197.155 172.217.197.155	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c04::8b	15169 (GOOGLE) (GOOGLE)
1 1	3.167.99.64 3.167.99.64	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:9000:28a... 2600:9000:28a6:f400:7:411:6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:9000:250... 2600:9000:250a:800:12:673e:19c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	34.236.83.126 34.236.83.126	14618 (AMAZON-AES) (AMAZON-AES)
1 1	172.67.176.184 172.67.176.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2606:4700:20:... 2606:4700:20::ac43:4bfc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.197.110 172.67.197.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	172.67.203.58 172.67.203.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6ea0:e20... 2a02:6ea0:e200::17	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
7	185.59.223.192 185.59.223.192	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
54	15

6 2600:3c00::f03c:94ff:fe10:f38 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

www.www.xnx.dog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.66.147 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.197.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f155.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::8b (Morganton, United States)

ASN15169 (GOOGLE, US)

syndicatedsearch.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.99.64 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-167-99-64.iad55.r.cloudfront.net

t.ajrkm.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:28a6:f400:7:411:6c0:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

a.vfghc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:250a:800:12:673e:19c0:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

a.avlm3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.236.83.126 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-126.compute-1.amazonaws.com

s.sloffer1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.176.184 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bestdate.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:4bfc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dategen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.197.110 (United States)

ASN13335 (CLOUDFLARENET, US)

svntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.67.203.58 (United States)

ASN13335 (CLOUDFLARENET, US)

ameliadreams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:e200::17 (Ashburn, United States)

ASN60068 (CDN77 Datacamp Limited, GB)

a.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX YANDEX LLC, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.59.223.192 (New York, United States)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-185-59-223-192.cdn77.com

s.ds3jbr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.magsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.opoxv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.orbsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.pemsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.zlinkp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	ameliadreams.com ameliadreams.com	486 KB
6	xnx.dog www.www.xnx.dog	26 KB
5	dategen.com 1 redirects dategen.com	10 KB
4	yandex.com mc.yandex.com — Cisco Umbrella Rank: 9443 Failed	3 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3370	40 KB
2	svntrk.com svntrk.com	4 KB
2	avlm3.com 2 redirects a.avlm3.com — Cisco Umbrella Rank: 450642	1 KB
2	vfghc.com 2 redirects a.vfghc.com	1 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 265	974 B
1	zlinkp.com s.zlinkp.com — Cisco Umbrella Rank: 98097	173 B
1	realsrv.com syndication.realsrv.com — Cisco Umbrella Rank: 40688	173 B
1	pemsrv.com s.pemsrv.com — Cisco Umbrella Rank: 29726	173 B
1	orbsrv.com s.orbsrv.com — Cisco Umbrella Rank: 13683	173 B
1	opoxv.com s.opoxv.com — Cisco Umbrella Rank: 55153	173 B
1	magsrv.com s.magsrv.com — Cisco Umbrella Rank: 13240	173 B
1	ds3jbr.com s.ds3jbr.com	173 B
1	yandex.ru mc.yandex.ru — Cisco Umbrella Rank: 4577	76 KB
1	exoclick.com a.exoclick.com — Cisco Umbrella Rank: 107472	928 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	7 KB
1	bestdate.vip 1 redirects bestdate.vip	803 B
1	sloffer1.com 1 redirects s.sloffer1.com — Cisco Umbrella Rank: 512692	2 KB
1	ajrkm.link 1 redirects t.ajrkm.link — Cisco Umbrella Rank: 987655	2 KB
1	syndicatedsearch.goog syndicatedsearch.goog — Cisco Umbrella Rank: 3335
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 5439	260 B
1	google.com www.google.com — Cisco Umbrella Rank: 3 accounts.google.com — Cisco Umbrella Rank: 17 Failed lh3.google.com Failed	52 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 623	33 KB
0	facebook.com Failed www.facebook.com Failed
0	instagram.com Failed www.instagram.com Failed
54	28

	Domain	Requested by
14	ameliadreams.com	ameliadreams.com
6	www.www.xnx.dog	www.www.xnx.dog
5	dategen.com	1 redirects www.www.xnx.dog dategen.com
4	mc.yandex.com	ameliadreams.com mc.yandex.ru
2	stackpath.bootstrapcdn.com	ameliadreams.com
2	svntrk.com	dategen.com ameliadreams.com
2	a.avlm3.com	2 redirects
2	a.vfghc.com	2 redirects
2	bam.nr-data.net	www.www.xnx.dog
1	s.zlinkp.com	ameliadreams.com
1	syndication.realsrv.com	ameliadreams.com
1	s.pemsrv.com	ameliadreams.com
1	s.orbsrv.com	ameliadreams.com
1	s.opoxv.com	ameliadreams.com
1	s.magsrv.com	ameliadreams.com
1	s.ds3jbr.com	ameliadreams.com
1	mc.yandex.ru	ameliadreams.com
1	a.exoclick.com	ameliadreams.com
1	cdnjs.cloudflare.com	ameliadreams.com
1	bestdate.vip	1 redirects
1	s.sloffer1.com	1 redirects
1	t.ajrkm.link	1 redirects
1	syndicatedsearch.goog	www.www.xnx.dog
1	partner.googleadservices.com	www.www.xnx.dog
1	www.google.com	www.www.xnx.dog
1	js-agent.newrelic.com	www.www.xnx.dog
0	lh3.google.com Failed
0	accounts.google.com Failed	ameliadreams.com
0	www.facebook.com Failed	ameliadreams.com
0	www.instagram.com Failed	ameliadreams.com
54	30

This site contains no links.

Subject Issuer	Validity	Valid
*.mytrafficmanagement.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-12` - `2025-08-12`	a year	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.googleadservices.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
syndicatedsearch.goog WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
dategen.com WE1	`2024-12-21` - `2025-03-21`	3 months	crt.sh
svntrk.com E5	`2024-11-26` - `2025-02-24`	3 months	crt.sh
ameliadreams.com WE1	`2024-11-24` - `2025-02-22`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
exoclick.com E6	`2024-12-21` - `2025-03-21`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-10-20` - `2025-04-01`	5 months	crt.sh
ds3jbr.com E5	`2024-11-13` - `2025-02-11`	3 months	crt.sh
magsrv.com E6	`2024-11-13` - `2025-02-11`	3 months	crt.sh
opoxv.com E5	`2024-11-13` - `2025-02-11`	3 months	crt.sh
orbsrv.com E6	`2024-11-13` - `2025-02-11`	3 months	crt.sh
pemsrv.com E6	`2024-11-13` - `2025-02-11`	3 months	crt.sh
realsrv.com E5	`2024-11-13` - `2025-02-11`	3 months	crt.sh
zlinkp.com E6	`2024-12-21` - `2025-03-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Frame ID: 612524C6055B61BAF80C03C888CE92C2
Requests: 50 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=7637993503&pcsa=false&channel=ch1&domain_name=xnx.dog&client=dp-giantpanda_3ph&r=m&hl=en&ivt=1&rpbu=https%3A%2F%2Fwww.www.xnx.dog%2F%3Fafd%3D1&max_radlink_len=50&type=3&swp=as-drid-2439608017877166&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301266%2C72717108&format=r3&nocache=6421735371917640&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=1&u_tz=-480&dt=1735371917641&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=704712957&rurl=https%3A%2F%2Fwww.www.xnx.dog%2F
Frame ID: D726EC198BFEDA5EB6014E445698F9FA
Requests: 1 HTTP requests in this frame

Frame: https://dategen.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: 1AF09DF004D7C011EE43663B884DF084
Requests: 2 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 303A9701268EF8D6DAC10C68141576B2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amelia Dreams

Page URL History Show full URLs

https://www.www.xnx.dog/ Page URL
https://t.ajrkm.link/69881/3788/0?source=xnx.dog&aff_sub=6293ada6-666a-492a-aae1-e80728bb2400&bo=... HTTP 303
https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275?subID1=6293ada6-666a-492a-aae1-e80728bb... HTTP 307
https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275/2?subID1=6293ada6-666a-492a-aae1-e80728... HTTP 302
https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559?aff_sub4=_bucket&subID1=6293ada6-666a-4... HTTP 307
https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559/2?aff_sub4=_bucket&subID1=6293ada6-666a... HTTP 302
https://s.sloffer1.com/329742/7189/?aff_sub4=_bucket&aff_sub=7a69ed14-74be-4d89-8023-9fb123c84b9f&a... HTTP 303
https://bestdate.vip/?offer=3356&uid=0cee7a18-0904-49d1-bf82-d0b9c24b3e89&subid=102389415090bb87a... HTTP 302
https://dategen.com/lbc?s1=ad_bsa&oid=9177&s3=128&s2=BSA42790ef75c0939dcc08bfa324356de5c&s4=3297... Page URL
https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_6... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

72 %
HTTPS

42 %
IPv6

28
Domains

30
Subdomains

15
IPs

3
Countries

737 kB
Transfer

1424 kB
Size

40
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.www.xnx.dog/ Page URL
https://t.ajrkm.link/69881/3788/0?source=xnx.dog&aff_sub=6293ada6-666a-492a-aae1-e80728bb2400&bo=3471,3472,3473,3474,3475&target=domainredirects&po=6456&aff_sub5=SF_006OG000004lmDN HTTP 303
https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275?subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=102bdd2ba0bd53ebf68edbff68774a&subID2=69881&aff_click_id=102bdd2ba0bd53ebf68edbff68774a&affsource=xnx.dog&bo=3471%2C3472%2C3473%2C3474%2C3475 HTTP 307
https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275/2?subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=102bdd2ba0bd53ebf68edbff68774a&subID2=69881&aff_click_id=102bdd2ba0bd53ebf68edbff68774a&affsource=xnx.dog&bo=3471%2C3472%2C3473%2C3474%2C3475 HTTP 302
https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559?aff_sub4=_bucket&subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=329742&source=102bdd2ba0bd53ebf68edbff68774a&subID2=69881&target=&Site=&Bnr=&cid=w81u2vg4msau0fk63t47q325&email=&source=69881_xnx.dog&aff_unique4=vlma HTTP 307
https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559/2?aff_sub4=_bucket&subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=329742&source=102bdd2ba0bd53ebf68edbff68774a&subID2=69881&target=&Site=&Bnr=&cid=w81u2vg4msau0fk63t47q325&email=&source=69881_xnx.dog&aff_unique4=vlma HTTP 302
https://s.sloffer1.com/329742/7189/?aff_sub4=_bucket&aff_sub=7a69ed14-74be-4d89-8023-9fb123c84b9f&aff_sub2=69881&aff_sub3=w588eoofojkiofk6jd6n3rr0&aff_click_id=102bdd2ba0bd53ebf68edbff68774a&bo=2753,2754,2755,2756&aff_sub5=_&aff_sub4=_bucket&source=69881_&aff_unique4=vlma HTTP 303
https://bestdate.vip/?offer=3356&uid=0cee7a18-0904-49d1-bf82-d0b9c24b3e89&subid=102389415090bb87ac982b4b5e1b10&subid2=329742&subid3=69881_&utm_source=329742_69881_&bo=2753%2C2754%2C2755%2C2756 HTTP 302
https://dategen.com/lbc?s1=ad_bsa&oid=9177&s3=128&s2=BSA42790ef75c0939dcc08bfa324356de5c&s4=329742_69881_&lb=1 Page URL
https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://t.ajrkm.link/69881/3788/0?source=xnx.dog&aff_sub=6293ada6-666a-492a-aae1-e80728bb2400&bo=3471,3472,3473,3474,3475&target=domainredirects&po=6456&aff_sub5=SF_006OG000004lmDN HTTP 303
https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275?subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=102bdd2ba0bd53ebf68edbff68774a&subID2=69881&aff_click_id=102bdd2ba0bd53ebf68edbff68774a&affsource=xnx.dog&bo=3471%2C3472%2C3473%2C3474%2C3475 HTTP 307
https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275/2?subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=102bdd2ba0bd53ebf68edbff68774a&subID2=69881&aff_click_id=102bdd2ba0bd53ebf68edbff68774a&affsource=xnx.dog&bo=3471%2C3472%2C3473%2C3474%2C3475 HTTP 302
https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559?aff_sub4=_bucket&subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=329742&source=102bdd2ba0bd53ebf68edbff68774a&subID2=69881&target=&Site=&Bnr=&cid=w81u2vg4msau0fk63t47q325&email=&source=69881_xnx.dog&aff_unique4=vlma HTTP 307
https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559/2?aff_sub4=_bucket&subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=329742&source=102bdd2ba0bd53ebf68edbff68774a&subID2=69881&target=&Site=&Bnr=&cid=w81u2vg4msau0fk63t47q325&email=&source=69881_xnx.dog&aff_unique4=vlma HTTP 302
https://s.sloffer1.com/329742/7189/?aff_sub4=_bucket&aff_sub=7a69ed14-74be-4d89-8023-9fb123c84b9f&aff_sub2=69881&aff_sub3=w588eoofojkiofk6jd6n3rr0&aff_click_id=102bdd2ba0bd53ebf68edbff68774a&bo=2753,2754,2755,2756&aff_sub5=_&aff_sub4=_bucket&source=69881_&aff_unique4=vlma HTTP 303
https://bestdate.vip/?offer=3356&uid=0cee7a18-0904-49d1-bf82-d0b9c24b3e89&subid=102389415090bb87ac982b4b5e1b10&subid2=329742&subid3=69881_&utm_source=329742_69881_&bo=2753%2C2754%2C2755%2C2756 HTTP 302
https://dategen.com/lbc?s1=ad_bsa&oid=9177&s3=128&s2=BSA42790ef75c0939dcc08bfa324356de5c&s4=329742_69881_&lb=1

Request Chain 14

https://dategen.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://dategen.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

Request Chain 38

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=de&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=de&passive=true&service=youtube&uilel=3&ifkv=AeZLP99x6JwK1RivMkQYKpvMryrXmuy9bOSPxhP4h6fjACgQQFlRreJN6f8BYo7aFXaI60xCNPt5Mg HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=de&ifkv=AeZLP98I09nm4_ZYWJO-MpzxzBmu65rYbV4od9Kj_I4Bf54HubpZDkX3w3CHhAASg1AN-uX6-t5PdA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S84322489%3A1735371920606019&ddm=1

Request Chain 46

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10608.7b2FgL0FNESV_KK0UBTrZbDDagiYqltedip8nmlRiF3Ut45rhPGBc5yjPEQpJGVM.RlFPsKRhcQhR_mu9yB9d8AZb4Tc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10608.a05ApvgiyHsl9qlXuEFz1rxojZmlIqfNO0NEu-T2SEKSS8XrEPvCS1pmVQdmaTMBoc2GQtoNQje1a7VM3rKvvkIFw8ULtkap7V5uG3HRaQx5DCsAfRb7hVQpaZ7i38LBf8vEK7nDsGI7XSq0wZFjJfK0d71eDYAKE1XiKL1YZZAoQViWCUbUtq0mKd2CDXbx4q-JGEjo3GmFMtDBWn-Aura7LydgxORiTzWeJps4PZc%2C.kp8CjzJV7i4qsASzpOjME6pjtbQ%2C

Request Chain 51

https://mc.yandex.com/watch/54294354?wmode=7&page-url=https%3A%2F%2Fameliadreams.com%2Flanding2%3Fs1%3Dad_bsa%26s2%3DBSA42790ef75c0939dcc08bfa324356de5c%26s3%3D128%26s4%3D329742_69881_%26s5%3D%26lbcid%3Deb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224%26lb%3D1%26bt%3D2%26oid%3D9177%26r%3D%26ph%3Dcd810224654353ec4af47cf4fc09b718%26vd%3DeyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ%3D%3D&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A751655149904%3Ahid%3A1034393348%3Az%3A-480%3Ai%3A20241227234521%3Aet%3A1735371921%3Ac%3A1%3Arn%3A183372890%3Arqn%3A1%3Au%3A173537192178048877%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A379%3Awv%3A2%3Ads%3A60%2C33%2C122%2C3%2C3%2C0%2C%2C554%2C0%2C%2C%2C%2C778%3Aco%3A0%3Acpf%3A1%3Ans%3A1735371919609%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735371922%3At%3AAmelia%20Dreams&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
https://mc.yandex.com/watch/54294354/1?wmode=7&page-url=https%3A%2F%2Fameliadreams.com%2Flanding2%3Fs1%3Dad_bsa%26s2%3DBSA42790ef75c0939dcc08bfa324356de5c%26s3%3D128%26s4%3D329742_69881_%26s5%3D%26lbcid%3Deb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224%26lb%3D1%26bt%3D2%26oid%3D9177%26r%3D%26ph%3Dcd810224654353ec4af47cf4fc09b718%26vd%3DeyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ%3D%3D&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A751655149904%3Ahid%3A1034393348%3Az%3A-480%3Ai%3A20241227234521%3Aet%3A1735371921%3Ac%3A1%3Arn%3A183372890%3Arqn%3A1%3Au%3A173537192178048877%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A379%3Awv%3A2%3Ads%3A60%2C33%2C122%2C3%2C3%2C0%2C%2C554%2C0%2C%2C%2C%2C778%3Aco%3A0%3Acpf%3A1%3Ans%3A1735371919609%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735371922%3At%3AAmelia%20Dreams&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.www.xnx.dog/ 2 KB
1 KB 408ms
55ms Document
text/html 2600:3c00::f03c:94ff:fe10:f38
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.www.xnx.dog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:3c00::f03c:94ff:fe10:f38 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: openresty/1.25.3.2 /
Resource Hash: 8c88ee7c40a98d8410f9c0d0fa1b151bcf0e18ac2d11f6aff210ee00cfc99317

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Sat, 28 Dec 2024 07:45:17 GMT
server: openresty/1.25.3.2
vary: Accept-Encoding

GET
H2 200 nrb.js Show response
www.www.xnx.dog/_static/ 57 KB
19 KB 112ms
112ms Script
text/javascript 2600:3c00::f03c:94ff:fe10:f38
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.www.xnx.dog/_static/nrb.js

Requested by

Host: www.www.xnx.dog
URL: https://www.www.xnx.dog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:3c00::f03c:94ff:fe10:f38 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

openresty/1.25.3.2 /

Resource Hash

9a9622bf899b7d4a0e3e56f1051aeb09114f1d19cebd4e4b2e6f498d1283b687

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.www.xnx.dog/

Response headers

strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
etag: W/"673b7c1c-e308"
date: Sat, 28 Dec 2024 07:45:17 GMT
content-type: text/javascript
last-modified: Mon, 18 Nov 2024 17:40:44 GMT
server: openresty/1.25.3.2
vary: Accept-Encoding

GET
H2 200 deliver.js Show response
www.www.xnx.dog/_static/ 15 KB
4 KB 112ms
112ms Script
text/javascript 2600:3c00::f03c:94ff:fe10:f38
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.www.xnx.dog/_static/deliver.js

Requested by

Host: www.www.xnx.dog
URL: https://www.www.xnx.dog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:3c00::f03c:94ff:fe10:f38 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

openresty/1.25.3.2 /

Resource Hash

f5aa178612191d9d889844a8ff490e4b40ccde38d959c8f5bb648521d0a21b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.www.xnx.dog/

Response headers

strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
etag: W/"67630bce-3d90"
date: Sat, 28 Dec 2024 07:45:17 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:52:14 GMT
server: openresty/1.25.3.2
vary: Accept-Encoding

POST
H2 200 _d Show response
www.www.xnx.dog/ 692 B
574 B 91ms
91ms Fetch
application/json 2600:3c00::f03c:94ff:fe10:f38
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.www.xnx.dog/_d

Requested by

Host: www.www.xnx.dog
URL: https://www.www.xnx.dog/_static/nrb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:3c00::f03c:94ff:fe10:f38 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

openresty/1.25.3.2 /

Resource Hash

aa2039e333f3f628908eebc320fef33540efe96c4b2ea7b33bdbce4ab1120a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

traceparent: 00-fcb5c4d3838a929839cea1948ea1d773-2e502bf97f629ed5-01
Referer: https://www.www.xnx.dog/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjcwMjEzNSIsImFwIjoiNzE4Mzg3MTMyIiwiaWQiOiIyZTUwMmJmOTdmNjI5ZWQ1IiwidHIiOiJmY2I1YzRkMzgzOGE5Mjk4MzljZWExOTQ4ZWExZDc3MyIsInRpIjoxNzM1MzcxOTE3MzI1fX0=
tracestate: 702135@nr=0-1-702135-718387132-2e502bf97f629ed5----1735371917325

Response headers

strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
date: Sat, 28 Dec 2024 07:45:17 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: openresty/1.25.3.2

GET
H2 200 nr-spa-1.273.0.min.js Show response
js-agent.newrelic.com/ 112 KB
33 KB 65ms
21ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.273.0.min.js

Requested by

Host: www.www.xnx.dog
URL: https://www.www.xnx.dog/_static/nrb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5ae4a818071e118ec992196dcd42ae85ee0e320381140eb59d08ceb416402aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.www.xnx.dog
Referer: https://www.www.xnx.dog/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "38ea02666fda0fcf9ad33eca8b7c5b9c"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 33182
date: Sat, 28 Dec 2024 07:45:17 GMT
last-modified: Mon, 11 Nov 2024 18:20:59 GMT
content-type: application/javascript
x-served-by: cache-yul1970065-YUL
x-cache-hits: 138
vary: Accept-Encoding

POST
H/1.1 200 0d385ba8a0 Show response
bam.nr-data.net/1/ 185 B
632 B 123ms
56ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/0d385ba8a0?a=718387132&sa=1&v=1.273.0&t=Unnamed%20Transaction&rst=781&ck=0&s=ded9f7782ca2eaf4&ref=https://www.www.xnx.dog/&ptid=b22d5d201bcb0875&af=err,spa,xhr,stn,ins&be=408&fe=284&dc=282&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1735371916637,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:108,%22c%22:108,%22s%22:163,%22ce%22:354,%22rq%22:354,%22rp%22:408,%22rpe%22:410,%22di%22:687,%22ds%22:687,%22de%22:690,%22dc%22:690,%22l%22:690,%22le%22:692%7D,%22navigation%22:%7B%7D%7D&fp=700
Requested by: Host: www.www.xnx.dog
URL: https://www.www.xnx.dog/_static/nrb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 98d4465fe27114b18f8908d87749bf0dbcf1e62966b2567fbbaaf13003817894

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.www.xnx.dog/

Response headers

access-control-expose-headers: Date
timing-allow-origin: https://www.www.xnx.dog
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
cross-origin-resource-policy: cross-origin
access-control-allow-origin: https://www.www.xnx.dog
Content-Length: 185
date: Sat, 28 Dec 2024 07:45:17 GMT
content-type: text/plain
x-served-by: cache-nyc-kteb1890088-NYC

GET
H3 200 caf.js Show response
www.google.com/adsense/domains/ 143 KB
52 KB 134ms
42ms Script
text/javascript 173.194.66.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?abp=1&abpgo=true

Requested by

Host: www.www.xnx.dog
URL: https://www.www.xnx.dog/_static/nrb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f147.1e100.net

Software

sffe /

Resource Hash

ead76a185fc8f62dabf641fe4edc4817e277aa7a61b64f496eaf60546e3aae61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.www.xnx.dog/

Response headers

content-encoding: gzip
etag: "6100793551098877849"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 07:45:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 07:45:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
link: <https://syndicatedsearch.goog>; rel="preconnect"
cache-control: private, max-age=3600
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-xss-protection: 0
server: sffe

POST
H/1.1 200 0d385ba8a0 Show response
bam.nr-data.net/events/1/ 24 B
342 B 59ms
58ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/0d385ba8a0?a=718387132&sa=1&v=1.273.0&t=Unnamed%20Transaction&rst=920&ck=0&s=ded9f7782ca2eaf4&ref=https://www.www.xnx.dog/&ptid=b22d5d201bcb0875
Requested by: Host: www.www.xnx.dog
URL: https://www.www.xnx.dog/_static/nrb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.www.xnx.dog/

Response headers

Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin: https://www.www.xnx.dog
Content-Length: 24
date: Sat, 28 Dec 2024 07:45:17 GMT
content-type: image/gif
x-served-by: cache-nyc-kteb1890088-NYC

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 368 B
260 B 90ms
43ms Script
text/javascript 172.217.197.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.www.xnx.dog&client=partner-dp-giantpanda_3ph&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2

Requested by

Host: www.www.xnx.dog
URL: https://www.www.xnx.dog/_static/nrb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f155.1e100.net

Software

cafe /

Resource Hash

47f6c0553432e73bab8c7508f4c7c11d2ebe5dfbbe51cc0b583a10ee5a126c99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.www.xnx.dog/

Response headers

timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 239
date: Sat, 28 Dec 2024 07:45:17 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 ads
syndicatedsearch.goog/afs/ Frame D726 0
0 204ms
125ms Document
text/html 2607:f8b0:400d:c04::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=7637993503&pcsa=false&channel=ch1&domain_name=xnx.dog&client=dp-giantpanda_3ph&r=m&hl=en&ivt=1&rpbu=https%3A%2F%2Fwww.www.xnx.dog%2F%3Fafd%3D1&max_radlink_len=50&type=3&swp=as-drid-2439608017877166&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301266%2C72717108&format=r3&nocache=6421735371917640&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=1&u_tz=-480&dt=1735371917641&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=704712957&rurl=https%3A%2F%2Fwww.www.xnx.dog%2F

Requested by

Host: www.www.xnx.dog
URL: https://www.www.xnx.dog/_static/nrb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-FKqqUaLb40mHoakG7rIRZA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: https://www.www.xnx.dog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 623
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-FKqqUaLb40mHoakG7rIRZA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Sat, 28 Dec 2024 07:45:17 GMT
expires: Sat, 28 Dec 2024 07:45:17 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

POST
H2 200 _e
www.www.xnx.dog/ 20 B
199 B 73ms
59ms Fetch
application/json 2600:3c00::f03c:94ff:fe10:f38
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.www.xnx.dog/_e

Requested by

Host: www.www.xnx.dog
URL: https://www.www.xnx.dog/_static/nrb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:3c00::f03c:94ff:fe10:f38 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

openresty/1.25.3.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

traceparent: 00-451052a1bc14c189e3b9a0eaeb26ef10-fb5434c724a790e4-01
Referer: https://www.www.xnx.dog/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjcwMjEzNSIsImFwIjoiNzE4Mzg3MTMyIiwiaWQiOiJmYjU0MzRjNzI0YTc5MGU0IiwidHIiOiI0NTEwNTJhMWJjMTRjMTg5ZTNiOWEwZWFlYjI2ZWYxMCIsInRpIjoxNzM1MzcxOTE3OTc5fX0=
tracestate: 702135@nr=0-1-702135-718387132-fb5434c724a790e4----1735371917979

Response headers

strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
date: Sat, 28 Dec 2024 07:45:18 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: openresty/1.25.3.2

GET
H2

200

lbc
dategen.com/
Redirect Chain

https://t.ajrkm.link/69881/3788/0?source=xnx.dog&aff_sub=6293ada6-666a-492a-aae1-e80728bb2400&bo=3471,3472,3473,3474,3475&target=domainredirects&po=6456&aff_sub5=SF_006OG000004lmDN
https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275?subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=102bdd2ba0bd53ebf68edbff68774a&subID2=69881&aff_click_id=102bdd2ba0bd53...
https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275/2?subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=102bdd2ba0bd53ebf68edbff68774a&subID2=69881&aff_click_id=102bdd2ba0bd...
https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559?aff_sub4=_bucket&subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=329742&source=102bdd2ba0bd53ebf68edbff68774a&subID2=69881&target=&S...
https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559/2?aff_sub4=_bucket&subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=329742&source=102bdd2ba0bd53ebf68edbff68774a&subID2=69881&target=...
https://s.sloffer1.com/329742/7189/?aff_sub4=_bucket&aff_sub=7a69ed14-74be-4d89-8023-9fb123c84b9f&aff_sub2=69881&aff_sub3=w588eoofojkiofk6jd6n3rr0&aff_click_id=102bdd2ba0bd53ebf68edbff68774a&bo=275...
https://bestdate.vip/?offer=3356&uid=0cee7a18-0904-49d1-bf82-d0b9c24b3e89&subid=102389415090bb87ac982b4b5e1b10&subid2=329742&subid3=69881_&utm_source=329742_69881_&bo=2753%2C2754%2C2755%2C2756
https://dategen.com/lbc?s1=ad_bsa&oid=9177&s3=128&s2=BSA42790ef75c0939dcc08bfa324356de5c&s4=329742_69881_&lb=1

3 KB
2 KB

264ms
142ms

Document
text/html

2606:4700:20::ac43:4bfc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dategen.com/lbc?s1=ad_bsa&oid=9177&s3=128&s2=BSA42790ef75c0939dcc08bfa324356de5c&s4=329742_69881_&lb=1
Requested by: Host: www.www.xnx.dog
URL: https://www.www.xnx.dog/_static/deliver.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.www.xnx.dog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8f8fee1f0deda31b-YUL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 28 Dec 2024 07:45:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TX4xBkDz0yrh0n7nd8novaCCAOjpzCwG%2BYV1k3l0PZQseowo6QhGxfT8zeCxiu%2BrXtEmxWbj5MOBEWWKl9NQ8edUIILmnzvJ5nPEc29ewWCVUhAz9vcuwB0BmiTJNRnhA0uJYGOz2GYt"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=18761&min_rtt=18644&rtt_var=3131&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4334&recv_bytes=2388&delivery_rate=206178&cwnd=253&unsent_bytes=0&cid=ecf54b63c077f572&ts=149&x=0"

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f8fee1cdaf8aad0-YYZ
content-type: text/html; charset=UTF-8
date: Sat, 28 Dec 2024 07:45:19 GMT
location: https://dategen.com/lbc?s1=ad_bsa&oid=9177&s3=128&s2=BSA42790ef75c0939dcc08bfa324356de5c&s4=329742_69881_&lb=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VP8z8aRN5QhXvXgxAVvufHpNj3yh0cloLPUXTmW7iU1TmqGr9E%2FOWhImcLNZ6HCn6KrHSnUozQ1eIhX3hO%2F8gRdwWVHyhmUm%2FnST%2FGNjH1mmxgnbfmOHZBa4MoFsW5o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=25409&min_rtt=25196&rtt_var=4276&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4159&recv_bytes=4621&delivery_rate=554&cwnd=12000&unsent_bytes=0&cid=e0256265d51c800e&ts=242&x=1" cfExtPri cfHdrFlush;dur=0

POST
H2 200 _e
www.www.xnx.dog/ 20 B
199 B 72ms
60ms Fetch
application/json 2600:3c00::f03c:94ff:fe10:f38
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.www.xnx.dog/_e

Requested by

Host: www.www.xnx.dog
URL: https://www.www.xnx.dog/_static/nrb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:3c00::f03c:94ff:fe10:f38 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

openresty/1.25.3.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

traceparent: 00-ce31e0d12520c8476b481185b70471de-a3e51cc73b187482-01
Referer: https://www.www.xnx.dog/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjcwMjEzNSIsImFwIjoiNzE4Mzg3MTMyIiwiaWQiOiJhM2U1MWNjNzNiMTg3NDgyIiwidHIiOiJjZTMxZTBkMTI1MjBjODQ3NmI0ODExODViNzA0NzFkZSIsInRpIjoxNzM1MzcxOTE3OTgwfX0=
tracestate: 702135@nr=0-1-702135-718387132-a3e51cc73b187482----1735371917980

Response headers

strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
date: Sat, 28 Dec 2024 07:45:18 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: openresty/1.25.3.2

GET
H3 200 analytics_d2e_pp.js
svntrk.com/assets/ 7 KB
3 KB 102ms
69ms Script
text/javascript 172.67.197.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://svntrk.com/assets/analytics_d2e_pp.js?r=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&c=ad_bsa&p=128&s=329742_69881_&s2=BSA42790ef75c0939dcc08bfa324356de5c&s5=&lbid=&lb=1&lbcid=&dmn=dategen.com&rot=&bt=2&fwbid=10071706
Requested by: Host: dategen.com
URL: https://dategen.com/lbc?s1=ad_bsa&oid=9177&s3=128&s2=BSA42790ef75c0939dcc08bfa324356de5c&s4=329742_69881_&lb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.197.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YErYx6388EGKgsSM5TPOwZMmLAIiuw5IkljjA52ILjZljs4PoptnOtQ9psJ1PkpksRiehAfgDcFbtEM7EfnWFNIxZCek31hDiccyubST%2BV%2FrA4FYPObed048kP%2Fb"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f8fee206aa7ac93-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25270&min_rtt=25167&rtt_var=5382&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4018&recv_bytes=4440&delivery_rate=23164&cwnd=12000&unsent_bytes=0&cid=c93be7e619a99a2c&ts=74&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2

200

main.js
dategen.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame 1AF0
Redirect Chain

https://dategen.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://dategen.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

9 KB
5 KB

27ms
27ms

Script
application/javascript

2606:4700:20::ac43:4bfc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dategen.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

Requested by

Host: dategen.com
URL: https://dategen.com/lbc?s1=ad_bsa&oid=9177&s3=128&s2=BSA42790ef75c0939dcc08bfa324356de5c&s4=329742_69881_&lb=1

Protocol

Server

2606:4700:20::ac43:4bfc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=enWZbowt0ByZKnqx0ExKEnm7p6Hphn%2Bw2UFexaTzro85JO05CP%2F6GvTO7%2B8GwI1CQ039ebf88l6Dn71hIEGFmxuPlE9fFbAETe8XV8cFHrgEz0SSWlnZ55%2FWjxKzkTdzhwb3L%2FHjeuF%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f8fee207eb7a31b-YUL
server-timing: cfL4;desc="?proto=TCP&rtt=23110&min_rtt=18579&rtt_var=9845&sent=12&recv=17&lost=0&retrans=0&sent_bytes=6835&recv_bytes=2604&delivery_rate=207963&cwnd=257&unsent_bytes=0&cid=ecf54b63c077f572&ts=261&x=0"
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4kZ8VZ47JIAOTyJvD3nPx2v96unQHR7iilhIO9VUV37POh%2Fvaf%2FYLu4o0oV63Xh5XiMThYGSUB4gv2YHSMk4Jwht6Gcglh3qYbGjESovdmhVeBoNP%2BqejX7As%2BJkcFz3KNxrLg2PvKx"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f8fee204ea0a31b-YUL
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=23757&min_rtt=18579&rtt_var=11401&sent=11&recv=15&lost=0&retrans=0&sent_bytes=6286&recv_bytes=2508&delivery_rate=207963&cwnd=257&unsent_bytes=0&cid=ecf54b63c077f572&ts=233&x=0"
content-length: 0
date: Sat, 28 Dec 2024 07:45:19 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 200 8f8fee1f0deda31b
dategen.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 1AF0 0
988 B 51ms
46ms XHR
text/plain 2606:4700:20::ac43:4bfc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dategen.com/cdn-cgi/challenge-platform/h/b/jsd/r/8f8fee1f0deda31b
Requested by: Host: dategen.com
URL: https://dategen.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OiK05uyE8KEsone%2FCqGjC%2BF5vHXlePhkrGVHa9I63XkWAop6tT8De952%2FAzLz0oia7uVTzQMPFRodb4gR3xX8N3Smv%2BBHanDe6vJHlcPzP6c2Pt6K%2BVUxRr3f0eu%2BPrMPOQTaWGNr4W9"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f8fee213f16a31b-YUL
server-timing: cfL4;desc="?proto=TCP&rtt=26293&min_rtt=18579&rtt_var=13967&sent=24&recv=37&lost=0&retrans=0&sent_bytes=11556&recv_bytes=19206&delivery_rate=409729&cwnd=257&unsent_bytes=0&cid=ecf54b63c077f572&ts=407&x=0"
content-length: 0
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H3 200 Primary Request landing2 Show response
ameliadreams.com/ 9 KB
5 KB 217ms
123ms Document
text/html 172.67.203.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 016624b730bb6b3ff68f2a97e135bca60ae9d7c632ea2131471417bbc0d4dc23

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8f8fee2239e2abf1-YYZ
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 28 Dec 2024 07:45:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v0UxNx35jNnNtwuHS309wCzVr2G5AY4zR31VMTiHYocrlOg4nMZTGznhCZ2mteUu5OaknlyAGw2ryLAzzP0BYjRvN8kKejfB3v0IgGrYMnkmstri6wIT6dfeAnvd9EfUTZTH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=25653&min_rtt=25614&rtt_var=4119&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4185&recv_bytes=4689&delivery_rate=551&cwnd=12000&unsent_bytes=0&cid=58f4a05bce358e4c&ts=130&x=1" cfExtPri cfHdrFlush;dur=0
vary: accept-encoding

GET
H2 200 favicon.ico
dategen.com/ 3 KB
2 KB 34ms
34ms Other
image/x-icon 2606:4700:20::ac43:4bfc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dategen.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"6763ffa1-b2e"
age: 1888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oTlzGvx9UO380K%2BycZI%2FOlKKWeqrtQkYqctIfx9Y3GFE3bEqvgUrp7twzs6X7Ki7fJ7U1iwjk2QABqI4kVLjLYjM2EfCGvLnwH%2FCGT%2BZth3oosZXQzke31XbWrFTv0d3OhoYcojFJrrs"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f8fee219f76a31b-YUL
server-timing: cfL4;desc="?proto=TCP&rtt=25351&min_rtt=18579&rtt_var=12359&sent=25&recv=39&lost=0&retrans=0&sent_bytes=12566&recv_bytes=19690&delivery_rate=409729&cwnd=257&unsent_bytes=0&cid=ecf54b63c077f572&ts=453&x=0"
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: image/x-icon
last-modified: Thu, 19 Dec 2024 11:12:33 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
25 KB 70ms
35ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ameliadreams.com
Referer: https://ameliadreams.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
age: 8542696
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 07:45:19 GMT
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 06/26/2024 10:14:06
cdn-requestpullcode: 200
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e4dccfb4c0f6231d7e674a8110d1968a
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8f8fee234b7d36fc-YYZ
access-control-allow-origin: *
cdn-edgestorageid: 940
server: cloudflare
cdn-requestcountrycode: US

GET
H3 200 font-awesome.min.css
ameliadreams.com/bk/css/ 30 KB
8 KB 40ms
34ms Stylesheet
text/css 172.67.203.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ameliadreams.com/bk/css/font-awesome.min.css
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"66a7a817-7918"
age: 1580
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2WYgGrymOgAHDDLijCYz3YB7NgH4MSWx7Xnme40wQi2QKs%2BN6vC7kjB2IjKgAg%2BkNIrMkUpSJ%2FrF7Rqpr88oM8gh104jAFWV8T84ju63OQa%2FrcG2FTxcqzmlyNeagLDS50rJ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25751&min_rtt=25030&rtt_var=1700&sent=19&recv=22&lost=0&retrans=0&sent_bytes=9694&recv_bytes=11862&delivery_rate=219176&cwnd=12000&unsent_bytes=0&cid=58f4a05bce358e4c&ts=181&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: text/css
last-modified: Mon, 29 Jul 2024 14:32:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8fee231a49abf1-YYZ
server: cloudflare

GET
H3 200 main.css
ameliadreams.com/ameliadreams_com/css/ 18 KB
5 KB 40ms
35ms Stylesheet
text/css 172.67.203.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ameliadreams.com/ameliadreams_com/css/main.css
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24c87ef89f254219bd365bcac1254142c686179fa5640518a599e91b6e42259d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"66a7a817-4962"
age: 436
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMIubRP1cXYoC7iioSyCg4QC7pAAPzmS853KsVYhf552F4gA4WynkIrDlG4Stese22f3YpDe8S3X9x%2FTJkckk5U6I%2B8vWWkesW1EbM3s6Rc2Go4R5Rsi3MjJMf4QEJf7j9%2Fh"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25751&min_rtt=25030&rtt_var=1700&sent=27&recv=22&lost=0&retrans=0&sent_bytes=17881&recv_bytes=11862&delivery_rate=219176&cwnd=12000&unsent_bytes=0&cid=58f4a05bce358e4c&ts=181&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: text/css
last-modified: Mon, 29 Jul 2024 14:32:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8fee231a4aabf1-YYZ
server: cloudflare

GET
H3 200 analytics.js Show response
svntrk.com/assets/ 69 B
850 B 113ms
80ms Script
text/javascript 172.67.197.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://svntrk.com/assets/analytics.js?cb=676fac8fc4152
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.197.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 560f0d54044aa8812d2fe17c5fa4624fe6db8dc54ddccf5f11dd9fc766b88d6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/

Response headers

cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aqZ7fEm5gFxiIm2rVaAP31Q%2Fh5coMDrqFbqw%2FOuRRgWN2LvKLfIh4W%2FUcCWFXyw%2FhUwM8ZupDQA8F0VOqxjkS0soKHEDMwWIutlP74HLTew4h56iZsfdu9q5qZjv"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f8fee234ac1aac6-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25235&min_rtt=25189&rtt_var=5357&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4041&recv_bytes=5614&delivery_rate=23104&cwnd=12000&unsent_bytes=0&cid=be7bdbbcf76303ad&ts=85&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i=?0

GET
H3 200 girls_2.png
ameliadreams.com/ameliadreams_com/img/ 269 KB
270 KB 64ms
59ms Image
image/png 172.67.203.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ameliadreams.com/ameliadreams_com/img/girls_2.png
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cb970e569b4778009455be4a931b2c66162991d5903cd2798e7d07446479ac3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==

Response headers

cf-cache-status: HIT
etag: "66a7a817-433f4"
age: 5068
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OA56NtbHJCg3DVHFZHMDaB%2B3DzXwzL3dy37orT8Vppsd5z4MlWz4mphfyeuMiKWpLgd2NgF12nOs9LTTF0WRRSsrpd0T0iA628bQreJ2zu2SGOQ0p8hom7Jqy5phOl0jFdg5"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25751&min_rtt=25030&rtt_var=1700&sent=31&recv=22&lost=0&retrans=0&sent_bytes=21694&recv_bytes=11862&delivery_rate=219176&cwnd=12000&unsent_bytes=0&cid=58f4a05bce358e4c&ts=186&x=1", cfExtPri, cfHdrFlush;dur=20
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: image/png
last-modified: Mon, 29 Jul 2024 14:32:55 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8fee231a4babf1-YYZ
accept-ranges: bytes
content-length: 275444
server: cloudflare

GET
H3 200 pusher_mk2c.js Show response
ameliadreams.com/ 3 KB
2 KB 65ms
60ms Script
application/javascript 172.67.203.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ameliadreams.com/pusher_mk2c.js
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3780240c03de6cec689901ffffe2eba7a73a965c3a24e5ab765712590fd1e076

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"66a7a819-dcb"
age: 5068
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66RrOfsrKi0%2FCjAgoJ7Y0JkjRhdvEJ2XzuBpE3w9%2FHE%2FUVtB3uw3N2g1Jf4SRBsEJSMFjain9CQ6eWzOLILZ9URBdCazJWqmHHyZFjPhzZvrkOIL48BFMngIY%2F4N8ohmnPxB"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25751&min_rtt=25030&rtt_var=1700&sent=31&recv=22&lost=0&retrans=0&sent_bytes=21694&recv_bytes=11862&delivery_rate=219176&cwnd=12000&unsent_bytes=0&cid=58f4a05bce358e4c&ts=183&x=1", cfExtPri, cfHdrFlush;dur=23
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 29 Jul 2024 14:32:57 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8fee231a4cabf1-YYZ
server: cloudflare

GET
H3 200 jquery-3.3.1.min.js Show response
ameliadreams.com/bk/js/ 85 KB
32 KB 47ms
46ms Script
application/javascript 172.67.203.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ameliadreams.com/bk/js/jquery-3.3.1.min.js
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"66a7a817-1538e"
age: 5068
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dRl1IcV0w3Mb1%2BW5kbwLS0jGVQ5L6tj0tozs%2BirOU1mRFRHJk6IpBQe3WE%2BV3iboag%2Bzs8EKhsp6C9P7lFX1v221aDc%2ByMjz7MVK4RwxddufbUrR%2BmognZpdXfv3ma5HFbT6"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27036&min_rtt=25030&rtt_var=2733&sent=55&recv=40&lost=1&retrans=1&sent_bytes=44758&recv_bytes=14291&delivery_rate=345593&cwnd=12120&unsent_bytes=0&cid=58f4a05bce358e4c&ts=246&x=1", cfExtPri, cfHdrFlush;dur=11
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 29 Jul 2024 14:32:55 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8fee238a7babf1-YYZ
server: cloudflare

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 69ms
34ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ameliadreams.com
Referer: https://ameliadreams.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fa9-4f71"
age: 255579
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wWHsVjsBUjBsXPO7%2BStePbOJZxEHILF6DNMZzvsN7y%2BfgC3tPVxe%2FueYMsEjrOWyTAexsieCATBWed2apt7NV0jm2U9ngosaT9F07mdOpGehV%2BF2BZFX6EUrPummvALclOVLkWl9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 18 Dec 2025 07:45:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 07:45:20 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:15:37 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f8fee240feaaace-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6451
server: cloudflare

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
15 KB 39ms
35ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ameliadreams.com
Referer: https://ameliadreams.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "67176c242e1bdc20603c878dee836df3"
age: 3312125
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 07:45:19 GMT
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 10/04/2024 02:53:43
cdn-requestpullcode: 200
priority: u=2,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 1
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 53687801ca2f55702ef1b8002ad24126
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8f8fee23dbb036fc-YYZ
access-control-allow-origin: *
cdn-edgestorageid: 1029
server: cloudflare
cdn-requestcountrycode: US

GET
H3 200 common.js Show response
ameliadreams.com/ameliadreams_com/js/ 50 KB
14 KB 50ms
45ms Script
application/javascript 172.67.203.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ameliadreams.com/ameliadreams_com/js/common.js
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c25868c5f2853f4fbae7cf69f7d83082866617ce96d1ef187442e92e629934

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"66a7a817-c807"
age: 5068
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J2WU08WOcAm%2FbTP6e7cPS08%2BAJRdy5kWxH4i%2BJhyhn%2FJdKBp9V%2B9HFY8kVqL2cu8827RhLdXCz6F%2BYHJMR8JESurE1KhvbgLdqgD7Dxsfjhu%2FeebpkY7sOM1p1HsADAd%2BbQU"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26067&min_rtt=24928&rtt_var=712&sent=84&recv=73&lost=1&retrans=1&sent_bytes=70294&recv_bytes=28264&delivery_rate=459948&cwnd=13320&unsent_bytes=0&cid=58f4a05bce358e4c&ts=304&x=1", cfExtPri, cfHdrFlush;dur=3
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 29 Jul 2024 14:32:55 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8fee23dab5abf1-YYZ
server: cloudflare

GET
H3 200 fingerprint.v3.js Show response
ameliadreams.com/bk/js/ 40 KB
17 KB 279ms
274ms Script
application/javascript 172.67.203.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ameliadreams.com/bk/js/fingerprint.v3.js
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b6580bed80935dc1351b552efeca8900f4e07bf491308c365492392503de24d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"66a7a818-a1c8"
age: 5068
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZKGsKfmBRbYx1T9rXlQVNxoG7PXD3RcTdNVUaFG7qrZapCf9bKiIMb6WnV%2FiY%2BUFf1HBLk39j1zGBCxJxmFl77iDqY8XXhJKpunRVMSh80eDZehqUQLW1XxIg1nKrUCgSuvV"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26067&min_rtt=24928&rtt_var=712&sent=81&recv=67&lost=1&retrans=1&sent_bytes=70222&recv_bytes=23530&delivery_rate=459948&cwnd=13320&unsent_bytes=0&cid=58f4a05bce358e4c&ts=297&x=1", cfExtPri, cfHdrFlush;dur=10
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 29 Jul 2024 14:32:56 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8fee23dab7abf1-YYZ
server: cloudflare

GET
H3 200 ui-tools.js Show response
ameliadreams.com/bk/js/ 9 KB
4 KB 302ms
298ms Script
application/javascript 172.67.203.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ameliadreams.com/bk/js/ui-tools.js
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81e494909ea24d8abae3e69daf5d234db9c07110693b83497824411f390572f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"66a7a817-23a1"
age: 5068
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8zBF%2FN4B2V2LVFsRnjxDgZCFmbh9vdfYsgSDIWcFwK2D1tkggHkZ9BQHS9SDT0RxjZ0eCh1PpkSUjHsihXVmLOvvFYnSD05G5DCrPdsxxQv6MTBIKODMDELenmn8q0Rg8L5C"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26067&min_rtt=24928&rtt_var=712&sent=83&recv=69&lost=1&retrans=1&sent_bytes=70270&recv_bytes=25108&delivery_rate=459948&cwnd=13320&unsent_bytes=0&cid=58f4a05bce358e4c&ts=299&x=1", cfExtPri, cfHdrFlush;dur=9
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 29 Jul 2024 14:32:55 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8fee23dab8abf1-YYZ
server: cloudflare

GET
H3 200 landing2-general.js Show response
ameliadreams.com/bk/js/ 2 KB
2 KB 304ms
299ms Script
application/javascript 172.67.203.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ameliadreams.com/bk/js/landing2-general.js
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c262530cf2fd714f731f6087d69a4c0a5fb20180503e55e72f3dfb84b59c50ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"66a7a817-9a3"
age: 5068
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDXF6qaSTA35Y67nB8X4C%2FJD32bhfxIFKbCBGGoZI2bOBFw7eOebHnAvcbTDIBasW8zhC%2FZcbFVN%2FATghXn0r6634mG%2F7YdTB5MSqqGFkXFocZg%2BOT7niSVn9SnK1L5psIeC"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26067&min_rtt=24928&rtt_var=712&sent=83&recv=69&lost=1&retrans=1&sent_bytes=70270&recv_bytes=25108&delivery_rate=459948&cwnd=13320&unsent_bytes=0&cid=58f4a05bce358e4c&ts=299&x=1", cfExtPri, cfHdrFlush;dur=9
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 29 Jul 2024 14:32:55 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8fee23dab9abf1-YYZ
server: cloudflare

GET
H2 200 tag_gen.js Show response
a.exoclick.com/ 948 B
928 B 152ms
33ms Script
application/javascript 2a02:6ea0:e200::17
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exoclick.com/tag_gen.js
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e200::17 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 03e39907c27031d0f8d4f65c42f4907567d9340f525fd5413bbd6591578440b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/

Response headers

x-robots-tag: noindex, follow
content-encoding: gzip
etag: W/"0ba3a9537edff3c091f8ed7b008"
x-77-cache: HIT
expires: Thu, 19 Dec 2024 13:58:32 GMT
date: Sat, 28 Dec 2024 07:45:20 GMT
content-type: application/javascript
x-served-by: hap03-web08-ny1-1
x-77-nzt-ray: 0f63d41989fb2df890ac6f670d72be05
vary: Accept-Encoding
x-77-nzt: EgwBbT1b5QH30iYAAAwBuTvfFAG3AAAAAA
cache-control: max-age=10800
access-control-allow-origin: *
x-77-pop: ashburnUSVA
x-77-age: 9938
server: CDN77-Turbo

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 222 KB
76 KB 620ms
298ms Script
application/javascript 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

ab6f545892f640da445a4695190e0e9eab30b2119cbbb2a0e40b2d96462eb039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
etag: "67655eba-12b7d"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Sat, 28 Dec 2024 08:45:20 GMT
access-control-allow-origin: *
content-length: 76669
date: Sat, 28 Dec 2024 07:45:20 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 12:10:34 GMT

GET
H3 200 header_bg-top_414.svg
ameliadreams.com/ameliadreams_com/img/bg/ 1 KB
1 KB 564ms
561ms Image
image/svg+xml 172.67.203.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ameliadreams.com/ameliadreams_com/img/bg/header_bg-top_414.svg
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/ameliadreams_com/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee37f82814fabb514179cb03a04df494d8791d4ab44fa0332bf3e0853730fbcf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/ameliadreams_com/css/main.css

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"66a7a817-593"
age: 435
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pn73bEAfcwvodOHvcJkdpn5aCaKQ%2BrG5OY9IynhAlkDNi%2BcdvvHCnEetazSYs0VJjws6H33itBhiaGPTWTWZiOy%2FzP8pawrCi4bnCl3sAr9bcNzccDPUQDYKQqfuPQB9omim"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26067&min_rtt=24928&rtt_var=712&sent=83&recv=69&lost=1&retrans=1&sent_bytes=70270&recv_bytes=25108&delivery_rate=459948&cwnd=13320&unsent_bytes=0&cid=58f4a05bce358e4c&ts=299&x=1", cfExtPri, cfHdrFlush;dur=9
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: image/svg+xml
last-modified: Mon, 29 Jul 2024 14:32:55 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8fee23dabaabf1-YYZ
server: cloudflare

GET
H3 200 AvenirNextCyr-Light.woff
ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/ 45 KB
45 KB 41ms
40ms Font
application/font-woff 172.67.203.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/AvenirNextCyr-Light.woff
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/ameliadreams_com/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44efd89690d4d6fe1bd29f6568cdcd0b44fb51ddc70338e0b7057da6ff00689c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ameliadreams.com
Referer: https://ameliadreams.com/ameliadreams_com/css/main.css

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"66a7a817-b21c"
age: 3346
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xEBob4iQ2Rc7JvHz7O10HsbfO56KV%2FvVXTfLuqs4IjULzxHkBGAhNog%2FAx4oKZzPjmm79KzdbfTMsnlW8mmfL9EM9aowQax4%2BOsvGIX2yJvxf4Zpdx1QUBTqUEX8yS%2F7BJGb"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25897&min_rtt=24928&rtt_var=501&sent=95&recv=79&lost=1&retrans=1&sent_bytes=80494&recv_bytes=28529&delivery_rate=532333&cwnd=13320&unsent_bytes=0&cid=58f4a05bce358e4c&ts=308&x=1", cfExtPri, cfHdrFlush;dur=1
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: application/font-woff
last-modified: Mon, 29 Jul 2024 14:32:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8fee23eac0abf1-YYZ
server: cloudflare

GET
H3 200 AvenirNextCyr-Demi.woff
ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/ 39 KB
40 KB 138ms
136ms Font
application/font-woff 172.67.203.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/AvenirNextCyr-Demi.woff
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/ameliadreams_com/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e73419dd79caad8096c4322975710d6619df2f0299dc8f727790cf6df78e8483

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ameliadreams.com
Referer: https://ameliadreams.com/ameliadreams_com/css/main.css

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"66a7a817-9c84"
age: 3346
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FMGqegzljUDsq8PObfrzwmtwK9UahkL40d8fzHBlmV6Fzqks1DwEmNDoEQdcVsJAhrY%2BT6CtJHUmv%2BWCn5tFx%2FzUdhW%2FJaxA2Pqxj7RPwODSyH0zXLBK6Wvj%2BIQX6xw2l3F%2F"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26040&min_rtt=24928&rtt_var=663&sent=99&recv=81&lost=1&retrans=1&sent_bytes=83614&recv_bytes=28619&delivery_rate=525105&cwnd=13320&unsent_bytes=0&cid=58f4a05bce358e4c&ts=309&x=1", cfExtPri, cfHdrFlush;dur=24
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: application/font-woff
last-modified: Mon, 29 Jul 2024 14:32:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8fee23eac3abf1-YYZ
server: cloudflare

GET
H3 200 AvenirNextCyr-Regular.woff
ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/ 39 KB
40 KB 40ms
38ms Font
application/font-woff 172.67.203.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/AvenirNextCyr-Regular.woff
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/ameliadreams_com/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d138c2ea5b228e5262212c66815d06d103de70734a33da9d4c4c316b9822d119

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ameliadreams.com
Referer: https://ameliadreams.com/ameliadreams_com/css/main.css

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"66a7a817-9dcc"
age: 3346
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TBUeuqktnvWUa9n8deoOA8TNK8wVItO6mINmyfZxufTo1AT4deQudrwc3wxCVg2KS9G2p9QMRAq%2FplNZB4494PG6g9hBUBJMIIQChW4WAlkUHKb4LsPLCn6wTIn6qXriqgdO"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25897&min_rtt=24928&rtt_var=501&sent=94&recv=79&lost=1&retrans=1&sent_bytes=79782&recv_bytes=28529&delivery_rate=532333&cwnd=13320&unsent_bytes=0&cid=58f4a05bce358e4c&ts=308&x=1", cfExtPri, cfHdrFlush;dur=1
date: Sat, 28 Dec 2024 07:45:19 GMT
content-type: application/font-woff
last-modified: Mon, 29 Jul 2024 14:32:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8fee23eac5abf1-YYZ
server: cloudflare

GET /
www.instagram.com/accounts/login/ 0
0

GET login.php
www.facebook.com/ 0
0

GET

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=de&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=de&passive=true&service=youtube&uilel=3&ifkv=AeZLP99x6JwK1RivMkQYKpvMryrXmuy9bOSPxhP4h6fjACgQQFlRreJN6f8B...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=de&ifkv=AeZLP98I09nm4_ZYWJO-MpzxzBmu65rYbV4od9Kj_I4Bf54HubpZDkX3w3CHhAASg1AN-uX6-t5PdA&passiv...

0
0

GET
H2 200 tag.php
s.ds3jbr.com/ 0
173 B 137ms
34ms Image
text/html 185.59.223.192
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ds3jbr.com/tag.php?goal=9aeecb98d05a87753a2934f2424e8ac2&stackUid=20241228074520351479
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.59.223.192 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: unn-185-59-223-192.cdn77.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/

Response headers

x-robots-tag: noindex, follow
content-encoding: gzip
date: Sat, 28 Dec 2024 07:45:20 GMT
content-type: text/html; charset=UTF-8
x-served-by: hap02-web24-ny1-1

GET
H2 200 tag.php
s.magsrv.com/ 0
173 B 128ms
32ms Image
text/html 185.59.223.192
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.magsrv.com/tag.php?goal=9aeecb98d05a87753a2934f2424e8ac2&stackUid=20241228074520351479
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.59.223.192 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: unn-185-59-223-192.cdn77.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/

Response headers

x-robots-tag: noindex, follow
content-encoding: gzip
date: Sat, 28 Dec 2024 07:45:20 GMT
content-type: text/html; charset=UTF-8
x-served-by: hap05-web08-ny1-0

GET
H2 200 tag.php
s.opoxv.com/ 0
173 B 137ms
34ms Image
text/html 185.59.223.192
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.opoxv.com/tag.php?goal=9aeecb98d05a87753a2934f2424e8ac2&stackUid=20241228074520351479
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.59.223.192 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: unn-185-59-223-192.cdn77.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/

Response headers

x-robots-tag: noindex, follow
content-encoding: gzip
date: Sat, 28 Dec 2024 07:45:20 GMT
content-type: text/html; charset=UTF-8
x-served-by: hap03-web21-ny1-1

GET
H2 200 tag.php
s.orbsrv.com/ 0
173 B 134ms
33ms Image
text/html 185.59.223.192
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.orbsrv.com/tag.php?goal=9aeecb98d05a87753a2934f2424e8ac2&stackUid=20241228074520351479
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.59.223.192 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: unn-185-59-223-192.cdn77.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/

Response headers

x-robots-tag: noindex, follow
content-encoding: gzip
date: Sat, 28 Dec 2024 07:45:20 GMT
content-type: text/html; charset=UTF-8
x-served-by: hap03-web03-ny1-1

GET
H2 200 tag.php
s.pemsrv.com/ 0
173 B 129ms
35ms Image
text/html 185.59.223.192
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pemsrv.com/tag.php?goal=9aeecb98d05a87753a2934f2424e8ac2&stackUid=20241228074520351479
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.59.223.192 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: unn-185-59-223-192.cdn77.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/

Response headers

x-robots-tag: noindex, follow
content-encoding: gzip
date: Sat, 28 Dec 2024 07:45:20 GMT
content-type: text/html; charset=UTF-8
x-served-by: hap02-web02-ny1-1

GET
H2 200 tag.php
syndication.realsrv.com/ 0
173 B 122ms
33ms Image
text/html 185.59.223.192
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://syndication.realsrv.com/tag.php?goal=9aeecb98d05a87753a2934f2424e8ac2&stackUid=20241228074520351479
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.59.223.192 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: unn-185-59-223-192.cdn77.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/

Response headers

x-robots-tag: noindex, follow
content-encoding: gzip
date: Sat, 28 Dec 2024 07:45:20 GMT
content-type: text/html; charset=UTF-8
x-served-by: hap04-web22-ny1-0

GET
H2 200 tag.php
s.zlinkp.com/ 0
173 B 128ms
34ms Image
text/html 185.59.223.192
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.zlinkp.com/tag.php?goal=9aeecb98d05a87753a2934f2424e8ac2&stackUid=20241228074520351479
Requested by: Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.59.223.192 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: unn-185-59-223-192.cdn77.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/

Response headers

x-robots-tag: noindex, follow
content-encoding: gzip
date: Sat, 28 Dec 2024 07:45:20 GMT
content-type: text/html; charset=UTF-8
x-served-by: hap05-web05-ny1-0

GET

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10608.7b2FgL0FNESV_KK0UBTrZbDDagiYqltedip8nmlRiF3Ut45rhPGBc5yjPEQpJGVM.RlFPsKRhcQhR_mu9yB9d8AZb4Tc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10608.a05ApvgiyHsl9qlXuEFz1rxojZmlIqfNO0NEu-T2SEKSS8XrEPvCS1pmVQdmaTMBoc2GQtoNQje1a7VM3rKvvkIFw8ULtkap7V5uG3HRaQx5DCsAfRb7hVQpaZ7i38LBf8vEK7nDsG...

0
0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
592 B 198ms
198ms Image
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
etag: "67655eba-2b"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Sat, 28 Dec 2024 08:45:21 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Sat, 28 Dec 2024 07:45:21 GMT
last-modified: Fri, 20 Dec 2024 12:10:34 GMT
content-type: image/gif

GET metrika_match.html
mc.yandex.com/metrika/ Frame 303A 0
0

GET 1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
lh3.google.com/u/0/d/ 0
0

GET like.php
www.facebook.com/v14.0/plugins/ 0
0

GET
H2

200

1 Show response
mc.yandex.com/watch/54294354/
Redirect Chain

https://mc.yandex.com/watch/54294354?wmode=7&page-url=https%3A%2F%2Fameliadreams.com%2Flanding2%3Fs1%3Dad_bsa%26s2%3DBSA42790ef75c0939dcc08bfa324356de5c%26s3%3D128%26s4%3D329742_69881_%26s5%3D%26lb...
https://mc.yandex.com/watch/54294354/1?wmode=7&page-url=https%3A%2F%2Fameliadreams.com%2Flanding2%3Fs1%3Dad_bsa%26s2%3DBSA42790ef75c0939dcc08bfa324356de5c%26s3%3D128%26s4%3D329742_69881_%26s5%3D%26...

622 B
823 B

148ms
148ms

Fetch
application/json

2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/54294354/1?wmode=7&page-url=https%3A%2F%2Fameliadreams.com%2Flanding2%3Fs1%3Dad_bsa%26s2%3DBSA42790ef75c0939dcc08bfa324356de5c%26s3%3D128%26s4%3D329742_69881_%26s5%3D%26lbcid%3Deb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224%26lb%3D1%26bt%3D2%26oid%3D9177%26r%3D%26ph%3Dcd810224654353ec4af47cf4fc09b718%26vd%3DeyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ%3D%3D&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A751655149904%3Ahid%3A1034393348%3Az%3A-480%3Ai%3A20241227234521%3Aet%3A1735371921%3Ac%3A1%3Arn%3A183372890%3Arqn%3A1%3Au%3A173537192178048877%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A379%3Awv%3A2%3Ads%3A60%2C33%2C122%2C3%2C3%2C0%2C%2C554%2C0%2C%2C%2C%2C778%3Aco%3A0%3Acpf%3A1%3Ans%3A1735371919609%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735371922%3At%3AAmelia%20Dreams&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

5a02b226e58ebb998186061712fdb598b191d8bcbd753a6b0718f4fe5fd4f98d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Sat, 28-Dec-2024 07:45:21 GMT
access-control-allow-origin: https://ameliadreams.com
content-length: 622
date: Sat, 28 Dec 2024 07:45:21 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
last-modified: Sat, 28-Dec-2024 07:45:21 GMT

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/54294354/1?wmode=7&page-url=https%3A%2F%2Fameliadreams.com%2Flanding2%3Fs1%3Dad_bsa%26s2%3DBSA42790ef75c0939dcc08bfa324356de5c%26s3%3D128%26s4%3D329742_69881_%26s5%3D%26lbcid%3Deb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224%26lb%3D1%26bt%3D2%26oid%3D9177%26r%3D%26ph%3Dcd810224654353ec4af47cf4fc09b718%26vd%3DeyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ%3D%3D&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A751655149904%3Ahid%3A1034393348%3Az%3A-480%3Ai%3A20241227234521%3Aet%3A1735371921%3Ac%3A1%3Arn%3A183372890%3Arqn%3A1%3Au%3A173537192178048877%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A379%3Awv%3A2%3Ads%3A60%2C33%2C122%2C3%2C3%2C0%2C%2C554%2C0%2C%2C%2C%2C778%3Aco%3A0%3Acpf%3A1%3Ans%3A1735371919609%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735371922%3At%3AAmelia%20Dreams&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 28-Dec-2024 07:45:21 GMT
access-control-allow-origin: https://ameliadreams.com
x-xss-protection: 1; mode=block
date: Sat, 28 Dec 2024 07:45:21 GMT
last-modified: Sat, 28-Dec-2024 07:45:21 GMT

POST
H2 200 1
mc.yandex.com/watch/54294354/ 43 B
86 B 148ms
147ms Ping
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/54294354/1?page-url=https%3A%2F%2Fameliadreams.com%2Flanding2%3Fs1%3Dad_bsa%26s2%3DBSA42790ef75c0939dcc08bfa324356de5c%26s3%3D128%26s4%3D329742_69881_%26s5%3D%26lbcid%3Deb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224%26lb%3D1%26bt%3D2%26oid%3D9177%26r%3D%26ph%3Dcd810224654353ec4af47cf4fc09b718%26vd%3DeyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ%3D%3D&charset=utf-8&uah=chm%0A%3F0&hittoken=1735371921_206aa24614ee3d45d7f2d94f9b276a66aed04e0a3f317e5d14b416ebb922deef&browser-info=pa%3A1%3Aar%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1551%3Acn%3A1%3Adp%3A1%3Als%3A751655149904%3Ahid%3A1034393348%3Az%3A-480%3Ai%3A20241227234521%3Aet%3A1735371922%3Ac%3A1%3Arn%3A112693449%3Arqn%3A2%3Au%3A173537192178048877%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1954%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1735371919609%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735371922&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(42009092)ti(0)&force-urlencoded=1&site-info=%7B%22pub%22%3A%22ad_bsa%22%2C%22sub%22%3A%22128%22%2C%22landing_page%22%3A%22default%22%2C%22is_vw%22%3A%220%22%2C%22vw%22%3A%22%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ameliadreams.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
expires: Sat, 28-Dec-2024 07:45:21 GMT
access-control-allow-origin: https://ameliadreams.com
content-length: 43
x-xss-protection: 1; mode=block
date: Sat, 28 Dec 2024 07:45:21 GMT
content-type: image/gif
last-modified: Sat, 28-Dec-2024 07:45:21 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.instagram.com
URL: https://www.instagram.com/accounts/login/?next=%2Ffavicon.ico

Domain: www.facebook.com
URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=de&ifkv=AeZLP98I09nm4_ZYWJO-MpzxzBmu65rYbV4od9Kj_I4Bf54HubpZDkX3w3CHhAASg1AN-uX6-t5PdA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S84322489%3A1735371920606019&ddm=1

Domain: mc.yandex.com
URL: https://mc.yandex.com/sync_cookie_image_decide?token=10608.a05ApvgiyHsl9qlXuEFz1rxojZmlIqfNO0NEu-T2SEKSS8XrEPvCS1pmVQdmaTMBoc2GQtoNQje1a7VM3rKvvkIFw8ULtkap7V5uG3HRaQx5DCsAfRb7hVQpaZ7i38LBf8vEK7nDsGI7XSq0wZFjJfK0d71eDYAKE1XiKL1YZZAoQViWCUbUtq0mKd2CDXbx4q-JGEjo3GmFMtDBWn-Aura7LydgxORiTzWeJps4PZc%2C.kp8CjzJV7i4qsASzpOjME6pjtbQ%2C

Domain: mc.yandex.com
URL: https://mc.yandex.com/metrika/metrika_match.html

Domain: lh3.google.com
URL: https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100

Domain: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/like.php

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.www.xnx.dog/	1970-01-21 02:04:18	Name: session_id Value: 71b65a34e4820e789943c460e0b13faf
www.www.xnx.dog/	1970-01-21 02:02:55	Name: afd_style_id Value: 7637993503
.xnx.dog/	1970-01-21 11:24:27	Name: __gsas Value: ID=a25cf34a248d9b2f:T=1735371917:RT=1735371917:S=ALNI_MY_8h-YV3eHTuypklQXv4KuDxRUTg
t.ajrkm.link/	1970-01-21 11:38:51	Name: enc_aff_session_3788 Value: ENC03f7b93749ddee3ede63c90f1b7dde53f8daf4d12e8d816d07a28a3e58016e9f4a5a6e35b30e63d470f2ffda64c5143bb52aeb98306016d3c6e20dec6dafc144664e13a16faf565426cf297a53289ad9ba72201e368873422ac9573c0a0701ef0a379e0a664d5f664bdefd752382d6d0aacfee03417482e9dabdff4a47234cecac3e13cfe30a13bf3e90acf687a1d1c9bb3d62636692782f0fe70ee3c9ae50b435ba425c5785e0701ac1264931ebdf1f8bc1642d5dfcaa60c5fa2dae1bb7e0edd695a843df5d53d82401fcecc800d0d593978d34ce4ca6f78e4c78d1a769402bb31be33cdb
t.ajrkm.link/	1970-01-21 11:38:51	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMzEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTMxLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0%3D
.a.vfghc.com/	1970-01-21 02:04:18	Name: 487c489c-8ee4-40f8-b2ec-dc0e342b5275-v4 Value: w3bcTCJbcvYigV5wHmBsdqihEji6bRz2rxyvf3r25SM
.a.vfghc.com/	1970-01-21 10:48:27	Name: cc-v4 Value: mQYfp%2BTP6kvVwX0ze9XqVmuJ23F5DKetwE9vFSiunF62O%2BopKePZLQQIIpeveMnrXKM8DBFVNqZR2%2B7fyGxwJDBD7rlLJOMHrvFi9RM7FphbRpGg1D7oYpXlR8YDIYAsJG61FUT0wPuor9m4eFuylg%3D%3D
.a.avlm3.com/	1970-01-21 02:04:18	Name: 6dea95f7-febc-4fec-b477-c5c9e4651559-v4 Value: pF1Fr23yQe_jJKlst4gwhesv3p8ezdiioOYI97o9Kc4
.a.avlm3.com/	1970-01-21 10:48:27	Name: cc-v4 Value: bkpje9SaZj0mOj158gjdH4EhtqQUyeO1D2BlB300lhZabfPJBXq0CGeK%2BMqqSqCxsajKRI4BUK7Lw1ZiOI%2FU29PC0SF5frPFUiUpmhPtEZnppD24%2F1q2%2F9Misd7bmjxiPt3d7IZ3eaeWaKBl9txqRQ%3D%3D
s.sloffer1.com/	1970-01-21 11:38:51	Name: enc_aff_session_9819 Value: ENC03b0016766195bcb20daf6e9c2228c5a8c63f65df7a4d9cfaac2f4752641e5c6447402eab1352ed44c482bf77262268d348dcc165d4713d833aae946113cbbfb466eb75424914c51083c140bd69d9007fb7407628d616a08820c996ed425a62d4c676c9f4d0492580c6103ca71eab937b5f79218f6aedb301a607bb9a8dda52b032d9de9301d556bc39cb8681b8ad508ee64e14091747e2e284ba4a97f4b04aa1690695e47c197279de63d31d64d81e8d13c04eaa48636bde9185c0a46fa133cf2216a22eb4adcaa0b5d8243f60ab05cefccc1e5103dfcf24657ab18582e0984bd07dd1fa5dcd69d5a46c9060f35206125dc80b0275ca18f7197c5f6f9eedf9c050e186381
s.sloffer1.com/	1970-01-21 11:38:51	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMzEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTMxLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0%3D
bestdate.vip/	1970-01-21 02:03:35	Name: BSA-offer3356 Value: 1
dategen.com/	1969-12-31 23:59:59	Name: SRVNAME Value: s9
.dategen.com/	1970-01-21 10:48:27	Name: cf_clearance Value: x.ydiGI7L7M0UWf8wmaxNokx40NZAjF_jaJNUHTiIDU-1735371919-1.2.1.1-EXv55Maq3h.oY70SXxzHqhG84.7P7ca2.o_h_qyixHOmcAvhNOhWdqHtpKGlLM7qLftuoV9XOT.9T.l0mOkweJwDsuOJ1JF_dXRRQqly7mHl9kl8SWPPP2vCBeO3isbPby.Aj3ZT.WTxSKmAkeYeIX7fqCkkf9cOzlA7ocZ4S0m9SjgqkhqvvgSui2h.e8FwCQwVvgBasXXP1.010v5owtOhXJ_.T8W6yyZDOu4zfl5GAkGdzIKOdOHMpVH2QTQ9isTcMRVsY0w2Sw7hqG3IdBtsiAh5jWBs7HPOd8QRnlWwLu6kNfuvzWdqycwwpuQcOAr5NkHPeInm35rVwmRXVe.mTW6959yOk_KoUw68nDxjHGmhPo9oSmfU6ruI8jAm
ameliadreams.com/	1970-01-21 11:38:51	Name: cid Value: eyJpdiI6IlFUbTQ2OFd3ZEJcL2UwNURvN3F3YzBRPT0iLCJ2YWx1ZSI6IjNoTDRPWFNZQlBGa2NmSWJvZHZqSGtqZTlwQ3F6d0NLZ1lMQ2c1d280VThhS1wvclpCUHVDSU1mOG5hYjQ1bHlJIiwibWFjIjoiYmU4MDA0NmY5ZTlhMmNiMWJiZjc0NWY1OTgxZmY0MjUxZjEwNDM1OTdiOTBmMDRjOTZjZDk0ZGNhZDlkZmI4MSJ9
ameliadreams.com/	1970-01-21 11:38:51	Name: pubid Value: eyJpdiI6IjBhQTd5NVRlRWJENktzYlJYZnB4WUE9PSIsInZhbHVlIjoiaGpjTmQ5WTVaa29hSkhmMFF5NUxmUT09IiwibWFjIjoiNjRlNzIzZDBhZWI5ZmE1NDhhNDA2Y2Q3ZDI4MzVjNTU3MWFlZGY2OTE3MmM3MTY4YmRkMDU1OTVlNmMxOWJlZiJ9
ameliadreams.com/	1970-01-21 11:38:51	Name: subid Value: eyJpdiI6Ik5UVXhma21LZjRuSlJ0SXZBSGNEbUE9PSIsInZhbHVlIjoiSTNIMUIwUXJKZndpT3Q4eUNaWU1KQT09IiwibWFjIjoiMGQxMGM4NzJlMjIxYjAwZTNkZTEyNTFjNTU2ZTUxZjJkYTcyMDZmYTkyZTBkMjM0NGMzNTg4ZTkwOGI0ZDQ1ZiJ9
ameliadreams.com/	1970-01-21 11:38:51	Name: bt Value: eyJpdiI6Im1la3NHekFVVnBDd3M1dzNJVkVyb2c9PSIsInZhbHVlIjoiZkVaSG1lNmdKeGpneE9yWWZ5SldCQT09IiwibWFjIjoiNzVjNjI5Y2MwNGZlNjBlYmE2ZDJmMjQ5YTA2OGIyY2UyYTg0NzhhMDE2OGExN2U1YTk4MzUzOWNiYTIxZjg3ZiJ9
ameliadreams.com/	1970-01-21 02:02:59	Name: XSRF-TOKEN Value: eyJpdiI6IlArSitSTjYwaUVmYnp5dzZxTUY3dmc9PSIsInZhbHVlIjoiYk41Rng2YXg3cUoyejA2eVorbk91SmNCQnpSMnZxbWlcL3RpM1JQVkJiTnNjSENjRXBpRmh6aFc1K2YzT3VjbHRUMDE4eVBpVUxoNFNNd2piRVFPOURnPT0iLCJtYWMiOiJiMGNhYzJkNDVhMjAyMDI4ZmM2OGE1NjhiYmE2ZjQ3MGE4MjUyZmQ2OTNhN2YyMzc2MDhkODQyZTliMGVmZWYwIn0%3D
ameliadreams.com/	1970-01-21 02:02:59	Name: laravel_session Value: eyJpdiI6InJzbkU2aTRcL1BxY1wvSFRibEs1NlVPdz09IiwidmFsdWUiOiJDU2crRTl6czF1N2pEdHZHSVF0bllVcUgrbk00ZnpWR3JBYXQxY2swaG1SZ05NOVpBK2tqbnA3ZUVpRWJMT2Z2SFVBVnZQMVl4SUpueVZVXC9FUmJNalE9PSIsIm1hYyI6IjE2MDljODQ4MzhhZTI2OTVlY2JkYmQzOGI1MjJjODBkNjFlOGJlMDFiZmFiN2Q5OTQ1ZWJjZjIzNjkzZGRiOGIifQ%3D%3D
svntrk.com/	1970-01-21 11:38:51	Name: scktrk Value: 676fac8fe19f2-9-1224
.instagram.com/	1970-01-21 10:47:01	Name: csrftoken Value: kG3fon-EwZJ5giHmjVMk1U
.instagram.com/	1970-01-21 11:38:51	Name: mid Value: Z2-skAAEAAF_rlK4Cm9OQtnpyO2X
.yandex.ru/	1970-01-21 11:38:51	Name: i Value: nWnNprn+nz/PR5Xld7oXxm2eJEuzRa0JZYfoC+rciRBm4vq40+1jLMuiHb9tT5ktbu2gHSoWMWSm+0gesz8ImoVGBRE=
.yandex.ru/	1970-01-21 11:38:51	Name: yandexuid Value: 9017993511735371920
.yandex.ru/	1970-01-21 10:48:27	Name: yashr Value: 5341558711735371920
.ameliadreams.com/	1970-01-21 10:48:27	Name: _ym_uid Value: 173537192178048877
.ameliadreams.com/	1970-01-21 10:48:27	Name: _ym_d Value: 1735371921
.mc.yandex.com/	1970-01-21 02:02:52	Name: sync_cookie_csrf Value: 3789076425fake
.yandex.com/	1970-01-21 11:38:51	Name: i Value: 65W1/xem7NdCjTer/amvE57w4mFuOsNmqtHdW0NA8EwBbX5ZNhOAuBiCzBrvo2uVr6fbXoKiZZK7SPTKYLT0n9OFP94=
.yandex.com/	1970-01-21 11:38:51	Name: yandexuid Value: 1928791531735371921
.yandex.com/	1970-01-21 10:48:27	Name: yashr Value: 2096837221735371921
.ameliadreams.com/	1970-01-21 02:04:03	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-21 02:02:52	Name: sync_cookie_csrf Value: 1406587332fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1012261471735371921
.yandex.com/	1970-01-21 11:38:51	Name: yuidss Value: 1928791531735371921
.yandex.com/	1970-01-21 10:48:27	Name: ymex Value: 2050731921.yrts.1735371921
.yandex.com/	1970-01-21 10:48:27	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 11:38:51	Name: bh Value: KgI/MGCR2b67Bg==
.ameliadreams.com/	1970-01-21 02:02:53	Name: _ym_visorc Value: w

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://dategen.com/lbc?s1=ad_bsa&oid=9177&s3=128&s2=BSA42790ef75c0939dcc08bfa324356de5c&s4=329742_69881_&lb=1 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A060017C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==(Line 189) Message: [GroupMarkerNotSet(crbug.com/242999)!:A0301D007C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://ameliadreams.com/landing2?s1=ad_bsa&s2=BSA42790ef75c0939dcc08bfa324356de5c&s3=128&s4=329742_69881_&s5=&lbcid=eb12fe51-10cf-4abc-bc2b-0bafdf08cbdb-9-1224&lb=1&bt=2&oid=9177&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ== Message: [GroupMarkerNotSet(crbug.com/242999)!:A0601D007C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.avlm3.com
a.exoclick.com
a.vfghc.com
accounts.google.com
ameliadreams.com
bam.nr-data.net
bestdate.vip
cdnjs.cloudflare.com
dategen.com
js-agent.newrelic.com
lh3.google.com
mc.yandex.com
mc.yandex.ru
partner.googleadservices.com
s.ds3jbr.com
s.magsrv.com
s.opoxv.com
s.orbsrv.com
s.pemsrv.com
s.sloffer1.com
s.zlinkp.com
stackpath.bootstrapcdn.com
svntrk.com
syndicatedsearch.goog
syndication.realsrv.com
t.ajrkm.link
www.facebook.com
www.google.com
www.instagram.com
www.www.xnx.dog
accounts.google.com
lh3.google.com
mc.yandex.com
www.facebook.com
www.instagram.com
104.17.24.14
104.18.11.207
162.247.243.29
172.217.197.155
172.67.176.184
172.67.197.110
172.67.203.58
173.194.66.147
185.59.223.192
2600:3c00::f03c:94ff:fe10:f38
2600:9000:250a:800:12:673e:19c0:93a1
2600:9000:28a6:f400:7:411:6c0:93a1
2602:816:5001::39
2606:4700:20::ac43:4bfc
2607:f8b0:400d:c04::8b
2a02:6b8::1:119
2a02:6ea0:e200::17
3.167.99.64
34.236.83.126
016624b730bb6b3ff68f2a97e135bca60ae9d7c632ea2131471417bbc0d4dc23
03e39907c27031d0f8d4f65c42f4907567d9340f525fd5413bbd6591578440b0
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
12c25868c5f2853f4fbae7cf69f7d83082866617ce96d1ef187442e92e629934
24c87ef89f254219bd365bcac1254142c686179fa5640518a599e91b6e42259d
3780240c03de6cec689901ffffe2eba7a73a965c3a24e5ab765712590fd1e076
44efd89690d4d6fe1bd29f6568cdcd0b44fb51ddc70338e0b7057da6ff00689c
47f6c0553432e73bab8c7508f4c7c11d2ebe5dfbbe51cc0b583a10ee5a126c99
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560f0d54044aa8812d2fe17c5fa4624fe6db8dc54ddccf5f11dd9fc766b88d6f
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5a02b226e58ebb998186061712fdb598b191d8bcbd753a6b0718f4fe5fd4f98d
5ae4a818071e118ec992196dcd42ae85ee0e320381140eb59d08ceb416402aed
5b6580bed80935dc1351b552efeca8900f4e07bf491308c365492392503de24d
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cb970e569b4778009455be4a931b2c66162991d5903cd2798e7d07446479ac3
81e494909ea24d8abae3e69daf5d234db9c07110693b83497824411f390572f8
8c88ee7c40a98d8410f9c0d0fa1b151bcf0e18ac2d11f6aff210ee00cfc99317
98d4465fe27114b18f8908d87749bf0dbcf1e62966b2567fbbaaf13003817894
9a9622bf899b7d4a0e3e56f1051aeb09114f1d19cebd4e4b2e6f498d1283b687
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
aa2039e333f3f628908eebc320fef33540efe96c4b2ea7b33bdbce4ab1120a25
ab6f545892f640da445a4695190e0e9eab30b2119cbbb2a0e40b2d96462eb039
c262530cf2fd714f731f6087d69a4c0a5fb20180503e55e72f3dfb84b59c50ed
d138c2ea5b228e5262212c66815d06d103de70734a33da9d4c4c316b9822d119
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73419dd79caad8096c4322975710d6619df2f0299dc8f727790cf6df78e8483
ead76a185fc8f62dabf641fe4edc4817e277aa7a61b64f496eaf60546e3aae61
ee37f82814fabb514179cb03a04df494d8791d4ab44fa0332bf3e0853730fbcf
f5aa178612191d9d889844a8ff490e4b40ccde38d959c8f5bb648521d0a21b3c
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

ameliadreams.com Open in urlscan Pro 172.67.203.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

72 %HTTPS

42 %IPv6

28 Domains

30 Subdomains

15 IPs

3 Countries

737 kBTransfer

1424 kBSize

40 Cookies

0 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ameliadreams.com Open in urlscan Pro
172.67.203.58 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

72 %
HTTPS

42 %
IPv6

28
Domains

30
Subdomains

15
IPs

3
Countries

737 kB
Transfer

1424 kB
Size

40
Cookies

54 HTTP transactions
0 data transactions